Add to collection(s) Add to saved
  1. Business
  2. Accounting

The Impact of Client Information Technology Strategy on Audit Firm

advertisement 
The Impact of Client Information Technology Strategy
on Audit Firm Technology Usage and Perceived Importance
*Diane Janvrin
Assistant Professor
Department of Accounting
College of Business
Iowa State University
Ames IA 50011-1350
Phone: 515 294 9450
Fax: 515 294 3525
djanvrin@iastate.edu
James Bierstaker
Associate Professor
Department of Accountancy
College of Commerce and Finance
Villanova University
Villanova PA 19085-1678
james.bierstaker@villanova.edu
D. Jordan Lowe
Associate Professor
School of Management
Arizona State University West
4701 West Thunderbird Road, MC 2451
Phoenix AZ 85069-7100
jordan.lowe@asu.edu
March 8, 2016
*Corresponding author
We appreciate the helpful comments of Joseph Brazel, Julie Smith David, Julie Anne Dilley, Gary
Hackbarth, Frank Hodge, Cynthia Jeffrey, Eric Johnson, Brian Mennecke, Ed O’Donnell, Kurt Pany, G.
Premkumar, and Tony Townsend. Finally, we gratefully acknowledge the assistance of Krissy Gronborg,
Omar Torren, Pat Wagaman, Katie Wallace, the AICPA, and the study participants.
saved 3/8/2016 8:29 PM
The Impact of Client Information Technology Strategy
on Audit Firm Technology Usage and Perceived Importance
SUMMARY
Although information technology (IT) has significantly changed the audit process, few
studies have examined factors influencing why public accounting firms adopt IT. Economics and
information systems research suggests that both factors controllable by the firm and those
beyond the firm’s control (i.e., production externalities) impact IT adoption. While empirical
information systems research has been able to consistently document controllable factors that
drive IT adoption, little research has focused on externalities. Given the unique relationship
between accounting firms and their clients, we examine whether two externalities related to
client IT strategy, innovation and IT complexity, impact audit firm IT usage and perceived
importance. We also consider the impact of several auditor factors, such as firm size, firm
innovation, audit approach, IT expertise, and financial audit experience, on IT usage and
importance.
Results of a field-based questionnaire completed by 140 auditors from Big 4, national,
regional and local firms indicate that innovation and IT complexity (client-related factors) as
well as firm size (an auditor-related factor), is associated with audit firm IT usage and perceived
importance. These results should be of interest to: (1) researchers considering how IT may
influence audit judgment and decision-making, (2) standard setters encouraging audit firms to
adopt IT, and (3) practitioners responsible for responding to client IT strategies and audit
standards with appropriate IT investments.
Keywords: technology adoption; externality; client innovation; client IT complexity; firm size.
Data Availability: Data used in this study are available from the authors on request.
saved 3/8/2016 8:29 PM
The Impact of Client Information Technology Strategy
on Audit Firm Technology Usage and Perceived Importance
INTRODUCTION
While the use of information technology (IT)1 in the business world has grown
exponentially in the past two decades, few studies have examined factors influencing why public
accounting firms adopt IT (Fischer 1996; Banker et al. 2002). Information systems research
suggests that both factors controllable by the firm and those beyond the firm’s control (i.e.,
externalities) impact IT adoption (Clemons 1991; Iacovou et al. 1995; Premkumar and Roberts
1999). Several information systems studies find links between controllable internal factors, such
as organizational resources, organizational goals, and personnel skills, and IT adoption (Moore
and Benbasat 1991, 1996; Hitt and Brynjolfsson 1997; Manson et al. 1997: Venkatesh et al.
2003). However, little empirical evidence (either in information systems or accounting research)
exists to support the argument that externalities influence IT adoption (Kauffman et al. 2000).
The unique on-going relationship between public accounting firms and their clients, and
the new audit emphasis on client business risk suggests that externalities related to client IT
strategy2 may impact firm IT adoption. Research indicates that the average Big 4 client has had
its current auditor for at least six years (Sinason et al. 2001). Given rapid advances in IT, it is
almost inevitable that some clients will adopt major IT strategy changes. Changes in IT strategies
impact a recently emphasized auditor concern—client business risk (Bell et al. 1997; Johnstone
2000; Chang and Hwang 2003; Sutton and Hampton 2003). Client business risk refers to the risk
that a client’s economic condition will deteriorate over time (either short- or long-term), to such
Information technology refers to “the automated means of originating, processing, storing, and communicating
information, and includes recording devices, communication systems, computer systems (including hardware and
software components and data), and other electronic devices” (AICPA 2001, AU 319.02).
1
2
IT strategy refers to aligning IT and business strategies such that IT strategies both embrace current business
strategies and anticipate future business strategies (Chatterjee et al. 2001, 44).
an extent that the client cannot achieve its earnings targets and/or fulfill its obligations on debt
covenants (Pratt and Stice 1994; Whittington and Pany 2004). Poorly planned and/or
implemented changes in IT strategies or IT strategies that do not match the client’s business
strategies may negatively impact the client’s economic condition to the extent that its financial
condition is questionable. Thus, at a minimum, auditors should understand and evaluate their
clients’ IT changes. This often involves acquiring and/or updating audit firm IT. We suggest that
when a client makes major IT strategy changes, the public accounting firm has two choices: (1)
make significant changes to its own IT to address this client business risk, or (2) drop the client
from their portfolio. Since prior research examining audit changes rarely lists inadequate auditor
IT as the reason for the change in auditors (Woo and Koh 2001; Hackenbrack and Hogan 2002),
we suspect that firms invest in IT.
