HOW FINANCIAL AUDITORS USE CAATS AND PERCEIVE ERP SYSTEMS?



Similar documents
AIS Audit Support by Simulation and Simulation Criteria Definition

4 Testing General and Automated Controls

The Impact of Enterprise Resource Planning (ERP) System on the Cost and Price of Auditing Auditor s Perspective

INTERNATIONAL STANDARD ON AUDITING 610 USING THE WORK OF INTERNAL AUDITORS CONTENTS

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

Enterprise Resource Planning (ERP) Software Implementation Impacts on the Auditing Activities

Qi Liu Rutgers Business School ISACA New York 2013

2. Auditing Objective and Structure What Is Auditing?

Integrated Approach Model of Risk, Control and Auditing of Accounting Information Systems

Data mining life cycle in fraud auditing

Data Analysis: The Cornerstone of Effective Internal Auditing. A CaseWare Analytics Research Report

EVALUATION OF THE EFFECTIVENESS OF ACCOUNTING INFORMATION SYSTEMS

SWOT ANALYSIS ON SAMPLING METHOD. Chis (Chira) Anca Oana, Belenesi Marioara 1. University 1 December 1918, Alba Iulia, Alba, Romania 2

The Implications of Inherent Risks Assessment in Audit Risk Limitation

The Effect of Applying the Information Technology Audit Standard # 21 on the Risk Related to ERP System in the Jordanian Companies

The Accounting Information Systems Curriculum: Compliance with IFAC Requirements

Operational Risk Management - The Next Frontier The Risk Management Association (RMA)

THE IMPORTANCE OF BRAND AWARENESS IN CONSUMERS BUYING DECISION AND PERCEIVED RISK ASSESSMENT

ERP Systems: Audit and Control Risks

THE EXISTING BARRIERS IN IMPLEMENTING TOTAL QUALITY MANAGEMENT

AUDITOR INDEPENDENCE, AUDIT COMMITTEE QUALITY AND INTERNAL CONTROL

Practical Experience Requirements Initial Professional Development for Professional Accountants

DNV GL Assessment Checklist ISO 9001:2015

The Future of Audit. AICPA s ASEC (Assurance Services Executive Committee)

ISA 620, Using the Work of an Auditor s Expert. Proposed ISA 500 (Redrafted), Considering the Relevance and Reliability of Audit Evidence

ISRE 2400 (Revised), Engagements to Review Historical Financial Statements

Risks and Audit Objectives for IT Outsourcing

DATA ANALYSIS: THE CORNERSTONE OF EFFECTIVE INTERNAL AUDITING. A CaseWare IDEA Research Report

Board of Directors and Senior Management 2. Audit Management 4. Internal IT Audit Staff 5. Operating Management 5. External Auditors 5.

Information Technology In The Accounting Curriculum

Learning Outcomes Implementation Guidance - Revised Staff Questions & Answers Document

Factors Influencing Audit Technology Acceptance by Audit Firms: A New I-TOE Adoption Framework

Navigating the Standards for Information Technology Controls

FROM ACCOUNTING REGULATIONS TO VALUATION PRACTICE - THE APPRAISER S ROLE IN TANGIBLE ASSETS REVALUATION

Chapter 8: The Internal Environment

Cloud Computing and Business Intelligence

Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained

AN ANALYSIS FRAMEWORK FOR DEFINING THE REQUIRED IT&C COMPETENCIES FOR THE ACCOUNTING PROFESSION

International Education Standards Establishing the Proficiency of Accounting Professionals

PROGRAMME SPECIFICATION University Certificate Psychology. Valid from September Faculty of Education, Health and Sciences -1 -

ISSAI Planning an Audit of Financial Statements. Financial Audit Guideline

KEY FACTORS AND BARRIERS OF BUSINESS INTELLIGENCE IMPLEMENTATION

Audit Quality Thematic Review

CASE STUDY. IDC & Managed Hosting

Application for MPCAA Board of Directors. 1. What interests you most about serving on MPCAA s Board of Directors?

