At present，the information system risk represents a serious threat to financial stability，it would become very important as to how to carry on an effective risk assessment and audit management for financial information system.This paper takes the theory of “audit immunity” as the theoretical guidance，and the “information entropy” as a key technology，and combines the hierarchical structure of financial risk information system.Then，the paper constructs an entropy model of risk assessment of financial information system on which the construction strategies of audit immune mechanism for financial information system are based and explored from the perspectives of “immune surveillance”，“immune homeostasis” and “immune defense”.