This paper examines whether an externality such as client IT strategy impacts audit firm
IT usage and perceived importance. We use two constructs for client IT strategy—innovation
and IT complexity. We examine several types of audit firm IT including audit applications,
productivity tools, work paper review technology, and the use of IT specialists. We also consider
the impact of auditor-related factors, such as firm size, firm innovation, audit approach, IT
expertise, and financial audit experience, on audit firm IT usage and perceived importance.
Using a field-based questionnaire completed by 140 auditors from Big 4, national,
regional, and local firms, we find that client innovation, client IT complexity, and firm size are
associated with audit firm application usage and perceived importance. These findings are
important to researchers, standard setters, and practitioners. As noted earlier, little empirical
evidence exists documenting the influence of externalities on IT adoption (Kauffman et al.
2000). Our study provides a natural setting to examine this important audit/information systems
saved 3/8/2016 8:29 PM
2
research issue. Moreover, Solomon and Trotman (2003, 409) suggest that the audit profession is
“rapidly advancing in response to changes in its environment.” Environmental changes place
pressure on auditors to improve audit judgment and ultimately audit quality and effectiveness. To
understand audit judgment, researchers need to determine which decision tools (including IT)
auditors are using since researchers and practitioners argue that decision tools may improve audit
quality and effectiveness (Bonner 1999; Winogard et al. 2000; Manson et al. 2001; Bell et al.
2002; Wright 2002). However, few studies examine actual audit firm IT usage or factors that
influence audit firm IT usage (Fischer 1996; Arnold and Sutton 1998).
Further, several researchers and regulators have raised concerns about the ability of small
audit firms to compete in today’s environment (Manson et al. 1998; POB 2000; GAO 2003). For
example, the Panel on Audit Effectiveness (POB) recently suggested that the American Institute
of Certified Public Accountants (AICPA) develop tools to enhance the effectiveness of small
firm client acceptance processes (POB 2000, 18). In addition, regulators are currently studying
barriers to entry within the public accounting industry (GAO 2003). The extent to which
externalities exist impacts the amount of capital needed to enter and be successful in the public
accounting industry. The presence of IT externalities may be a significant barrier to entry.
Finally, recent standards encourage auditors to adopt IT (AICPA 2001, 2002a, 2002b,
2002c). Our work provides standard setters with information on the extent to which audit firms
have adopted IT. In addition, practitioners may be able to use our results as a benchmark when
evaluating their IT adoption efforts. The remainder of the paper is organized as follows. In the
next section we provide relevant literature and develop research questions. Next, we discuss the
methodology and present the results of our study. Finally, we discuss the results and offer
important implications for future research.
saved 3/8/2016 8:29 PM
3
LITERATURE REVIEW AND RESEARCH QUESTION DEVELOPMENT
IT has significantly impacted the audit profession in the past two decades in several
ways. First, firms are increasingly using electronic workpapers to facilitate documentation
(Winograd et al. 2000; Shumute and Brooks 2001; PricewaterhouseCoopers 2003). Second, large
firms are developing computerized decision aids to assist them in going concern decisions, client
acceptance issues, analytical procedures, etc. (Bell and Carcello 2000; Bell et al. 2002;
O’Donnell and Schultz 2003). Third, even small audit firms have been encouraged to adopt IT
(Fischer and McAllister 1993; POB 2000; McCausland 2004) since researchers suggest that IT
will enhance audit quality and efficiency (Fischer 1996; Wright 2002). Fourth, IT impacts the
behavior and attitudes of individuals working in the firm, and the structure and processes in the
firm (Coombs et al. 1992). For example, IT usage could reduce time auditors spend performing
computational and/or clerical tasks and improve the quality of audit judgments by structuring
audit decision processes (Manson et al. 1998). Finally, several recent audit standards codify the
increased role for IT in audit practice (AICPA 2001, 2002a, 2002b, 2002c, 2004).
Despite the impact of IT on the audit profession and calls by prior research (i.e., Bailey et
al. 1988), few studies have examined either (1) the degree to which auditors use IT or (2) factors
driving audit firm IT adoption (Arnold and Sutton 1998; Liang et al. 2001). Two exceptions are
directly relevant to our research. Fischer (1996) used an interpretive field study to explore how
IT produces efficiencies for several Big 4 firms. He cautions that IT does not directly enhance
audit efficiency; instead, the benefits of IT occur when auditors concurrently reduce or eliminate
audit procedures that were performed in the past (Fischer 1996). Banker et al. (2002) examines
the impact of IT (i.e., an audit software and knowledge sharing system) on the productivity of
one large international audit firm. Comparing the firm production function before and after IT
saved 3/8/2016 8:29 PM
4
implementation, they find significant productivity gains that they attribute to the introduction of
IT.
As proposed in economics and information systems research, both controllable (i.e.,
organizational factors, organizational goals, and personnel skills) and uncontrollable factors
drive firm IT adoption (Clemons 1991; Moore and Benbasat 1991, 1996; Shapiro and Varian
1991; Iacovou et al. 1995; Hitt and Brynjolfsson 1997; Manson et al. 1997; Premkumar and
Roberts 1999; Venkatesh et al. 2003). We examine one uncontrollable factor, production
externalities. Production externalities are situations where the production function of a firm is
affected directly by the actions of another agent (Varian 1984, 260). In our research setting, the
audit firm production function is directly affected by the actions of the client. For example,
changes in client business risk (i.e., the client implements new IT strategies) directly impact the
audit firm’s production function. An audit firm can control its level of client business risk by not
accepting risky clients; however, once the firm accepts the client, client IT issues impact the
firm’s production function including its IT investments. Thus, when an accepted client adopts a
new IT strategy, the audit firm must either make significant changes to its own IT to address the
new IT issues, or consider dropping the client. Research indicates that auditor changes are
seldom due to the lack of audit firm IT resources (Woo and Koh 2001; Hackenbrack and Hogan
2002). Thus, we suggest that firms make changes to their IT rather than drop their clients. Audit
firms also may need to update their own IT if they choose to accept new clients with complex IT.
