Jagdish Pathak

Minimizing Cost of Continuous Audit: Counting and Time Dependent Strategies

Why do we need to audit databases? The answer to this question depends on several factors, including the users and the applications that have accessed the data, the timing and the type of data modifications such as permissions or schema and so on. This paper examines certain strategies that have been suggested in the database auditing literature (see, e.g. Orman, 2001). Orman studied the counting, periodic and hybrid auditing strategies with the objective of minimizing the number of errors introduced during database access. Unlike Orman whose focus is on assessing the number of errors infilterating the system, we focus on the long run operating cost of running database audit. We use results from regenerative stochastic processes to derive expressions for the long run average cost under the counting and periodic auditing strategies. Future directions for research are also proposed.

Risk management, internal controls and organizational vulnerabilities

Purpose – This is a theme editorial written exclusively by the guest editor for this special issue. This opinion piece demonstrates the impact of technology convergence on the internal control mechanism of an enterprise. It is important for an auditor to be aware of the security hazards faced by financial or the entire organizational information system. Author attempts to bring security systems design and the organizational vulnerabilities in the context of the convergence of communication and networking technologies with the complex information technology in business processes.Design/methodology/approach – This editorial is mostly conceptual analysis of the current state of affairs.Findings – Being an editorial, there are no specific findings presented in this piece.Research limitations/implications – Theme editorials, being conceptual expositions of a particular current issue generally lack support of data analysis. However, advantage can be obtained by the future researchers by designing a study around...

Cost Framework for Evaluation of Information Technology Alternatives in Supply Chain

Organizations are often facing the problem of determining the degree of investment in building information links with their suppliers and buyers to reduce costs, lead times, and quality problems, improve timely customized delivery, increase asset utilization, and improve corporate profitability. One of the critical enablers for an efficient and effective supply chain is timely planning and information processing across the entire value-added chain. This paper presents an analytical model for selecting the right mix of analytical software and hardware alternatives at various planning and execution levels of an organization to remain competitive in a supply chain. Factors such as quality, reliability, flexibility, timeliness and organizational compatibility have been quantified into cost components that form the weighted cost function. The weights of the various cost components of software and hardware are derived from pair-wise comparison. These weights account for the relative importance of alternative supply chain strategies for an organization. A numerical example is presented to demonstrate the applicability of the proposed framework and exhibit the efficacy of the procedures and algorithms.

An E-Business Audit Service Model in the B2B Context

This research studies E-business audit as a specialized service rendered in an information technology intensive environment. A service model is used to research the E-business audit context. Here auditing is viewed as a specialized technical service conducted in the context of E-business technologies, business processes, and people involved in E-business transactions. The specialized audit service is provided to the E-Business transacting firms that in most cases involve transactions between customers and suppliers. A field study of information technology auditors showed that both knowledge of the business processes and of the technologies were critical for them to render reliable and accurate E-business audit findings. The results showed the need for higher training levels in advanced IT methods and tools for technology auditors in rendering IT audit judgments for the business-to-business (B2B) context. Thus, these results provided support for the service model that calls for the appropriate knowledge and use of technologies, business processes, and people in providing service.

Audit Resource Planning Success in B2B E-Commerce: Development and Testing of a Measurement Scale

Abstract The e-commerce audit engagement scenario makes audit resource planning (ARP) an activity full of technological complexities. These complexities generally involve both e-commerce technologies and enterprise information integration, putting real pressure on the audit organizations scarce human and financial resources. However, the success (or effectiveness) of such complex audit resource planning activity is not well understood or easily measured. This paper attempts to develop and diagnostically test measurement scales using classical measurement development framework and contemporary structural equation modeling methods. This study is motivated by prior studies in the conventional (non e-commerce) audit resource planning, and audit-planning domain published in the accounting and management information systems discipline. The prior studies suggest that audit resource planning in a B2B (business-to-business) e-commerce engagement is a multi dimensional construct consisting of four latent dimensions. The four latent dimensions of ARP success are reflected through several manifest variables obtained from various relevant studies. The results confirm that audit resource planning success is operationalizable as a measurement scale with the four dimensions. The results of the study are tools for benchmarking future efforts by audit organizations. Accounting scholars can also use this study as a base for operationalizing audit resource planning success as a key dependent variable in future research.

