In the information age, in order to improve operational efficiency, many companies are using ERP systems. Through the use of computer-aided technology, ERP systems for enterprise production, supply, sell all the production process for dynamic monitoring, integrated financial, asset, production, supply, sales and other functional modules, standardized internal control system. At the same time, ERP system, extensive use of the audit gave brings new risks.
First, the business risks inherent in ERP systems. As the ERP system based on Internet technology to share information, which there is infection or electronic data transmission errors, and many other risks.
Second, ERP systems to expand the enterprise to control risk. Traditional management methods, the division of responsibilities between officers of different positions by the effective mutual supervision. In the ERP system, the division of responsibilities by giving different people different rights to be realized, and the way vulnerable to intentional or unintentional disclosure of access code and the loss of effectiveness, thus increasing the internal control risk. In addition, the information technology environment, companies of potential fraud risk can not be ignored. Reported excellent results with 200 years of British Barings Bank, it is because there is computer fraud and plunged into bankruptcy. The bank employees Sen, the use of computerized accounting systems set up false accounts of fraud and corruption, the 800 million Barings Bank suffered huge losses of £ 6,000.
Third, the ERP system to expand the audit detection risk. First, ERP environment, the environmental changes faced by the audit, the audit scope. ERP system, through production, supply, marketing and other functions of each module integration, the financial module of the data base by the data service module automatically generated. The traditional audit approach relies heavily on financial data, this time, if you do not expand the scope of the audit will result in significant blind spots, increase the risk of audit checks. Second, ERP changes in the audit trail system. Traditionally, the financial audit work under the "original certificate - breakdown (journal) - General Ledger - Reports," the order of two-way query. Through a wide range of comparison, to verify the audit trail to look for. And ERP environment, business accounting methods in the initial setting has already been set in accordance with relevant provisions, firm-specific accounting treatment of the basic accuracy and compliance no big problem, if want to look for flaws, then the audit efficiency and effectiveness will be affected.
Fourth, the ERP environment, the audit to obtain "first-hand data" difficult. Currently, domestic enterprises widely used ERP systems management software with SAP, Oracle, UF, wave and so on. In the data environment, the existing AO audit software is difficult to obtain data interface, data import, there are significant difficulties.
Although both the ERP system itself or its operation there is a huge risk, but the ERP system to improve business efficiency and improve the internal control environment or the positive role played can not be ignored, on the whole outweigh the costs. Therefore, the face of enterprise ERP environment a number of risks, the audit should be to face, not escape.
First, to strengthen the understanding of internal control and review of the balance of strength. In the investigation stage with the corporate management of the competent authorities to communicate, understand the ERP business success of the project is really on the line, in the ERP system implementation difficulties exist, the enterprise is how to deal with, and control risk by asking that point. In the audit field, to strengthen the verification of assets and liabilities of enterprises efforts to compensate for the lack of knowledge may exist in the system arising from the audit risk. As some business operators to improve sales of the year, the system operator may be asked to input sales orders in advance, while sales in inventory management system for shipping, logistics and ERP systems in the coming year in the financial system or directly by modifying, deleting to red account. At this point, auditors can export directly in the ERP system history / current inventory query and reporting, by the number of physical inventory data with the ERP system, compare, analyze to see the company's accounts and compliance.
The second is from the macro-policy assessment of the effectiveness of business decisions and their implementation. ERP system will be implemented corporate finance from the tedious day to day accounting operations freed, as they are engaged in providing financial management more time. This change also contributed to the oversight of auditors to determine the business focus from the correctness of specific aspects of the business approach to the assessment of the transfer of the effectiveness of business decisions and their implementation up.
Third, efforts to develop with the enterprise ERP environment to adapt to computer audit software. At present, although some audit software come out, but strictly speaking, no better matched with the ERP environment. One obstacle is the existing accounting software does not provide a standard data interface or data structure does not open, resulting in the unit audited data can not be fast through the interface into the audit system. To this end, according to different information systems developed for different computer platforms and operating environment of the computer audit software, especially database mining, in order to access Beishendanwei different types of databases, from which the raw data collected for the audit, improve the efficiency of computerized audit.
Fourth, to strengthen the audit team, and actively develop both financial, auditing and computer capabilities of the compound, and many other talents. First, the auditor should supervise their own learning, update and broaden their knowledge and continuously improve their quality. Meanwhile, authorities have to provide a regular computer audit, information systems, networks and other aspects of training courses for auditors to create conditions for updating the knowledge structure.
Fifth, strengthen the environment of computer audit auditing standards of research and improvement. On the one hand, the introduction of new auditing standards system, conforms to China's market economy development and the objective needs of economic globalization, to adapt to our information systems, e-commerce development. On the other hand, with the development of information systems, practice audit will continue to change, new problems will emerge, some of auditing standards in the imperfections will be highlighted.
The audit, the ERP system as a critical friend, a way to force it to close to urging changes in auditors audit of thinking, to improve the audit tool. In this environment, the auditor only continue to enhance learning and innovation audit, in order to keep up the pace in order to effectively play the role of supervision and services.
没有评论:
发表评论