Research Questions
Audit Firm IT Usage and Perceived Importance
To identify current IT usage, our first research question explores the IT that audit firms
use when they examine clients with highly computerized transaction and financial reporting
saved 3/8/2016 8:29 PM
5
systems. In addition, we examine the perceived importance auditors assign to IT. Specifically,
we ask:
RQ1a: What IT is used to audit clients with highly computerized transaction and
financial reporting systems?
RQ1b: Do auditors assign similar importance to each IT used to audit clients with
highly computerized transaction and financial reporting systems?
Impact of Client IT Strategies on Audit Firm IT Adoption
Clients often adopt IT to meet strategic considerations (Pappas 1984; Zhu and Weyant
2003). Strategic IT alignment provides many benefits to clients and potential challenges to
auditors (Kearns and Lederer 2003). Given auditors’ responsibility to assure that their client’s
financial statements adequately reflect the underlying activity of the firm, changes in client IT
strategies impact client business risk and ultimately audit firm IT adoption. For example,
suppose a financial service client adopts innovative on-line banking technology to align with its
business growth strategy. To adequately evaluate this client’s financial statements, the auditor
may need to adopt new IT related to transaction monitoring, fraud review, internal control
evaluation, risk assessment, and/or sampling. While quantifying client IT strategies is a difficult
process, proxies are available that reflect these strategies (Chatterjee et al. 2001; Kim and
Sanders 2002; Kearns and Lederer 2003). Based on prior research we use two such metrics—
client innovation and IT complexity.
Client innovation. Generically, innovations refer to “any idea, practice or object that is
perceived as new by the adoptor” (Premkumar and Roberts 1995, 468). In the context of IT
adoption, innovative entities may adopt IT to meet various objectives including obtaining a
competitive advantage, increasing compatibility with current IT, and/or gaining a business
strategic advantage (Truman et al. 2003). Researchers suggest that innovative entities are more
saved 3/8/2016 8:29 PM
6
likely to adopt IT to meet strategic considerations (Zhu and Weyant 2003). Due to the unique
externality relationship described earlier, we expect that audit firms with innovative clients are
more likely to use and assign higher importance to IT. Specifically, we explore:
RQ2a: Are auditors more likely to use IT if they typically audit innovative rather than
non-innovative clients?
RQ2b: Are auditors more likely to assign higher importance to IT if they typically audit
innovative rather than non-innovative clients?
Client IT complexity. Another proxy for client IT strategy is IT complexity. IT can refer
to the existence of a variety of computers, operating systems, and applications (Chau and Tam
1997). In general, successful IT strategies require fairly complex IT. To adequately audit clients
with complex IT, auditors often must invest in updating their own IT. Specifically, we ask:
RQ3a: Are auditors more likely to use IT if they typically audit clients with complex
IT?
RQ3b: Are auditors more likely to assign higher importance to IT if they typically
audit clients with complex IT?
Impact of Auditor Factors on IT Usage and Perceived Importance
Prior research suggests that auditor-related factors, such as firm size, firm innovation,
audit approach, auditor IT expertise, and financial audit experience, may also impact audit firm
IT usage and perceived importance. While not providing specific research questions, we describe
our expectations regarding these factors:
Firm size. MIS research indicates that IT adoption is driven by the availability of firm
resources (Riemenschneider et al. 2000). Audit research often uses firm size to proxy for firm
resources (e.g., Palmrose 1986). Firm size varies greatly within the audit profession, from local
one-office firms to international Big 4 firms (Brierley and Gwilliam 2001). Prior research finds
that auditor IT usage is more extensive in Big 4 firms as compared to smaller firms (Manson et
saved 3/8/2016 8:29 PM
7
al. 1997; Ho et al. 2002). Several researchers and regulators have raised concerns about the
ability of smaller firms to deliver effective and efficient audits with limited resources (Manson et
al. 1998; POB 2000). For instance, in their initiative to improve engagement risk assessment, the
Panel on Audit Effectiveness (POB) recently recommended that “the AICPA develop, or
promote the development of a technology-driven tool that small firms can use to enhance the
effectiveness of their client acceptance and continuance processes” (POB 2000, 18). Thus, we
expect that IT usage and perceived importance will be positively associated with firm size.
Firm innovation. MIS research indicates that organization goals impact IT adoption
(Chatterjee et al. 2001). That is, innovative organizations are more likely to adopt IT (Moore and
Benebasat 1991). Audit firms vary in their emphasis on innovation. We propose that IT usage
and perceived importance will be greater for innovative audit firms than for non-innovative
firms.
Audit approach. Several audit firms have recently adopted a risk-based audit approach
(Bell et al. 1997; Winograd et al. 2000; Weil 2004). This approach involves incorporating client
business strategy into audit planning and scope decisions (Bell et al. 1997). Auditors using the
risk-based audit approach often use IT to carry out routine audit procedures so that they can
concentrate on judgmental and high risk areas of the audit (Winograd et al. 2000; Manson et al.