Impact of Customer Relationship Management of Hotel (A Case study Umaid Bhwan)

Survey of more than 1,500 Auditors Concludes that Audit Professionals are Not Maximizing Use of Available Audit Technology

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

How To Audit A Financial Statement

SENIOR SYSTEMS ADMINISTRATOR

TERMS OF REFERENCE FOR STRATEGIC PLANNING & MANAGEMENT EXPERT

CPA Firms Hiring Preferences and the 150-Hour Requirement

IDENTIFYING ISSUES WITH LOCAL RECREATION PROVIDERS FOR THE INDIANA SCORP

SESSION 3 AUDIT PLANNING

Modern Accounting Information System Security (AISS) Research Based on IT Technology

Internal Control Systems

INTERNATIONAL STANDARD ON AUDITING 530 AUDIT SAMPLING AND OTHER MEANS OF TESTING CONTENTS

INTERNATIONAL STANDARD ON AUDITING (UK AND IRELAND) 530 AUDIT SAMPLING AND OTHER MEANS OF TESTING CONTENTS

PROFESSIONAL SATISFACTION OF TEACHERS FROM KINDERGARTEN. PRELIMINARY STUDY

The Role of Internal Auditing During Mergers & Acquisitions: The European Union Experience

STRESSFUL ENVIRONMENTAL FACTORS AFFECTING HUMAN CAPITAL DEVELOPMENT

PERCEIVED VALUE OF BENEFITS FOR PROJECT MANAGERS COMPENSATION. Răzvan NISTOR 1 Ioana BELEIU 2 Marius RADU 3

CHANGES CAUSED BY COMPUTERIZATION IN ACCOUNTING MANAGEMENT

THE ROLE AND IMPORTANCE OF INFORMATIONAL TECHNOLOGIES IN ENSURING THE SUCCESS OF HRM ACTIVITIES

High Value Audits: An Update on Information Technology Auditing. Robert B. Hirth Jr., Managing Director

Initial Professional Development Technical Competence (Revised)

ARGUMENTS ON USING COMPUTER-ASSISTED AUDIT TECHNIQUES (CAAT) AND BUSINESS INTELLIGENCE TO IMPROVE THE WORK OF THE FINANCIAL AUDITOR

Background. Audit Quality and Public Interest vs. Cost

Control Environment Questionnaire

ELEMENTS OF STRATEGIC PLANNING PRACTICES IN TRANSYLVANIAN SMEs

Certified Information Systems Auditor (CISA)

ISAE 3000 (Revised), Assurance Engagements Other Than Audits or Reviews of Historical Financial Information

Asset Management Systems Scheme (AMS Scheme)

# # % &# # ( # ) + #, # #./0 /1 & 2 % & 6 4 & 4 # 6 76 /0 / 6 7 & 6 4 & 4 # // 8 / 5 & /0 /# 6222 # /90 8 /9: ; & /0 /!<!

James A. Hall Chapter Accounting Information Systems, 4th. Ed. The Information System THE INFORMATION SYSTEM: AN ACCOUNTANT S PERSPECTIVE

1/21/2014. Agenda. Audit Testing. The Basics of Internal Auditing January 23-24, 2014

ISSAI Audit Evidence Specific Considerations for Selected Items. Financial Audit Guideline

Development of the athletic training major and curriculum, development of the NATA Board of Certification

Building Social CRM Framework. on Enterprise Architecture Framework. Using Value Chain Process Approach

COMMUNITY COLLEGE OF CITY UNIVERSITY CITY UNIVERSITY OF HONG KONG

A Usability Framework for Electronic Health Records in Nigerian Healthcare Sector

Quality Management System

THE REPURCHASE OF SHARES - ANOTHER FORM OF REWARDING INVESTORS - A THEORETICAL APPROACH

Revista Economica 65:3 (2013) LEADING EMPLOYEES THROUGH CHANGE THE ROLE OF INTERNAL MARKETING

IT OUTSOURCING PROJECT RISKS: FROM CLIENT AND VENDOR PERSPECTIVES

ERP Survey Questionnaire

ISO/IEC IT Service Management - Benefits and Requirements for Service Providers and Customers

Management accounting practices in the UK food and drinks industry

Transcription:

