The turbulent events of the global financial crises have highlighted the importance of audit quality. Auditing in today's business environment involves navigating through organizational information technology (IT) landscape dominated by ERP systems. Organizations depend on ERP systems for financial reporting which involve dealing with statutory and regulatory provisions. ERP systems thus, have become an integral part of compliance strategy due to their support for internal controls. ERP systems are associated with inherent system and business process complexities capable of carving new auditing landscape for auditors. However, the implications of such ERP-induced process changes and system complexities on audit quality have not been well understood and investigated. This study attempts to bridge this gap. The primary goal of this research is to frame business process complexity, system complexity and audit process as key predictors of audit quality as perceived by external auditors. Using empirical evidence gathered from auditors experienced in post-ERP audit, the research found that auditors' post-ERP perception in an audit due to ERP implementation influenced the perceived audit quality. Specifically, system complexity, audit process changes and control risk were significant determinants of perceived audit quality. In addition, the findings reveal business process complexity and system complexity as key antecedents of control risk in an ERP audit.
TopIntroduction
Although the need for audit quality has always been around, lately the veracity of audit reports has attracted both practitioners and scholars as stakeholders attempt to understand the series of business failures and corporate scandals. The quest for audit quality is not only a result of growing concern created by the global financial crises, but also because of the increasing complexity of technologies and the evolving pace of changes in the business environment and reporting standards. The last two decades have witnessed the popularity of ERP systems among firms of all sizes. ERP systems are packaged software solutions that integrate information and business processes within and across functional areas in an organization (Grabski, Leech & Schmidt, 2011; Kalling, 2003; Nwankpa & Datta, 2012). Such systems represent a major departure from the individual and functional information systems widespread in the past. Indeed, ERP systems are motivated by regulatory compliance, upgrading legacy systems, business process reengineering and cross-functional integration (Robey, Ross & Boudreau, 2002). The level of integration and data consolidation created by ERP systems are transformative in nature thus craving a new landscape in the areas of auditing, accounting and information systems (Grabski et al. 2011). As a result, understanding the effect of ERP systems implementation on organizations has been of interest to information system (IS) researchers. Much has been written in the past decade in both academic and practitioner literature about the implication of ERP implementation. This urge to get a grip on ERP system implementation and to leverage it to create competitive advantage in a radically evolving business environment has lead to the development of several ERP research streams namely: (1) critical success factors, (2) the organizational implications and (3) the economic impact of ERP systems (Grabski et al. 2011).
However, while existing studies have examined the more noticeable ERP induced changes such as cross-functional integration of business, user acceptance and critical success factors, more subtle impact such as the effect of post-ERP implementation on perceived audit quality has been largely ignored (Nwankpa & Datta 2012). Little is known about the factors that affect perceived audit quality in an ERP environment. Indeed there is a general lack of research that conducts a theory-based empirical examination of audit quality and its antecedents. Yet business process changes and systems complexities resides at the heart of any ERP system implementation (Scheer & Haberman 2000) hence, requiring auditors to familiarize themselves with the underlying business processes, internal controls and unique risks associated with ERP systems (Hunton, Wright & Wright, 2004). Such business process comprehension and control risk awareness is required since ERP systems usher in changes, to legacy systems and processes (Nwankpa & Datta 2012). Such changes stem from ERP implementation and include interlinked business processes, centralized relational database and automation of controls capable of impacting security and internal control systems (Grabski et al. 2011; Scapens & Jazayeri 2003) thus, creating the possibility that key control mechanisms will be ineffective or may be completely bypassed during implementation (O’Leary 2000). Further, configuration choices made during ERP implementation directly impact controls and the depth of changes to existing business processes thus exacerbating the control risks (Wah 2000; Hunton et al. 2004). Hence, auditors will need to untangle the increased control risks encapsulated within ERP systems.