2001). Thus, we expect that IT usage and perceived importance will be higher for firms using a
risk-based audit approach.
IT expertise. Another factor that may drive user acceptance of technology is IT expertise
(Venkatesh et al. 2003). The greater the IT expertise an auditor possesses, the more likely he or
she will adopt IT and view it as important. Thus, we expect audit firm IT usage and perceived
importance to be positively associated with IT expertise.
saved 3/8/2016 8:29 PM
8
Financial audit experience. The impact of financial audit experience on IT usage is
difficult to predict. Research indicates that financial audit experience influences auditor
knowledge structures and computer auditor’s reliance on internal controls (Viator and Curtis
1998; Curtis and Viator 2000). However, the impact of financial audit experience on IT usage is
unknown. In addition, more experienced auditors tend to be older and MIS research suggests that
older workers are less likely to adopt IT (Morris and Venkatesh 2000). Thus, it is difficult to
form an expectation related to audit experience and IT usage or perceived importance.
METHOD
Participants
Participants included a total of 140 auditors from Big 4, national, regional, and local
firms. Responses were collected from two sources. One author attended an AICPA training
seminar to obtain responses from 109 auditors. Fifteen of the respondents were from national
firms, 26 were from regional firms, and 65 from local CPA firms.3 We also contacted local
offices of each Big 4 firm. From these Big 4 offices, we were able to collect data from 31
auditors.
As shown in Table 1, respondents averaged 13.7 years of experience and their average
age was 37.9 years. The highest education level for a significant majority (82.7 percent) was a
bachelor’s degree. Many of the respondents (87.1 percent) held CPA certificates. The majority of
the respondents (71.0 percent) were male. Participants varied in IT expertise with 68.3 percent
indicating intermediate IT expertise, 17.3 percent were novice IT expertise and 14.4 percent
stated that they were IT experts.4
3
Three participants did not provide their firm size designation.
Prior research indicates that IT usage varies by gender and age (Morris and Venkatesh 2000; Venkatesh and Morris
2000). For example, men tend to adopt IT more often when they perceive it to be useful to their jobs. In contrast,
perceptions of ease of use and subjective norms are more likely to drive women’s IT adoption (Venkatesh and
4
saved 3/8/2016 8:29 PM
9
[INSERT TABLE 1 HERE]
Instrument Development and Validation
Types of Audit Firm IT
To obtain credible evidence on audit firm IT use and perceived importance, we designed
our case instrument to elicit a wide variety of audit firm IT types. Following prior research, we
adopt a relatively broad definition that suggests that audit firm IT refers to “the auditor’s tool kit”
(Elliott and Jacobson 1987, 198; Fischer 1996, 220). Elliott and Jacobson (1987) argue, “A tool
may be thought of as anything that enhances an individual’s capacity to perform a task. Audit
firm IT consists of all the things designed to enhance the auditor’s capacity to perform an audit
task” (1987, 198). We propose that audit firm IT encompasses audit applications, productivity
tools, work paper review technology, and the use of IT specialists.
Audit applications. We reviewed prior literature and held discussions with both
practitioners and researchers to identify possible audit applications (i.e., software designed to
assist auditors in completing one or more tasks).
We elicited responses for twenty audit
applications shown in Table 2. These applications range from those that have been examined by
prior researchers (e.g. analytical review (Knechel 1988), internal control evaluation (Bailey et al.
1985), and sampling tasks (Kachelmeier and Messier 1990)) to relatively recent applications
such as those developed to assist with audit tasks (e.g., fraud review (Bell and Carcello 2000),
testing on-line transactions (Kogan et al. 1999; Rezaee et al. 2001; Wright 2002)) and
administrative/practice management tasks (e.g. client relationship management (Bauman et al.
2002), knowledge management (O’Leary 2002)).
Morris 2000). Younger workers are more influenced by attitude toward using technology whereas older workers are
more strongly influenced by subjective norms and perceived behavioral control (Morris and Venkatesh 2000). We
included gender and age variables in the OLS regressions discussed later in the paper and found no significant
differences in gender and age for each IT usage and perceived importance dependent variable.
saved 3/8/2016 8:29 PM
10
[INSERT TABLE 2 HERE ]
IT productivity tools. IT tools such as cell phones, email, instant messaging, personal
digital assistants, etc. are intended to increase personnel productivity (Carlson et al. 1999;
Manson et al. 2001; Elliott 2002; Montana 2004) (See Table 3). Their use has grown rapidly in
the past decade (Manson et al. 2001). Increasing personnel productivity often increases product
quality and efficiency (Hunton 2002). Thus, we examine (1) the extent to which audit firms use
personal productivity tools and (2) whether client IT strategies are associated with personal
productivity tools usage.
[INSERT TABLE 3 HERE]
Workpaper review methodology. Several recent studies examine the audit workpaper
review process (Rich et al. 1997; Sprinkle and Tubbs 1998; Bamber and Ramsey 2000). IT is
changing how auditors perform workpaper reviews. For example, Brazel et al. (2004) examines
the impact of using electronic review (i.e., the preparer forwards workpapers electronically to the
reviewer, and the reviewer examines the file online and sends his/her comments back
electronically) versus a traditional face-to-face meeting. They suggest that auditors may have
reduced feelings of accountability, and perform their work less thoroughly, when electronic
review is used. Other newer workpaper review methods include use of telephone conversations,
voicemail, and remote connectivity. The extent to which auditors use various workpaper review
methods is an empirical question (Hunton 2002). In addition, we explore if workpaper review
methods are related to client IT strategies. Table 4 lists the different workpaper review methods
examined.
