The invention is applicable to the technical field of information security, Provided are a method and a terminal device for protecting and auditing a policy based on information security, The method comprises: receiving a security request sent by a client, the preservation request includes customer identification and policy change information. If the policy change factor includes an insurance information change factor, extracting the underwriting factor from the insurance information change factor, the underwriting factor coefficients for each underwriting factor are obtained, based on the underwriting factor coefficient and the customer 's importance rating, Determining the customer's risk index, obtaining customer information according to customer identity, extracting multiple risk keywords from customer information, According to the underwriting scores corresponding to a plurality of risk keywords and according to the underwriting scores, acquiring the underwriting index of the customer, and based on the comparison result of the risk index and the underwriting index, adding the preservation request with the corresponding approval mark, which can save the human cost of the preservation review of the preservation policy, improve the review efficiency, and improve the accuracy of the review.