Article Preview
TopIntroduction
How do financial auditors perceive ERP implementations and its impact on audit quality? Enterprise Resource Planning (ERP) Systems have become very important in modern business operations as businesses strive to retain competitive advantage in a radically evolving business environment. ERP systems create a central, standardized data repository with essential controls and reporting standards (Sia et al., 2002; Ignatiadis & Nandhakumar, 2009). Understanding the effect of ERP systems implementation on organizations has been of interest to information system (IS) researchers. ERP implementations bring about changes that alter the existing organizational processes. Process changes, if properly understood and anticipated, can assist firms to overcome post-implementation challenges as well as reap the potential benefits of ERP systems (Sumner, 2000). Indeed, while studies have examined the more obvious ERP induced changes such as integrating functional areas of business, standardizing business processes, and creating one-source data, more subtle implications such as effects of perceived changes from ERP implementation on audit quality have been largely ignored.
Yet, business process changes lie at the heart of any ERP system implementation (Scheer & Haberman, 2000). As ERP systems are implemented, companies begin with BPR (Business Process Reengineering) where legacy processes are transformed to help information and communication integration. Legacy processes, processes that are functionally efficient but insular, are slated for reengineering and integration. Interestingly, prior to an ERP implementation, financial auditors provided formal opinions and recommendations on these legacy systems. Over time, these legacy processes were tuned to meet stringent audit requirements. These legacy processes embodied the salient process baseline for audits.
However, ERP systems usher in changes, sometimes sharp changes, to legacy processes. ERP implementations and BPR are closely connected and ERP implementations must involve the analysis and reengineering of legacy processes “rather than designing an application system that makes only the best of bad processes” (Scheer & Haberman, 2000, p. 58). These process changes cascade across the entire organization and auditors have to adapt to these process changes as both risks and benefits are propagated in an ERP system. According to Gibbs and Keating (1995), the expanded and cross-functional scope of ERP systems can lead to heightened business risks and the potential for financial statement misstatements, misclassifications, and defalcations. Audits that have traditionally focused on legacy processes realize that controls and processes in a new ERP environment have shifted from discrete manual interventions to continuous automated propagations. Therefore, audit opinions based on perceived process changes from ERP implementations, must be reconciled with some assurance of the audit quality. For example, the Committee of Sponsoring Organizations (COSO, 1992) report provides a framework for the consideration of auditor perceptions of control risks, which expands the focus of the traditional view of processes and controls at the detailed account and assertion level to include information integration. Given that auditor perceptions anchor the auditor’s formal opinion, gauging auditor perception about ERP-driven changes and their impact on the auditor’s perception of audit quality become central to an audit engagement (Brazel, 2005).
While auditors have commonly believed in the need for integrated information, the answer to whether ERP implementations have served to enhance audit quality remains elusive at the best (Scapens & Jazayeri, 2003). As firms adopt and deploy ERP systems for information integration, newer concerns arise for financial statement auditors in determining the veracity of the financial reports and results generated by ERP systems. ERP systems have now allowed continuous auditing, a mechanism where information systems are used to maintain real-time sharing and monitoring of information. While such a method has tremendous theoretical advantages for real-time assessment, there is a growing debate on the practicality of continuous auditing with concerns about too much irrelevant information as well as information overload (Kuhn & Sutton, 2010). Thus, auditors may fall prey to information overload and constant monitoring may be exhausting and distracting.