[INSERT TABLE 4 HERE]
saved 3/8/2016 8:29 PM
11
Use of IT specialist. IT specialists are individuals within an audit firm who have detailed
knowledge in computer auditing, including the ability to implement sophisticated computer audit
approaches (Rittenberg and Schwieger 2003, 347). Recent audit standards encourage the use of
IT specialists when: (1) the client’s business is driven by complex systems and IT controls, (2)
the client makes significant changes (including replacement) to its IT systems, (3) the client
shares data extensively between systems, (4) the client participates in electronic commerce, (5)
the client uses emerging technology, or (6) significant audit evidence is only available
electronically (AICPA 2004, AU 319.30). We expect that client IT complexity and client
innovation will impact when and how often auditors use IT specialists.
Pilot Testing
To increase construct validity (Cook and Campbell 1979), we conducted two rounds of
pilot testing. First, four researchers with significant audit and systems knowledge examined the
instrument. We then pilot tested the revised instrument with eight auditors from four firms (Big
4, national, regional and local) who had an average of 4.5 years of experience.
Independent Variables
Respondents provided information about client IT strategies (i.e., client innovation and
client IT complexity) and auditor factors (i.e., firm size, firm innovation, audit approach, IT
expertise, and financial audit experience). Client innovation is measured by asking respondents
to indicate the extent they agree (from 1 = “strongly disagree” to 7 = “strongly agree”) with the
following statement, “My clients are generally innovative with respect to adopting information
technology”. Responses were split at the median resulting in two groups—low and high client
innovation. Similarly, for client IT complexity, respondents indicated the extent they agree with
saved 3/8/2016 8:29 PM
12
the statement, “My clients generally use complex information technology”. Client IT complexity
responses were split at the median resulting in two groups— low and high client IT complexity.5
Firm size is measured as a categorical variable with four categories: Big 4, national,
regional, and local. Firm innovation is measured by asking respondents to indicate the extent
they agree (from 1 = “strongly disagree” to 7 = “strongly agree”) with the following statement,
“With respect to information technology adoption, my firm is very innovative”. Firm innovation
responses were split at the median resulting in two groups—low and high firm innovation. For
audit approach, participants rated the extent they agree (1 = strongly disagree to 7 = strongly
agree) with the following statement, “Our firm uses a risk-based audit approach”. Median splits
resulted in two groups—low and high risk-based audit approaches. We adopted Hackbarth et al.
(2003)’s IT expertise measurement approach as participants rated their own experience with IT
into one of three categories, novice, intermediate, and expert. Consistent with prior usage (i.e.,
Mackay and Lamb 1991), we combined intermediate and experts into one group for data analysis
purposes. Finally, financial audit experience responses were divided into experienced and
inexperienced, based on the median of 13 years.
Dependent Variables
The impact of IT on audit firm performance is not directly observable (Banker et al.
2002, 209). Thus, researchers have taken several approaches to measure the benefits of IT. For
example, Banker et al. (2002) assumes that IT benefits a firm if the firm’s production function
after IT implementation is higher than before implementation. Other firm level measures include
comparing the performance of IT adopting firms with similar non-adopting firms (Banker et al.
1990). IT also impacts individual user’s performances. Individual level measures of the impact
of IT include usage, perceived usefulness, user acceptance and ease of use ratings (Davis 1989;
5
Results were qualitatively similar when these variables were run as continuous variables.
saved 3/8/2016 8:29 PM
13
Straub et al. 1995; Ragowsky et al. 1996; Ventakesh et al. 2003). We measure the impact of IT at
the individual level.
Two individual level dependent variables were utilized. For each audit application and
productivity tool, respondents indicated (1) the extent of usage on a typical audit, and (2) the
perceived importance for a typical audit. Several MIS studies use “extent of usage” to represent
the IT usage theoretical construct (Straub et al. 1995; Venkatesh et al. 2003). Instead of using the
information systems perceived usefulness dependent variable (i.e., Davis 1989), we follow prior
auditing research and use perceived importance (Sprinkle and Tubbs 1998; Lowe and Reckers
2000; Apostolou et al. 2001). The degree of importance that an individual attaches to pieces of
information encountered while performing a task is influenced by the task objectives. Since the
general task involved here is constant across applications and tools (i.e., perform an effective and
efficient typical audit), our proxy measures differences in perceived importance between various
applications and tools (Sprinkle and Tubbs 1998, 477). The extent of usage dependent variable is
used to examine workpaper review methodology. Usage and extent of usage are used to examine
IT audit specialists.
RESULTS
Descriptive Statistics
RQ1a examines what IT is used to audit clients with highly computerized transaction and
financial reporting systems; RQ1b explores whether differences in perceived importance ratings
between various types of IT exists. We use descriptive statistics to examine these questions for
various types of IT.
saved 3/8/2016 8:29 PM
14
Use and Importance of Audit Applications
Descriptive statistics indicate that application usage and perceived importance varies
significantly (see Table 2). For example, respondents rated the extent of usage on a typical audit
significantly greater than the neutral point for five applications (analytical review/financial ratio
tools, audit report writing, electronic workpapers, internet search tools, and sampling). Similarly,
participants assigned importance ratings significantly greater than the neutral point to eight
applications (analytical review/financial ratio tools, audit planning software, audit report writing,
electronic workpapers, internal control evaluation, internet search tools, risk assessment, and
sampling).
