Paper ACB3-8 Final

8/12/2019 Paper ACB3-8 Final

1/15


2/15

page 2

1. Introduction

Nowadays the economic situation of companies in all segments wants to reduce expense lines,

improving the functioning of the supply chain, and the map together with partners. Most long-term

planning, but ends with account management activities; tactical plans are rarely associated with

implementation. Companies that close the gap between the ERP and supply chain execution with

partners through joint processes to the reduce cost while improving service costs, inventory risk and

cycle times. The companies make more use of Information Technology to control their daily business

activities. They make use of computers to keep track of internal processes like the level of inventory

(http://www.qad.com/Public/Documents/rm_electronics_supply_chain.pdf/).

The main view behind this study is that the systems of the trading partners provides the communicating

process with each other to create a more efficient and effective supply chain (Malhotra, Gosain, & El

Sawy, 2007). Many names are used to refer to this electronic inter-enterprise collaboration: Standard

Electronic Business Interface (Malhotra, Gosain, & El Sawy, 2007), Business-to-Business data sharing

(Stefansson, 2002), The Audit Risk Model, Business Risk and AuditPlanning Decisions (Richard W.

Houston et al 1999) , Collaborative Audit Framework (Paulus et al, 2007) and Technology-Driven

Convergence of Business Processes in the Acquisition Cycle (Palmer, R. & Gupta, M. 2011) and many

more. In this paper the term Electronic Inter-Enterprise Collaboration (EIEC) which is also known as the

Enterprise Process Innovation Continuum (EPIC) will be used.

Applying EIEC for the sale order and purchase process identifies several the internal control problems

within the company than applying a manual process. For example Company A has to be sure that the

trading partner cannot enter in their accounting records through the developed connection between the

two companies systems. On the end of supply chain management, the company can merely pay their

suppliers. In this paper the exposures and risks arising due to the used of EIEC will be addressed to

acquisition and payment cycle. This integrated system communicates with the core systems of both

companies (supplier and purchaser). Given that EIEC makes it possible for companies to place orders

directly into the system of the supplier, auditors need to question data integrity and confidentiality.(http://www935.ibm.com/services/multimedia/GL_13808_EPIC_bch_Draft_02.pdf./)
http://www.qad.com/Public/Documents/rm_electronics_supply_chain.pdf/http://www935.ibm.com/services/multimedia/GL_13808_EPIC_bch_Draft_02.pdf./http://www935.ibm.com/services/multimedia/GL_13808_EPIC_bch_Draft_02.pdf./http://www.qad.com/Public/Documents/rm_electronics_supply_chain.pdf/


3/15

page 3

1.1 Research question and sub questions

The main research question addressed in this paper is:

Doesthe Electronic Inter-Enterprise Collaboration affect the audit risk?'

To answer this question there will be made use of three sub questions, which are:

What is meant with Electronic Inter-Enterprise Collaboration?

What are the advantages and disadvantages of using Electronic Inter-Enterprise Collaboration for the

internal control?

What can be the effects of using Electronic Inter-Enterprise Collaboration for the audit risk?

In chapter two the first sub question is addressed. It will describe EIEC and mention the advantages and

disadvantages of using EIEC on the sales process. Chapter three answers sub question two. It will

thoroughly investigate the advantages and disadvantages of EIEC. The fourth chapter looks at the affects

of EIEC on the audit risk. Every chapter gives a short introduction followed by the information to answerthe affiliated sub question, and will conclude with an answer. The fifth chapter is the conclusion, which

consists of a summary which is followed by the answer to the research question.

1.2 Method

A literature review will be conducted to answer the research question. Other papers will be addresses

for the influence on the audit risk. Based on the accumulated evidence, a conclusion will be drawn on

the research question mentioned above. During this research the three parts of audit risk are explained.

To draft a conclusion on the main question, inherent risk, control risk and detection risk will be

disregarded, for reasons that become clear in the fourth chapter.

1.3 Relevance

The continuous increase in the use of some form of EIEC necessitates the implementation of a secure

environment to do this. An auditor is required to form an opinion about data integrity and needs to

assess outside influence on the numbers stated in the financial statements (FS). This paper informs

about the risks affiliated with EIEC and researches the (dis)advantages of the use of EIEC. This paper is a

contribution towards a better understanding of EIEC and its influence on the internal controls and thus

on the audit risk.


