In this study, we explain the importance of managing operational risks in financial institutions and banks. COBIT and specially the national legal framework will be described more precisely. In this regard, methods and principles of information system auditing is presented and explained. Lockhart method is used, which is scaled from "completely unsatisfactory" to "completely satisfactory". The results for 2012 show that the audit method has a positive, significant effect on the efficient management of operational risks.