HOW FINANCIAL AUDITORS USE CAATS AND PERCEIVE ERP SYSTEMS? Cardoş Vasile-Daniel Babeş-Bolyai University Cluj-Napoca, Romania Faculty of Economics and Business Administration The adoption, implementation and expansion of complex information systems [IS] have an important impact on organizations. To cope with this situation, financial auditors need to use more and more computer-assisted audit techniques [CAATs] especially when auditing organizations with complex information systems such as Enterprise Resource Planning [ERP] in place. In this article we investigate the way Romanian financial auditors use CAATs during their mission and their perception regarding the effects of ERP systems on financial accounting and reporting system evaluation. Results show that even though financial auditors consider that the existence of an ERP system is influencing at least to a great their ability to evaluate the client s information system, they are not using CAATs to the same. Keywords: financial auditors, CAATs, ERP JEL Classification: M42 Introduction The adoption, implementation and expansion of information technology [IT] enhanced information system [IS] have an important financial and non-financial impact on business functions and their structure within a firm (Chatzoglou and Diamantidis, 2009). It is thought that the use of IT generates competitive advantage but meanwhile exposes organizations to new risks triggered by IT complexity. Financial auditors need to develop and/or enhance their IT knowledge and skills in order to fulfill their mission as required by their professional standards. During audit planning they have to consider how the client s characteristics affect systems risk (Bedard et al., 2005) and the possible misstatements (Bell et al. 1998). Also, IT complexity affects the nature of audit testing (Javrin et al.2009). To cope with this financial auditors are forced, by their professional standards and the current environment in which they work, to use more and more computer-assisted audit techniques [CAATs] especially when auditing organizations with complex information systems such as Enterprise Resource Planning [ERP] in place. Enterprise Resource Planning [ERP] systems are generating unique risks due to business-process reengineering and customizations. This triggers control weaknesses which leads to financial statements errors and inaccurate internal information. These issues need to be addressed in the implementation process overcoming the problems arising from improperly trained personnel and inadequate process reengineering efforts (Wright and Wright, 2002). The main objectives of this article are to investigate the way Romanian financial auditors use CAATs during their mission and perceive the effects of ERP systems on the evaluation of the financial accounting and reporting system. To achieve these objectives we used a questionnaire addressed to financial auditors in which they had to answer the following questions (on a scale ranging from 1 = to small to 5 = to a very great ): - To what are you using computer-assisted audit techniques (CAATs) for the evaluation of the financial accounting and reporting system? and - To what the existence of an ERP system affects the evaluation of the financial accounting and reporting system? 490

Review of prior literature The member bodies of the International Federation of Accountants [IFAC] are required to adhere to International Education Standards [IES] and Practice Statements [IEPS] in order to implement generally accepted good practice in the education and the development of professional accountants (IFAC, 2009:2). According to IEPS 2 Information Technology for Professional Accountants candidates to the profession have to be knowledgeable in CAATs consisting of: accounting packages; professional research tools; analytical tools and pattern matching/ recognition (IFAC, 2009:34). Further, International Education Guideline 11 Information Technology for Professional Accountants, a precursor for IEPS 2 requires for the professional development of evaluators/auditors of information systems to use CAATs in the planning phase: in order to design effective and efficient verification procedures to meet evaluation objectives; and during system evaluation when performing planned procedures (IFAC, 2003). Information Systems Audit and Control Association considers that CAATs may be used in performing the following audit procedures: - Tests of details of transactions and balances; - Analytical review procedures; - Compliance tests of IS general controls; - Compliance tests of IS application controls; - Penetration testing (ISACA, 2008:2). During the audit plan the auditor should use an appropriate combination of manual techniques and CAATs. The factors that may influence the use of CAATs might be: computer knowledge expertise and experience of the auditor, efficiency and effectiveness of using CAATs over manual techniques; time constraints and level of audit risk (ISACA, 2008). In the scientific literature there are only a few research papers describing the of CAATs use in the audit practice and the factors supporting their use (Curtis et al.2009). Javrin et al. (2008a) reported that financial auditors use extensively CAATs for analytical procedures, audit report writing, work paper management and sampling. Also, auditors perceived other audit applications as being important for audit planning, internal control evaluation and risk assessment, but used them less. In another paper Javrin et al. (2008b) identified performance expectancy and organizational and technical as factors that influence the auditor s acceptance of CAATs. They argued that CAATs usage can be increased by developing training programs within audit firms. Curtis and Payne (2008), found that audit firms influence the implementation of new technology by using long-term budgets and by communicating their support and encouragement to auditors. Hermanson et al (2000) investigated the to which internal audit departments are using CAATs for: system analysis and documentation; program testing or data integrity testing. Regarding the ERP influence on the audit mission, Hunton et al. (2004) examined the to which financial auditor are able to recognize higher risks associated with ERP system in comparison to non-erp systems and assessed financial auditors tendency to consult with specialists when assessing ERP and non-erp system risks during the planning stage of the audit. They observed that financial auditors do not indicate a greater need to consult with IT audit specialists when auditing an ERP versus non-erp system and they are equally confident in the ability of financial audit teams to assess risks in both computing environments (Hunton et al. 2004: 7). They suggest that financial auditors are overconfident in their ability to assess risks in complex systems. In a previous research Hunton et al. (2001) found that financial auditors are unlikely to consult with specialists with IS risk management practice in their firm which suggests that potential financial statements errors and audit risks may not be identified. Method used 491