4/15

page 4

2. Electronic Inter-Enterprise Collaboration

In this chapter the term Electronic Inter-Enter Collaboration will be discussed. This chapter will also

cover the definition of audit risk en the different components of audit risk. The last part of this chapter

will contain the effects of inter controls on the audit risk component.

Several names are given to electronic (internet) communication between different parties outside the

organization e.g. communication between trading parties (David A. et al. 2003) The goal of this

communication is to increase the supply chain (Gunasekaran A. et.al., 2004). Different authors gave

different names to this form of communication such as; Interorganisational Information System (Lee H.

et.al 2004), Standard Electronic Business Interface (Lee H. et.al, 2004).

In this paper the term is Electronic Inter-Enterprise Collaboration (EIEC). The EIEC is referred to the

electronic (internet) communications between the respective parties.

There is no single and clear definition of EIEC available but different authors have the same reasoning

about the integration of information system. That is that companies integrate their information system

to gain a competitive advantage (Gunasekaran A. et.al, 2004).

There are two conditions before implementing this system (Gunasekaran A. et.al, 2004):

The goal of the use of this system is to optimize the competitive advantage of the company. This system should be used at least by two companies for the integration of the supply chain.

Based on what is stated above we can say that EIEC is an electronic information system used by at least

two companies to gain a competitive advantage.

To successfully develop information system there are four phases (Williamson E. et.al. 2004):

Paper copies; in this phase a company uses the paper work (copies of invoices, purchase orders,and bills). Because of the use of paper copies the communication between the company and the

supply chain is limited. This lead to

Development of Electronic Data Interchange (EDI). This was expensive and proved also to belimited. However this was the first step towards automated information flow. EDI proved to be

inflexible and expensive, because suppliers who were using EDI had to provide their customers

with additional EDI information (Golden W. et.al., 1999). This lead to the third phase;
http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186


5/15

page 5

Development of Enterprise Resource Planning (ERP). ERP provided more flexibility, than the EDIbecause by using this system more information could be shared at lower costs. The ERP system

increases the transparency by removing information distortions. However the ERP is a system

that cannot be used by more companies because this is computer to computer exchange system

(Akkerman H. et.al 2003). This introduced the last stage;

Because there was growth of the use of internet to exchange information, the XML wasintroduced. This is a standard language used over the internet. And this can be implemented by

many companies (Shore B, 2001). The advantage of this is that several business partners can

integrate their business resources. The XML provide also a reliable communication between the

partners (Shore B, 2001). Several factors such as; reliability, the low cost are the reasons behind

the growth of internet usage. Another factor is accessibility of internet (Williamson E. et.al.

2004).

2.1 Audit Risk

According to Arens (2013) the audit risk is the risk that the financial statement may be materially

misstated after the audit is completed and an unqualified opinion has been issued. The audit risk has

three components; the inherent risk, the detection risk, and the control risk (Arens, 2013).

The inherent risk is; the risk of a material misstatement in the financial statements beforeconsidering the effectiveness of the internal controls (Arens A. et al, 2013).

The control risk is; is the risk that a material misstatement will not detected or prevented by theinternal control.(Arens, 2013)

The detection risk is the risk; is the risk that the accumulated audit evidence will fail to detect amaterial misstatement in the financial statements. (Arens A. et.al, 2013)

2.2 Effect of internal controls on audit risk

According to Hall (2011) there are seven types of internal control; physical examination, transaction

authorization, segregation of duties, supervision, accounting records, access control and independent

verification. Apart from these controls there are two categories of IT controls; input controls and

processing controls (Hall, 2011). When all these controls are properly implemented it can be said that

the internal control is working properly. A proper working internal control will reduce the control risk

(Arens A. et.al, 2013). Before the auditor can conclude about the effectiveness about the internal


6/15

page 6

control it should perform tests of controls (Arens A. et.al, 2013). The tests of controls are specified to

check the design and the operating effectiveness of the internal control (Arens A. et.al, 2013). So the

auditor checks which controls are in place and how they perform (Arens A. et.al, 2013). The main point

in this chapter was the definition of EIEC. The implementation of this system is through four phases.