Use and Importance of Productivity Tools
Descriptive statistics for productivity tool usage and perceived importance also vary
significantly as shown in Table 3. Participants rated the extent of usage on a typical audit
significantly greater than the neutral point for two tools (cell phones and e-mail). Similarly,
respondents assigned importance ratings significantly greater than the neutral point for cell
phones, e-mail, and remote network access.
Workpaper Review Method Used
The most common method of workpaper review, reported in Table 4, is face-to-face
(60.73 percent) followed by e-mail (25.70 percent). Therefore, given concerns about reduced
accountability for electronic review of workpapers (Brazel et al. 2004), it appears somewhat
reassuring that face-to-face reviews are still used in a majority of cases.
Use of IT Specialist
As shown in Table 4, the average frequency of using an IT specialist was 18.29 percent.
The extent of usage was also fairly low as the mean extent response was 2.25 on a scale
saved 3/8/2016 8:29 PM
15
anchored with 1 = “none” and 7 = “extensively”. These results are somewhat surprising, given
that respondents were asked to focus on a client with high IT complexity. These findings may
also raise concerns that auditors are reluctant to consult IT specialists because of concerns about
audit efficiency (Carmichael 2004, 132).
Regression Results
Research questions 2 and 3 are examined using the following OLS regression model:
Usage or Importancei = f (client innovation, client IT complexity, firm size, firm innovation,
audit approach, auditor IT expertise, and financial audit experience)
where: i = each audit firm IT.
These results should provide insight into the factors associated with differential usage and
perceived importance of audit firm IT. Given the exploratory nature of this study, results are
reported at a significance level of p  .10. Two-tail tests were used for auditor IT expertise since
we were unable to make a directional prediction for this factor.
Use of Audit Applications
Across the audit application regression models, the R2 varied significantly from 1 percent
to 29 percent.
Fifteen of twenty audit application usage models and sixteen of twenty
importance models were significant at p  .10. Overall, these significant models appear to have
substantial explanatory power. Client IT strategy (i.e., innovation and complexity) and auditorrelated factors are associated with application usage and perceived importance.
Results for audit application usage in typical audits appear in Table 5. Respondents with
innovative clients are more likely to use analytical review/financial ratio tools, audit planning
software, report writing applications, internal control evaluation applications, knowledge
management systems, sampling, and test of on-line transactions applications. Participants with
complex IT clients are more likely to use audit planning software, report writing applications,
saved 3/8/2016 8:29 PM
16
client acceptance applications, expert systems, fraud review applications, and sampling
applications. In addition, participants with complex IT clients are more likely to review client
financial disclosures on web sites.
[INSERT TABLE 5 HERE]
Two auditor-related factors, firm size and firm innovation, appear to impact audit firm IT
usage. Firm size results are mixed. Consistent with expectations, participants from Big 4 firms
are more likely to use electronic work papers, expert systems, internal control evaluation
applications, knowledge management systems, and on-line transaction testing. In addition,
national firm respondents are more apt to use client acceptance applications, electronic
workpapers, and internal control evaluation applications. Contrary to expectations, participants
from local firms are more likely to use analytical review/financial ratio tools, and respondents
from both local and regional firms are more likely to use report-writing applications.
Firm innovation results indicate that auditors from innovative firms are more likely to
adopt audit planning software, electronic workpapers, graphs, risk assessment, sampling and online transaction testing, consistent with expectations. No other auditor-related factor is
consistently statistically significant across IT usage regression models.
Importance of Audit Applications
Client innovation and IT complexity are also associated with application importance as
shown in Table 6. Respondents with more innovative clients are more likely to rate importance
as higher for analytical review/financial ratio tools, audit planning software, report writing
applications, client acceptance, data mining, digital analysis, expert systems, fraud review,
internal control evaluation, knowledge management systems, sampling, and on-line transaction
testing applications.
saved 3/8/2016 8:29 PM
17
[INSERT TABLE 6 HERE]
Client IT complexity also appears to influence auditors’ assignment of importance to IT
applications. Respondents with complex IT clients are more likely to rate importance higher for
reporting writing, client acceptance, data mining, database modeling, digital analysis, and expert
system applications. In addition, the participants with complex IT clients are more likely to
review their client’s financial disclosures on the web.
Four auditor-related factors, firm size, firm innovation, auditor experience, and auditor IT
expertise, may impact IT importance assignments. Firm size results are mixed. Consistent with
expectations, participants from national and Big 4 firms are more likely to assign higher
importance to internal control evaluation, risk assessment, sampling, and on-line transaction
testing applications. Moreover, respondents from Big 4 firms are also more likely to assign
higher importance to expert systems. However, contrary to expectations, respondents from local
and regional firms are more likely to assign higher importance to analytical review and reporting
writing applications.
Firm innovation results are also somewhat mixed. Participants from innovative firms are
more likely to assign higher importance to electronic workpapers, risk assessment, and on-line
transaction testing applications, consistent with expectations. However, participants from less
innovative firms are more likely to assign higher importance to digital analysis.
In addition, we found that participants with more audit experience are more likely to
assign higher importance to data mining, database modeling, digital analysis, and fraud review
applications. Finally, participants who perceive themselves as IT novices are more likely to
assign higher importance to audit planning and fraud review applications.
saved 3/8/2016 8:29 PM
18
Use and Importance of Productivity Tools
Regression models for productivity tool usage and perceived importance are shown in
Tables 7 and 8 respectfully. Across the productivity tool regression models, the R2 varied from 0
to 24 percent. The usage and importance models for three of the seven productivity tools
examined (i.e., instant messaging, personal digital assistants, and remote network access) had pvalues  0.10.
