Readiness of Low Complexity ERP for Continuous Auditing in SMEs: The Brazilian Case Study

Q4 Engineering

Control and Cybernetics Pub Date : 2022-09-01 DOI:10.2478/candc-2022-0022

R. Gonçalves, J. O. Imoniana

{"title":"Readiness of Low Complexity ERP for Continuous Auditing in SMEs: The Brazilian Case Study","authors":"R. Gonçalves, J. O. Imoniana","doi":"10.2478/candc-2022-0022","DOIUrl":null,"url":null,"abstract":"Abstract The continuous auditing technology assures integrity of accounting systems and consequently improves the decision-making process of the small and medium-sized enterprises (SMEs) that implement it. Considering that SMEs located in developing countries function within a more risk prone environment and do not have resources to implement all layers of customized corporate functions in information systems, one argues for their reliance on the features of low complexity of enterprise resource planning (ERP) software to benefit from continuous auditing (CA). The purpose of this study is to relate the understanding of the CA demands and low complexity ERP systems’ technical functionalities in SMEs. Thus, to fulfill this objective, a conceptual model has been drawn to integrate the key concepts related to CA. Four pillars are the core of this model, namely: segregation of duties (SoD) with role-based access control centered on process-based approach (PBA); internal checkpoints; audit trails; and the level of integration of the continuous auditing software. This model was validated through the benchmarking of the implementation of the pillars in three cases of low complexity ERP systems adopted by SMEs in a developing country. The benchmarking/results of the study show significant differences between operational mechanisms of the three ERP software. Namely, the role-based access control exists in the two of the ERP_LC but not in the Brazilian one. Also, there is no check-point in the Brazilian ERP_LC and it does not integrate with continuous audit features. This study distinguishes between the low complexity ERP’s functionalities and the features of a more complex environment, thus bringing an important contribution to the study of low complexity ERP’s readiness for continuous monitoring in SME’s internal auditing processes.","PeriodicalId":55209,"journal":{"name":"Control and Cybernetics","volume":"51 1","pages":"389 - 420"},"PeriodicalIF":0.0000,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Control and Cybernetics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2478/candc-2022-0022","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Engineering","Score":null,"Total":0}

引用次数: 0

Abstract

Abstract The continuous auditing technology assures integrity of accounting systems and consequently improves the decision-making process of the small and medium-sized enterprises (SMEs) that implement it. Considering that SMEs located in developing countries function within a more risk prone environment and do not have resources to implement all layers of customized corporate functions in information systems, one argues for their reliance on the features of low complexity of enterprise resource planning (ERP) software to benefit from continuous auditing (CA). The purpose of this study is to relate the understanding of the CA demands and low complexity ERP systems’ technical functionalities in SMEs. Thus, to fulfill this objective, a conceptual model has been drawn to integrate the key concepts related to CA. Four pillars are the core of this model, namely: segregation of duties (SoD) with role-based access control centered on process-based approach (PBA); internal checkpoints; audit trails; and the level of integration of the continuous auditing software. This model was validated through the benchmarking of the implementation of the pillars in three cases of low complexity ERP systems adopted by SMEs in a developing country. The benchmarking/results of the study show significant differences between operational mechanisms of the three ERP software. Namely, the role-based access control exists in the two of the ERP_LC but not in the Brazilian one. Also, there is no check-point in the Brazilian ERP_LC and it does not integrate with continuous audit features. This study distinguishes between the low complexity ERP’s functionalities and the features of a more complex environment, thus bringing an important contribution to the study of low complexity ERP’s readiness for continuous monitoring in SME’s internal auditing processes.

查看原文本刊更多论文

中小企业持续审计的低复杂性ERP准备:巴西案例研究

摘要持续审计技术确保了会计系统的完整性，从而改善了实施该技术的中小企业的决策过程。考虑到位于发展中国家的中小企业在更容易发生风险的环境中运作，没有资源在信息系统中实施所有层次的定制公司功能，有人认为，它们依赖企业资源规划软件的低复杂性特点，从持续审计中受益。本研究的目的是联系中小企业对CA需求和低复杂性ERP系统技术功能的理解。因此，为了实现这一目标，已经绘制了一个概念模型来集成与CA相关的关键概念。该模型的四个支柱是：职责分离（SoD）和以基于过程的方法（PBA）为中心的基于角色的访问控制；内部检查站；审计跟踪；以及持续审计软件的集成程度。通过对发展中国家中小企业采用的三个低复杂性企业资源规划系统的支柱实施情况进行基准测试，验证了这一模式。研究的基准/结果显示，三个企业资源规划软件的运作机制之间存在显著差异。也就是说，基于角色的访问控制存在于ERP_LC的两个中，而不存在于巴西的ERP_LC中。此外，巴西ERP_LC中没有检查点，也没有与持续审计功能集成。本研究区分了低复杂性ERP的功能和更复杂环境的特征，从而为研究低复杂性ERP在中小企业内部审计过程中的持续监控准备情况做出了重要贡献。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Control and Cybernetics 工程技术-计算机：控制论

CiteScore

0.50

自引率

0.00%

发文量

期刊介绍： The field of interest covers general concepts, theories, methods and techniques associated with analysis, modelling, control and management in various systems (e.g. technological, economic, ecological, social). The journal is particularly interested in results in the following areas of research: Systems and control theory: general systems theory, optimal cotrol, optimization theory, data analysis, learning, artificial intelligence, modelling & identification, game theory, multicriteria optimisation, decision and negotiation methods, soft approaches: stochastic and fuzzy methods, computer science,