Companies chose to acquire such a system to increase their competitive advantage. Further we have

discussed the different components of audit risk and the effects of inter control on internal control

components.


7/15

page 7

3. The advantages and disadvantages of Electronic Inter-Enterprise

collaboration

3.1 Introduction

Collaboration has become a new trend in the supply chain management (SCM) that is focus on joint

planning coordination, and process integration between suppliers, customers and other partners in the

supply chain. Reduction of costs and the increased of return on assets are its competitive advantages. It

also increased reliability and responsiveness to market needs.

Companies are increasingly using information systems to integrate the system and the processes

throughout their supply chain, so that they can reduce inefficiencies in a supply chain. To transform

their focus from operational buying and selling relationship into higher performing collaborative

relationships, many companies have undertaken information technology (IT) supported initiatives.

According to Venkratraman (1991) there are five levels of business transformation made possible

through information technology implementation these are:

Localize exploitation. Internal integration. Business process redesign. Business network redesign. Business scope redefinition.

With the improvement of the supply chain management in mind, companies are moving rapidly in using

electronic business. Part of that movement involves including significant technology to the acquisition

cycle. Within this movement, come expectations which drive decision-makers from conceptions to

development to implementation such as the propellant for decision, acquisitions, and training.

(Erffmeyer and Johnson 2001). Every company that seeks to be successful in the future is striving to

implement a successful e- business strategy. According to Waters (2000) e- business has become an

important part of life, nearly essential to commerce as the telephone. E-Business uses normal electronic

data standards with computer automated technology to electronically interconnect information

systems, integrate internal and external data streams, and automate businesses between business

partners (Health Industry today, 1999)


8/15

page 8

3.2 Advantages and disadvantages of EIEC

Companies may pursue this path for many reasons such as an increased need to share information

between companies departments and with selected outside parties and to keep up with the competition

(Erffmeyer and Johnson 2001). Other advantages that a successful integration has that will help the

company are:

The developing of strategic advantages due to speed or response. Improved accuracy. Greater synergy through improved communication. Costs saving.

Disadvantages of E-Business

The cost of developing the e- business is one of the primary concerns for e-business. Because of the

complexity of the e- business applications, a company may need to completely change its current

system. The adoption of an e-business solution implies high risk of failure. Further the attacked by

hackers is one of the disadvantages that a company must keep in mind, because with of the fact that the

electronically transmitting of corporate information will increased with other word security becomes

another concern while implementing e-business. Another disadvantage is the lack of a common

framework to help execute transactions over the internet (Rodgers et al 2002).

3.3 The advantages and disadvantages of EIEC for Internal control.

The introduction of this system has several advantages for the internal control (Hall, 2011):

The fraudulent behavior should be decrease because of there would be more segregation ofduties.

The human error will be decreased because only authorized employees can change the input(information).

There will be more supervision and/or transaction authorization because of the segregation ofduties.

These advantages give the company in a better competitive advantage.

Apart from these advantages there are also disadvantages. One of the most important one is the high

cost of implementation. The second disadvantage is that the personnel need to be trained to use this

system (Rodgers et al 2002). The last disadvantage can be arise of new control problems, because the


9/15

page 9

system eliminates control problems but on the other hand new problems arise (Turtle et.al 2007). The

company needs to assess the advantages and the disadvantages before it can decide to implement this

system.


10/15

page 10

4. The effects of Electronic Inter-Enterprise Collaboration on the audit risk

4.1 Introduction

In the preceding chapters the meaning of Electronic inter-enterprise collaborations is discussed and the

advantages and disadvantages of Electronic inter-Enterprise Collaboration with respect to internal

control are discussed.

In this following chapter the third and final research question of this paper will be answered: What can

be the effects of using Electronic Inter-Enterprise Collaboration (EIEC) on audit risk? The effects of EIEC

on audit risk related to the acquisition and payment cycle will be discussed.

4.2 Effects on Audit risk components.

As introduced in chapter 2 audit risk is the risk that the financial statement may be materially misstated

after the audit is completed and an unqualified opinion has been issued. Audit risk can be divided in the

components inherent risk, detection risk and control risk (Arens, 2013).