[INSERT TABLES 7 and 8 HERE]
Few client or firm factors are consistently significant within these six regression models.
For example, participants with complex IT clients were more likely to use and assign higher
importance to instant messaging (RQ3a, b). The influence of firm size varied. Respondents from
Big 4 firms are more likely to use and assign higher importance to remote network access
(consistent with expectations) whereas participants from local firms are more likely to use and
assign higher importance to personal digital assistants (contrary to expectations).
Workpaper Review Method Used
The R2 for regression models for workpaper review methods, shown in Table 9, vary
from 1 to 49 percent. Three of the four models are significant at p  0.10. Firm size appears to be
a significant factor in workpaper review method usage. Participants from Big 4 firms are more
likely to use e-mail and telephone review methods. While these methods may enhance audit
efficiency, there may also be concerns about diminished levels of accountability associated with
these methods (Brazel et al. 2004).
[INSERT TABLE 9 HERE]
saved 3/8/2016 8:29 PM
19
Use of IT Specialist
Both usage of IT specialist regression models are significant at p  0.10 (see Table 9).
Client factors do not appear to influence IT specialist usage; however, two auditor-related
factors, firm size and auditor IT expertise, appear to influence IT specialist usage. For example,
participants from Big 4 firms are more likely to use an IT specialist in the past year and describe
their usage as more extensive. Also, respondents lacking IT expertise also tend to use an IT
specialist more within the past year and describe their usage as more extensive.
CONCLUSIONS, IMPLICATIONS, AND FUTURE RESEARCH
The objective of this study is to examine how two client IT strategies, innovation and IT
complexity, impact audit firm IT usage and perceived importance. We also consider the impact
of certain auditor-related factors. Our results indicate that auditors examining complex IT and/or
innovative clients are more likely to use IT and rate its importance higher than auditors working
with less sophisticated IT clients. In addition, firm innovation appears to be related to IT usage
and perceived importance, although results are mixed. We also found that auditors from larger
firms are more likely to use and assign higher importance to IT. This is an important finding as
IT usage may be a significant barrier to entry within the public accounting industry. In fact, the
Public Oversight Board has suggested that the AICPA develop tools to help smaller firms with
client acceptance issues.
These results provide important insights into how auditors currently use IT for
researchers, standard setters, and practitioners and related research opportunities. An important
component of audit judgment research is obtaining a detailed understanding of the underlying
cognitive processes auditors employ and modeling auditor expertise in various task contexts
(Biggs et al. 1993; Bonner 1999). This process is often impacted by the IT auditors use (Messier
saved 3/8/2016 8:29 PM
20
1995; Bell et al. 2002; O’Donnell and Schultz 2003). We provide researchers with information
on general audit firm IT usage. Additional research examining which IT auditors typically use in
a given task may provide clues to exploring the influence of IT on auditors’ cognitive processes
and task performance (Abdolmohammadi and Usoff 2001).
Audit applications vary in complexity from simple or deterministic aids to decision
support systems to expert systems (Messier 1995, 215). Researchers often classify audit
applications by the complexity of the task (structured, semi-structured, and unstructured) and the
decision-making activities (information acquisition, information evaluation, action/choice)
required for that complexity (Abdolmohammadi 1987, 1999; Messier and Hansen 1987). For
parsimony, we did not ask participants to rate specific IT applications by complexity or to
indicate what decision-making activities each IT application is used in. Future research could
examine how complexity and/or decision making activities impacts audit IT usage.
Furthermore, prior IT usage research generally examines voluntary usage contexts.
Venkatesh et al. (2003, 13) caution that voluntary usage results may not generalize to mandatory
usage settings. For example, social influence constructs are generally higher in mandatory
settings than in voluntary settings (Venkatesh et al. 2003, 22). Our respondents did not identify
whether audit application and productivity tool usage was mandatory or voluntary. Discussions
with our pilot study participants indicated that voluntary nature of usage varied by individual
audit application and productivity tool.
Additional research could investigate whether our
findings differ in voluntary vs. mandatory usage settings.
This study also provides insights for standard setters in determining the extent of audit
firm IT adoption and more importantly whether firms are in compliance with current audit
standards. Recent standards have encouraged auditors to adopt IT. For instance, the Sarbanes-
saved 3/8/2016 8:29 PM
21
Oxley Act of 2002 tightened internal control and financial reporting requirements (Winters
2004). This has led practitioners to propose that audit firms adopt internal control documentation
IT (Winters 2004). Our results indicate that although auditors perceive internal control
evaluation IT as important, fewer than expected audit firms have adopted internal control
evaluation IT. Given internal control documentation IT to meet Sarbanes-Oxley requirements is
still evolving, future research could determine if audit firms plan to adopt internal control
documentation IT to address Sarbanes-Oxley concerns. In addition, standard setters have raised
concerns about the extent of communication between computer auditors and general auditors
(Carmichael 2004, 132). Our results suggest that these concerns may be well founded.
Our study extends earlier work by Manson et al. (1998) and allows practitioners to
benchmark their current IT practices to firms with similar (or different) size and innovation
characteristics. This information may be useful to practitioners as they consider how to allocate
financial resources over various types of IT investments, and the types of IT investments that
will help them to remain competitive with other firms.
