Are Financial Auditors Overconfident in Their Ability to Assess Risks Associated with Enterprise Resource Planning Systems?
41 Pages Posted: 14 Apr 2005
Abstract
The first objective of the current study is to examine the extent to which financial auditors recognize heightened risks associated with an enterprise resource planning (ERP) system, as compared to non-ERP (legacy) system, in the presence of a control weakness over access privileges. The second objective is to assess the propensity of financial auditors to consult with information technology (IT) audit specialists within their firm when assessing ERP and non-ERP system risks in the planning stage of an audit. One hundred sixty five (165) auditors participate in an experiment in which we manipulate system type (ERP versus non-ERP) and measure auditor type (IT audit specialists versus financial auditors). Both auditor types indicate significantly higher business interruption, process interdependency and overall control risks with the ERP, as compared to the non-ERP, system. Additionally, while IT audit specialists assess significantly higher network, database and application security risks with the ERP system, financial audits do not recognize higher security risks in these areas. Perceived risk differentials from the non-ERP to the ERP system across all risk categories are significantly greater for IT audit specialists than financial auditors. Finally, financial auditors do not indicate a greater need to consult with IT audit specialists when auditing an ERP versus a non-ERP system, and, they are equally highly confident in the ability of financial audit teams to assess risks in both computing environments. Overall, evidence from this study suggests that financial auditors may be overconfident in their ability to assess ERP system risks.
Keywords: enterprise resource planning, ERP, audit risks, business risks, audit specialists
JEL Classification: M40, M41, M49
Suggested Citation: Suggested Citation
Do you have a job opening that you would like to promote on SSRN?
Recommended Papers
-
Auditor Industry Specialization and Earnings Quality
By Steven Balsam, Jagan Krishnan, ...
-
Auditor Industry Specialization and Client Disclosure Quality
By Kimberly Dunn, Brian W. Mayhew, ...
-
Board Independence and Audit Firm Type
By Mark S. Beasley and Kathy R. Petroni
-
The Effect of Industry Experience on Hypothesis Generation and Audit Planning Decisions
By Arnold Wright and Sally Wright
-
National and Office-Specific Measures of Auditor Industry Expertise and Effects on Audit Quality
By Kenneth John Reichelt and Dechun Wang
-
By Philip J. Lee, Donald J. Stokes, ...
-
Audit Quality and Properties of Analyst Earnings Forecasts
By Bruce K. Behn, Jong-hag Choi, ...