Inherent risk

The acquisition and payment cycle consists of three types of transaction (Arens, 2013) :

The acquisitions of goods and services. Cash disbursements. Purchase returns and allowances and purchase discounts

The completion and review of paperwork involved in this transaction require a huge workload. In many

cases the paper-based acquisition transaction-processing costs can even exceed the cost of the good

itself (Palmer, 1994). From this perspective the emergence of Electronic Inter-Enterprise Collaboration

(EIEC) as an improving transaction-processing efficiency within the acquisition cycle comes as no

surprise.

However Electronic Inter-Enterprise Collaboration has three important implications on the inherent

audit risk.

The first effect is the increased amount of shared data between enterprises. These results inincreased load of used data which will need more analytical software to audit the content and

the transactions.


11/15

page 11

The second effect is the transition of the traditional purchase process, which typically consistedof requisitions, purchase orders (POs), invoices, and receiving documentation into a process

involving electronic data interchange (EDI), bank card technology or e-procurement

software(OLeary, 2000). This also changes the way in which the audit trail is used. Audited IT-

systems provide more reliable evidence.

The third and most important effect by the adoption of EIEC is the convergence of differentprocesses within the acquisition cycle, such as the process to make payroll, reimburse travel, or

acquire inventory, supplies, or capital assets, into one electronic procurement process.(Palmer,

2011) This makes deviations from the standard process also more apparent.

Control risk

Almost all recent developments in technology in the acquisition cycle attempt to strengthen theefficiency of the process while expanding the information payload associated with the transaction to

support greater internal control over spending. Improved internal control will lead to a decreased

control risk. Control, in this context, has several meanings:

The enterprise wants to ensure that the purchase transaction are compliant with regulatoryrequirements and are not fraudulent. So one important aspect of compliance is a focus on the

need to collect data about the purchase transactions for tax and regulatory purposes.

The enterprise wants to ensure that the procurement process directs the employee to suppliersthat provide goods and services at the best available terms and to make sure that the right

approvals and authorizations are in place. Stated in the negative, organizations want to stop

purchase activity that is (1) without appropriate approval, (2) from undesirable vendors, (3) for

personal purposes, and (4) without adequate transactional data to support organizational

analyses and completion of tax and regulatory reports. (Palmer, 2011)

As a result of this development auditors can rely more on the internal control of the clients. So as aneffect control risk is therefore significantly decreased.


12/15

page 12

Detection risk

The detection risk is the risk that audit evidence gathered will fail to detect misstatements exceeding

tolerable misstatements (Arens, 2013). The digitalization of the transactions and automation of the

documentation of acquisition and payment processes does not change the audit process itself butmainly the amount of audited data and demanded time in which the audit should be completed.

Therefore the collection of audit evidence additional analytical software tools can be used to respond to

this need. Overall detection risk will therefore decrease.

A specific audit risk related to the Electronic Inter-Enterprise Collaboration in the audit process is the

verification of accounts and transactions. Electronic signatures can be used to verify. Electronic

signatures can take various forms and can be created by using noncryptographic security techniques or

cryptographic techniques. However these security measures have their technical limitations (Emond &

Lavigne, 2002).

This part of this paper discussed the effects of Electronic Inter-Enterprise Collaboration on audit risk.

Audit risk was separated into inherent risk, control risk and detection risk. The effect on inherent risk

results from a convergence of different processes into one main electronic process. As a result audit

focuses more on exceptions. The effect on control risk is an increased reliance on internal controls which

decreases control risk. The effect on detection risk is more extensive approach using analytical software

but also an addition risk in verifying accounts.


13/15

page 13

5. Conclusion

As stated in the introduction the research question was; does the Electronic Inter-Enterprise

Collaboration affect the audit risk?'

Before answering this question the term EIEC was defined. This system also has some advantages and

disadvantages for both the company and its internal control. The chapter also stated which component

of the audit risk would be affected by the implementation of EIEC.

One of the big disadvantages is the lack of experienced personnel to operate this system.

As a counterpart of this disadvantage there is a advantage that because of the implementation of this

system, the information will be more reliable due reduced human errors and less fraudulent behavior.