Audit Risk, Complex Technology, and Auditing Processes

Abstract While growing organizations often embrace risk, these risks should not be taken blindly. These entities should have a clear understanding of the potential consequences of increased risk and how to insure positive outcomes. As firms are increasingly experiencing “virtualization” in their relationships with suppliers, partners, and consumers, there is an increasing need for trust and assurance in these relationships. There is greater pressure on independent auditors to attest to this trust and assurance. Ronen and Cherny1 indicated that independent auditors are expected to be trust providers to the level of being “insurers.” Auditors have talked of “reasonable assurance “and “true and fair presentation” but now their stakeholders expect these auditors to be insurers of their investment! While bizarre, this is a reality for auditors.2 In this outsourced scenario, the American Institute of Certified Public Accountants (AICPA) promulgated a statement of auditing standards (SAS) No. 94, replacing the SAS 55; however, it keeps the definition of “internal controls” unchanged. The purpose of this article is to discuss the SAS 94 audit standards for organizations making extensive use of IT. It is divided into two major parts: (1) an examination of complex information technologies in terms of audit risk, and (2) the effect of SAS 94 on the audit processes.

Do characteristics of audit committees and board of directors influence earnings management

Earnings management has attracted much attention in this globalised economic environment due to large accounting scandals such as Enron and WorldCom. National governments and other market-regulation institutions are taking measures to restrain earnings management in order to ensure the reliability and transparency of financial reporting. This study explores whether audit committees and boards of directors influence earnings management using the literary review method. The findings show that both discretionary accruals and abnormal accruals are mostly used as dependent variables to detect earnings manipulation estimated by the Jones and modified Jones models. For the most part, evidence from previous literature indicates that the more independent the members of the audit committee and board, the higher the quality of earnings in financial reporting. However, some opposite findings exist.

Extensible Business Reporting Language XBRL: Potential of Research in XBRL as a Social Artifact-An Essay

In this brief theoretical narrative, the author intends to present a thought piece which would suggest that study of eXtensible Business Reporting Language XBRL is not relevant to technological or financial domains alone. XBRL usage in the World of finance can easily bring out its impact on the society at large through its users in the finance and investment areas. XBRL is simply not a technological artifact alone but has turned into a social artifact. The author, therefore, proposes that future researchers of information systems should also look into the impact of XBRL on the society as a whole. This essay takes a foundational step toward a paradigm and suggests how one might usefully augment further studies with research on XBRL as social artifacts.

Perceived Determinants of E-Commerce Audit Judgment Expertise

A global survey of 203 E-commerce auditors was conducted to investigate the perceived determinants of expertise in E-commerce audits. We hypothesize and find evidence indicating that information technology and communication expertise are positively related to expertise in E-commerce audit judgment. We also find that system change management expertise and information technology audit expertise mediate this relationship.

Audit Resource Planning Success in B2B e-Commerce Engagement: An Empirical Assessment of Theorized Constructs, Manifest Variables Measurement and Second Order Factor Model

Audit Resource planning (ARP) activity in any engagement involves a balancing act in between the significant outlays involved in the trained and skilled human resources and the audit objectives. Audit engagement for an e-commerce client makes ARP an activity full with technological complexities far removed from the traditional audit engagement with a conventional client and/or centralized accounting databases. These complexities of e-commerce technologies put a real pressure on audit organizations scarce human and financial resources. Despite these all, we have little understanding of how the success of such audit planning activity is measured. Present study makes use of classical measurement development frameworks used by the information systems researchers as well as the contemporary statistical methods for determining the dimensionality. This paper theoretically develops and empirically tests a measurement model of success of audit resource planning in e-commerce engagement. The model is restricted to the business-to-business (B2B) e-commerce category for simplicity. The results suggest that audit resource planning success (ARPS) can be operationalized as a second order factor model. The first order constructs of the model are termed higher technical training, higher technical experience, minimum breadth of technical training & experience, capabilities in professional audit judgment, and expertise in system and change management. These theorized constructs are found to be governed by the second order factor of ARP success. The results of the study are tools for benchmarking future ARP efforts by an audit organization and act as a base for operationalizing a key dependent variable in future ARP research.