This study was supported by the Chamber of Financial Auditors of Romania. A questionnaire was indicated to financial auditors addressing matters related to the perceived importance and their opinion or approach to several IT related activities they should be performing during their engagement. The questionnaire was emailed to 1.520 financial auditors, but due to invalid or wrong email addresses 232 emails were undeliverable. Of the 1.288 valid questionnaires mailed we received 96 answers (answer rate: 7.45%). To improve the answer rate we intend to have a second round of questionnaires sent out. The questionnaire consisted of three main parts. In the first part, the respondents were asked to answer several questions related to their educational background, both academic and professional. The second part contained questions addressing the auditor s profile: the type of their main activity; years of experience; number of audit missions completed; the nature of the client organization s activity. In the third part, respondents were asked to answer seven questions related to: the perceived importance of several IT related activities; the way the identified IT related activities are carried out (by the auditor or by an IT specialists); the to which auditors apply analytical procedures or use CAATS during their mission; the to which ERP systems affect their ability to evaluate the client s AIS and the influence of AIS evaluation on the audit opinion (using an interval scale rated from 1 = not important/to a small to 5 = very important/ to a very great ). Results The collected data showed that 44 respondents (45,8 percent) stated that the most frequently type of business audited by them is manufacturing, followed by services (19,8 percent) public institutions (11,5 percent) and banking (10,4 percent). The majority of the respondents (52,1 percent) have less than five years of experience, while 40 of them (41,7 percent) have between five and ten years of experience. Because the financial audit profession is still young in Romania none of the respondents have more than 15 years of experience. The first question analyzed in this article was: To what are you using computer-assisted audit techniques (CAATs) for the evaluation of the financial accounting and reporting system? For this question the auditors had to choose between: to a small = 1; to some = 2; to a moderate = 3; to a great = 4; or to a very great = 5. The mean rating (see Table 1) for this question (2.8646) is close to the median value (3) suggesting that, on average, financial auditors use CAATs for the evaluation of financial accounting and reporting system ranging mainly from to some to a great. But the mode value (2) suggests that most frequently the respondents chose the to some option (see Table 2). The second question analyzed in this article was: To what the existence of an ERP system affects the evaluation of the financial accounting and reporting system? (available options: to a small = 1; to some = 2; to a moderate = 3; to a great = 4; or to a very great = 5. The mean rating (see Table 1) for this question (3.6979) is also close to the median value (4) suggesting that, on average, financial auditors consider that the existence of an ERP system is influencing their ability to evaluate the financial accounting and reporting system to a great (see Table 2). This is confirmed by the mode value (4). Table 1. Descriptive statistics N Mean Median Mode Std. Dev. Use of CAATS 96 2.8646 3.0000 2.00 1.25337 Influence of ERP 96 3.6979 4.0000 4.00 1.01691 492

Table 2. Frequencies of answers for the two questions analyzed Use of CAATs Frequency Valid Percent Influence of ERP Frequency Valid Percent Valid To a small 15 15.6 4 4.2 To some 27 28.1 7 7.3 To a moderate 20 20.8 23 24.0 To a great 24 25.0 42 43.8 To a very great 10 10.4 20 20.8 Total 96 100.0 96 100.0 From Table 3, presented below, we can see that of the 15 respondents who stated they use CAATs to a small ; a third of them consider that the existence of an ERP system is influencing to a very great their evaluation of the entity s information system. From an opposite perspective, of the 42 respondents who considered that the existence of an ERP system is influencing to a great their ability to evaluate the entity s information system, 14 stated they use CAATs to a great, while the same number stated they use CAATs to some. Table 3. Cross-tabulation CAATs x ERP To a small To some The influence of ERP To a moderat e To a great To a very great Total To a small 2 3 2 3 5 15 Use of CAATs To some 1 0 10 14 2 27 To a moderate 0 2 8 6 4 20 To a great 0 0 3 14 7 24 To a very great 1 2 0 5 2 10 Total 4 7 23 42 20 96 Conclusions The above analysis suggests that even though financial auditors consider that the existence of an ERP system is influencing at least to a great their ability to evaluate the client s information system they are not using CAATs to the same. This means that a significant number of auditors still rely on a traditional approach around the computer, by using tests of details and analytic procedures rather than with the computer by using CAATs, when they evaluate the financial accounting and reporting system or during their overall mission. As technology is constantly evolving auditors will be forced to be knowledgeable and use IT tools and techniques that will allow them to detect misstatements and by this properly changing their audit plan in order to avoid the possibility of issuing an erroneous opinion. 493