This will result in a higher efficiency of information for decision making. This will increase the

competitive advantage.

So we can conclude that the implementation of EIEC will reduce the audit risk, given that the inherent

risk and the control risk are not changed after the implementation of EIEC.


14/15

page 14

References

Articles:

Avison, D. and Fitzgerald, G. (2003). Information systems development: methodologies, techniques and

tools (3rd edition), Maidenhead, UK, McGraw Hill, 608pp.

Emond, C & Lavigne, A. 2002. Going electronic. CA Magazine(7): p. 4755.

Erffmeyer, R. C. and Johnson, D. A. (2001). An Exploratory Study of Sales Force Automation Practices:

Expectations and Realities.Journal of Personal Selling & Sales Management, 21 (2), 167-175.

Akkerman, H.A. Bogerd, P. Yucesan, E. van Wassenhove, L.N. (2003). The impact of ERP on supply chain

management Exploratory findings from a European Delphi study, European Journal of Operational

Research, 146 (2) pp. 284301.

Gunasekaran,A.& Ngai,E.W.T (2004). Information systems in supply chain integration and

management,European Journal of Operational Research,Volume 159, Issue 2,Pages 269295.

Golden, W. Powell, P.(1999). Exploring inter-organisational systems and flexibility in Ireland A case of

two value chains,International Journal of Agile Management Systems, 1 (3) pp. 169184.

Hau L. Lee, Seungjin Whang, (2004). Information sharing in a supply chain,

International Journal of Manufacturing Technology and Management,Volume 1, Number 1/2000, Pages

79-93.

Health Industry today (1999) Separating e-business and e-commerce necessary to successfully compete

on the Net says HEDIC, Health Industry today, vol. 62 No.12, pp5-7.

Johnstone, K.M. (2000) ClientAcceptance Decisions: Simultaneous Effects of Client Business Risk, AuditRisk, Auditor Business Risk, and Risk Adaptation.AUDITING: A Journal of Practice & Theory: March 2000,

Vol. 19, No. 1, pp. 1-25.

Malhotra, A., Gosain, S., & El Sawy, O. A. (2007). Leveraging Standard Electronic Business Interfaces to

Enable Adaptive Supply Chain Partnerships. Information System Research , 18 (3), 260-279.

Maletta M, (2010), An Examination of Auditors' Decisions to Use Internal Auditors as Assistants: The

Effect of Inherent Risk. Contemporary Accounting Research Volume 9, Issue 2, pages 508525.

OLeary, D. E. (2000). Supply chain processes and relationships for electronic commerce. Handbook on

Electronic Commerce, edited by M. Shaw, R. Blanning, T. Strader, and A. Whinston, 431444.

Palmer, R. (1994). Reengineering payables at ITT Automotive. Management Accounting 76(1): 3842.

Palmer, R. & Gupta, M. (2011). Technology-Driven Convergence of Business Processes in the Acquisition

Cycle: Implications for Accountants and Educators.Journal of emerging technologies in accounting(8):

65-87.
http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/journal/03772217http://www.sciencedirect.com/science/journal/03772217http://www.sciencedirect.com/science/journal/03772217http://www.sciencedirect.com/science/journal/03772217/159/2http://inderscience.metapress.com/content/6d7a32jqr8vf706j/http://inderscience.metapress.com/content/110878/?p=469ff153ab7944ca91f42d25f6e140fd&pi=0http://inderscience.metapress.com/content/110878/?p=469ff153ab7944ca91f42d25f6e140fd&pi=0http://inderscience.metapress.com/content/110878/?p=469ff153ab7944ca91f42d25f6e140fd&pi=0http://inderscience.metapress.com/content/110878/?p=469ff153ab7944ca91f42d25f6e140fd&pi=0http://inderscience.metapress.com/content/110878/?p=469ff153ab7944ca91f42d25f6e140fd&pi=0http://inderscience.metapress.com/content/6d7a32jqr8vf706j/http://www.sciencedirect.com/science/journal/03772217/159/2http://www.sciencedirect.com/science/journal/03772217http://www.sciencedirect.com/science/article/pii/S0377221703005186http://www.sciencedirect.com/science/article/pii/S0377221703005186


15/15