Manal Laghmouch, Sebastien Lizin, Jan Mendling, Benoît Depaire, Mieke Jans
{"title":"Auditors’ Risk Perception of Process Control Deficiencies: A Discrete Choice Experiment","authors":"Manal Laghmouch, Sebastien Lizin, Jan Mendling, Benoît Depaire, Mieke Jans","doi":"10.2308/isys-2021-039","DOIUrl":null,"url":null,"abstract":"\n In risk-based auditing, data-driven analyses are often used to automatically detect process deficiencies. This introduces a challenge: the number of deficiencies is too large to inspect manually. Current approaches addressing this challenge neglect integrating the risk dimension or rely on auditors to manually integrate it. This study aims to increase the effectiveness of such data-driven analysis approaches by including the risk dimension when presenting process deficiencies for further inspection. We investigate how the deficiency type and the affected control activity are associated with perceived risk. We run a discrete choice experiment with 58 auditors interpreting deficiencies that occur in a procure-to-pay or an order-to-cash process and find that (1) deficiencies of type “missing” or deficiencies related to asset-decrementing activities are perceived as the riskiest, (2) the control activity contributes 75 percent of the risk perception, and (3) external and internal auditors share a similar risk perception.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":2.0000,"publicationDate":"2024-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.2308/isys-2021-039","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
引用次数: 0
Abstract
In risk-based auditing, data-driven analyses are often used to automatically detect process deficiencies. This introduces a challenge: the number of deficiencies is too large to inspect manually. Current approaches addressing this challenge neglect integrating the risk dimension or rely on auditors to manually integrate it. This study aims to increase the effectiveness of such data-driven analysis approaches by including the risk dimension when presenting process deficiencies for further inspection. We investigate how the deficiency type and the affected control activity are associated with perceived risk. We run a discrete choice experiment with 58 auditors interpreting deficiencies that occur in a procure-to-pay or an order-to-cash process and find that (1) deficiencies of type “missing” or deficiencies related to asset-decrementing activities are perceived as the riskiest, (2) the control activity contributes 75 percent of the risk perception, and (3) external and internal auditors share a similar risk perception.
期刊介绍:
The Journal of Information Systems (JIS) is the academic journal of the Accounting Information Systems (AIS) Section of the American Accounting Association. Its goal is to support, promote, and advance Accounting Information Systems knowledge. The primary criterion for publication in JIS is contribution to the accounting information systems (AIS), accounting and auditing domains by the application or understanding of information technology theory and practice. AIS research draws upon and is informed by research and practice in management information systems, computer science, accounting, auditing as well as cognate disciplines including philosophy, psychology, and management science. JIS welcomes research that employs a wide variety of research methods including qualitative, field study, case study, behavioral, experimental, archival, analytical and markets-based.