References 1. Bedard J.C., Graham L. and Jackson C. (2005) Information Systems Risks and Audit Planning, International Journal of Auditing, 9 (2005), p. 147-163 2. Bell T.B., Knechel W.R., Payne J.L. and Willingham J.J. (1998) An Empirical Investigation of the Relationship Between the Computerization of Accounting Systems and the Incidence and Size of Audit Differences, Auditing. A Journal of Practice & Theory, vol.17, no.1, p.14-38 3. Chatzoglou P.D. and Diamantidis A.D. (2009) IT/IS implementation risks and their impact on firm performance, International Journal of Information Management, 29(2009), p.119-128 4. Curtis M.B. and Payne E.A, (2008) An examination of the contextual factors and individual characteristics affecting technology implementation decisions in auditing, International Journal of Accounting Information Systems, 9 (2008), p.104-121 5. Curtis M.B., Jenkins J.G., Bedard J.C. and Deis D.R. (2009) Auditor s Training and Proficiency in Information Systems: A Research Synthesis, Journal of Information Systems, vol. 23, no. 1, p.79-96 6. Hermanson D.R., Hill M.C. and Ivancevich D.M. (2000) Information Technology-Related Activities of Internal Auditors, Journal of Information Systems, vol.14 suppl., p.39-53 7. Hunton J., Wright A.M. and Wright S. (2001) Business and audit risks associated with ERP systems: knowledge differences between information systems audit specialists and financial auditors, American Accounting Association Midyear Meeting, available on-line at: http://aaahq.org/audit/midyear/02midyear/papers/erp.pdf 8. Hunton J.E., Wright A.M. and Wright S. (2004) Are Financial Auditors Overconfident in Their Ability to Assess Risks Associated with Enterprise Resource Planning Systems? Journal of Information Systems, vol.18, no.2, p.7-28 9. Information Systems Audit and Control Association (2008) IS Auditing Guideline G3 Use of Computer-Assisted Audit Techniques (CAATs), available on-line at: http://www.isaca.org/amtemplate.cfm?section=standards,_guidelines,_procedures_for_is _Auditing&Template=/ContentManagement/ContentDisplay.cfm&ContentID=39261 10. Javrin D., Biersbaker J. and Lowe D.J. (2008a) An Examination of Audit Information Technology Use and Perceived Importance, Accounting Horizons, vol.22, no.1, p. 1-21 11. Javrin D., Lowe D.J. and Biersbaker J. (2008b) Auditor Acceptance of Computer-Assisted Techniques, available on-line at: https://www.mtc.gov/uploadedfiles/multistate_tax_ Commission/Audit_Program/Resource/AuditorAcceptance.pdf 12. Javrin D., Biersbaker J. and Lowe D.J. (2009) An Investigation of Factors Influencing the Use of Computer-Related Audit Procedures, Journal of Information Systems, vol.23, no.1 p.97-118 13. Wright S. and Wright A.M. (2002) Information System Assurance for Enterprise Resource Planning Systems: Unique Risk Considerations, Journal of Information Systems, vol.16, supplement, 99-113 14. * * * International Federation of Accountants [IFAC], (2003), International Education Guideline 11: Information Technology for Professional Accountants, available on-line at: http://web.ifac.org/media/publications/6/ieg11-information-technol/ieg11-informationtechnol.pdf 15. * * * International Federation of Accountants [IFAC], (2009) International Education Practice Statement 2: Information Technology for Professional Accountants, available online at: http://web.ifac.org/media/publications/d/handbook-of-international-e/ieps-2- information-techno.pdf * * * Information Systems Audit and Control Association [ISACA], (2008) IS Auditing Guideline 13 Use of Computer-Assisted Audit Techniques (CAATs), available on-line at: 494

http://www.isaca.org/amtemplate.cfm?section=standards,_guidelines,_procedures_for_is_au diting&template=/contentmanagement/contentdisplay.cfm&contentid=39261 495

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information