Based on China’s resource endowment and coal mine disaster statistics, it has been found that there are many deficiencies in the management of disasters and risks in mining areas in China. Therefore, to scientifically and effectively manage mining areas, based on the theory of internal control, this paper systematically analyzes the risks of mining areas in the context of various factors and relevant suggestions. From the occurrence of mine risk to the occurrence of damage, the importance of risk management is highlighted. In accordance with the five selection principles of evaluation indicators (goal principle, comprehensiveness principle, scientificity principle, timeliness principle and focus principle) as well as the five elements of internal control (control environment, risk assessment, control activities, information and communication and supervision), a mining area risk managementframework of human-machine-environment-management – disturbance is constructed, and twentyseven secondary risk indicators are divided. The criteria for determining the risk level and the risk response process have been established, and a more systematic and accurate mine risk management system under the theory of internal control has been formed. Finally, based on four key technologies, a dual prevention and control mechanism is formed around the system risk and job risk management system. This provides new methods and ideas for the prevention and control of coal mine safety risks and the containment of disasters and accidents.

The chapter deals with the issue of the risk and security management process in public administration, according to the internal audit standards and their requirements. Main legal acts and standards were specified and shortly described. Specially the risk analysis process and security measures selection were emphasized. The possibility to use the software tools for the risk analysis and security measures selection support in public administration was presented. The experiment of OSCAD usage in public administration was shortly described and its results were presented. This experiment shows that the software primarily intended for IT Security Management can be used for risk management in different area as well, for example – in public administration. Some possibilities of further development of risk management supporting tools were proposed.