Audit Practice Journal | Towards an Understanding of the Audit Expectation Gap

The IUP Journal of Audit Practice :

IT Audit Approaches for Enterprise Resource Planning Systems

Article Details

Pub. Date	:	April, 2009
Product Name	:	The IUP Journal of Audit Practice
Product Type	:	Article
Product Code	:	IJAP10904
Author Name	:	Richard G Brody and Grover Kearns
Availability	:	YES
Subject/Domain	:	Finance
Download Format	:	PDF Format
No. of Pages	:	21

Price

For delivery in electronic format: Rs. 50;
For delivery through courier (within India): Rs. 50 + Rs. 25 for Shipping & Handling Charges

Download

To download this Article click on the button below:

Abstract

Auditors operating in an ERP environment face special challenges, many of which they may not be fully equipped to face. Given the litigious environment, in which the auditors operate and the growth of technology in many companies, auditors must be prepared to effectively deal with the risks presented by ERP systems. The purpose of this paper is to address auditing issues that are specific to audits, involving clients with an Enterprise Resource Planning (ERP) system. The focus is on the risks and internal controls in an electronic environment. The paper reviews the literature in the ERP area as it relates to audits and covers the special issues that auditors face in an ERP environment. Suggestions are provided for controlling risks in these complex environments. The guidance provided will aid auditors, who come across the unique and complex environment created by the use of an ERP system. This will be a very valuable tool for practicing auditors.

Description

Enterprise Resource Planning (ERP) systems are software packages that integrate two or more business modules into one system and can replace manual or independent applications while eliminating the need for external interfaces. For example, with the implementation of an ERP system, the financial module can be integrated with the manufacturing, inventory and shipping modules. ERP systems can be used by the companies that want to maintain portions of their current system, often referred to as `legacy systems,' while combining other business functions into one system. However, larger companies tend to implement ERP systems that integrate virtually all businesses modules into a single ERP system.

Because of their integrated nature, ERP systems have become popular among the firms of all sizes. The proliferation of ERPs makes it imperative for auditors to become knowledgeable about the various controls and recommended audit approaches that should exist for these systems. Maintaining data integrity is critical to risk management and complying with Section 404 of the Sarbanes-Oxley Act. Due to the system-wide integration, auditors must familiarize themselves with the underlying business processes, obtain assurance that the ERP system reflects the processes accurately, and change the way substantive tests are performed in an ERP audit.

Keywords

Audit Practice Journal, Enterprise Resource Planning, ERP, Legacy Systems, Risk Management, System-Wide Integration, Information Technology, IT, Material Management, Supply-Chain Management Systems, SCMs, Customer Relationship Management Systems, CRMs, ERP System, Online Transaction Processing, OLTP, Electronic Data Interchange , EDI, Computer-Assisted Audit Techniques , CAATs.