As smartphones and a variety of handheld devices increasingly popular, the use of the payment instrument when customer shopping is also facing innovation. ‘‘Mobile Payment’’ is on the rise within these years and has been a focus among the telecommunication companies, financial industry, and mobile phone makers. Coupled with the rapid changes in consumption habits, evolved from the sale on physical stores to more and more network transactions, diversification of the payment patterns are appeared. Personal mobile devices combined with financial payment instruments, so that users can go out without a wallet that still complete the transaction easily. It is the future trend and makes the field of payments an innovation push. 2015 is considered the first year of mobile payment. Our government units are also pushing this new mode of payment. In January 2015, FSC relaxation for mobile payment platform to operate without being a trial basis. Legislative Yuan also has the Third Reading of ‘‘The Act Governing Electronic Payment Institutions.’’ These actions make mobile payments hot suddenly. However, with the development of this emerging technology, also led all sectors concern about its safety and risk. The operation of related industries or companies also deeply affected. In the mobile payment environment, it brings opportunities to the enterprise, but also implies risk. Therefore, we want to start from exploring the mobile payment threats and risks. Further, explore how enterprises implement control. To ensure that the organization's risk control are well-designed and effective implementation. This study discuss, develop and verify an effective and feasible audit mechanism to ensure enterprise have effective control those risks of mobile payment. The mechanism also provides internal controls and audit practice model. This study identifies enterprise risks that include issues and challenges under the mobile payment environment through literature review and the Delphi expert questionnaire. Then classification of risk factors based on the cross-risk of enterprise from the Research Central of Economics. Furthermore, this study also develops auditing items for this environment under COSO framework. Use these auditing items to test or evaluate the risk whether has a good management or not. Finally, by the way of case studies, to verify the feasibility of the research output. Based on recommendations provided by interviewees, discussing the mechanism and get the results. Therefore, by the use of checklist, including CMMI model, we can review the degree of internal controls implementation, review whether the internal controls are integrity, and fully implement.