Finally, our results should be interpreted in light of certain limitations. First, public
accounting firms in the United States employ our participants. Our results may not generalize to
non-U.S. auditors, or internal auditors without additional study (Manson et al. 1998). Second, we
acknowledge certain construct limitations. Due to data limitations, we asked auditors to selfreport the extent of their IT usage. To increase construct validity, a better proxy may be actual
system usage (Straub et al. 1995; Devaraj and Kohli 2003; Venkatesh et al. 2003). In addition,
our respondents self-reported firm innovation. A better proxy may be obtained in future research
by examining archival technology spending and/or interviews with firm leadership. Third, prior
research indicates that IT impacts organizational structure (Manson et al. 2001). For example,
saved 3/8/2016 8:29 PM
22
Manson et al. (2001, 118) suggests that e-mail enhances communication between audit staff and
allows close supervision from a distance. Due to data availability constraints, we measured the
impact of IT at the individual level. An interesting extension may be to examine the impact of IT
on organizational structure and policies (Murphy and Kerr 2004). Fourth, our study does not
explicitly examine the costs of IT. This research could be extended to examine IT costs,
particularly those related to training and staff learning (Manson et al. 1998). Finally, our study
examines auditor IT usage and importance perceptions. Prior research indicates that individuals
may over- or under-rely on IT, specifically IT used as decision aids (Bouwman 1996;
Whitecotton 1996; Arnold and Sutton 1998; Manson et al. 2001). Additional research is needed
before we can make any definitive conclusions on whether (or to what degree) auditors over
(under) rely on IT.
saved 3/8/2016 8:29 PM
23
REFERENCES
Abdolmohammadi, M.J. 1987. Decision support and expert systems in auditing: A review and
research directions. Accounting and Business Research (Spring): 173-185.
________.1999. A comprehensive taxonomy of audit task structure, professional rank and
decision aids for behavioral research. Behavioral Research in Accounting 11: 51-92.
________, and C.A. Usoff. 2001. The Assessment of Task Structure, Knowledge Base, and
Decision Aids for a Comprehensive Inventory of Audit Tasks. Westport, CT: Quorum
Books.
American Institute of Certified Public Accountants (AICPA). 2001. The Effect of Information
Technology on the Auditor’s Consideration of Internal Control in a Financial Statement
Audit. Statement of Auditing Standards No. 94. New York NY: AICPA.
________. 2002a. Audit Documentation. Statement of Auditing Standards No. 96. New York
NY: AICPA.
________. 2002b. Consideration of Fraud in Financial Statement Audit. Statement of Auditing
Standards No. 99. New York NY: AICPA.
________. 2002c. Interim Financial Information. Statement of Auditing Standards No. 100.
New York NY: AICPA.
_________, 2004. AICPA Professional Standards. New York NY: AICPA.
Apostolou, B.A., J.M. Hassell, S.A. Weber, and G.E. Sumners. 2001. The relative importance of
management fraud risk factors. Behavioral Research in Accounting 13: 1-24.
Arnold, V. and S. Sutton. 1998. The theory of technology dominance: Understanding the impact
of intelligent decision aids on decision maker’s judgments. Advances in Accounting
Behavioral Research 1: 175-194.
Bailey, A.D., Jr., G.L. Duke, J. Gerlach and C. Ko. 1985. TICOM and the analysis of internal
controls. The Accounting Review 60 (April): 186-202.
________, L.E. Graham, and J.V. Hansen. 1988. Technological development and edp. In A.R.
Abdel-khalik, and I. Solomon, Eds., Research Opportunities in Auditing: The Second
Decade, A.R. Abdel-khalik and I. Solomon (eds.). Sarasota FL: American Accounting
Association: 57-94.
Bamber, E.M., and R.J. Ramsey. 2000. The effects of specialization in audit workpaper review
on review efficiency and reviewers’ confidence. Auditing: A Journal of Practice &
Theory 19 (Fall): 147-157.
saved 3/8/2016 8:29 PM
24
Banker, R.D., R.J. Kauffman, and R.C. Morey. 1990. Measuring gains in operational efficiency
from information technology: A study of the Positran deployment at Hardee’s Inc.
Journal of Management Information Systems 7 (2): 29-54.
________, H. Chang, and Y. Kao. 2002. Impact of information technology on public accounting
firm productivity. Journal of Information Systems 16 2 (Fall): 209-222.
Bauman, C.C., J. Davis, and K. Hurtt. 2002. An analysis of the impact of technology on the tax
practice. Working paper, University of Wisconsin – Milwaukee and University of
Wisconsin Madison.
Bell, T.B., R. Marrs, I. Solomon, and H. Thomas. 1997. Auditing Organizations Through a
Strategic-Systems Lens. KPMG Peat Marwick LLP.
_______, and J.V. Carcello. 2000. A decision aid for assessing the likelihood of fraudulent
financial reporting. Auditing: A Journal of Practice & Theory 19 (Spring): 169-184.
_______, J.C. Bedard, K.M. Johnstone, and E.F. Smith. 2002. KriskSM: A computerized
decision aid for client acceptance and continuance risk assessment. Auditing: A Journal
of Practice & Theory 21 (September): 97-113.
Biggs, S., M. Selfridge, and G. Krupka. 1993. A computational model of auditor knowledge and
reasoning processes in the going-concern judgment. Auditing: A Journal of Practice and
Theory (Supplement): 82-99.
Bonner, S.E. 1999. Judgment and decision-making research in accounting. Accounting
Horizons 13 (December): 385-398.
Bouwman, M. J. 1996. Opportunities for behavioral research in AIS: The matter of expertise.
Advances in Accounting Information Systems 4: 255-278.
Brazel, J.F., C.P. Agoglia, and R.C. Hatfield. 2004. Electronic vs. face-to-face review: The
effects of alternative forms of review on audit preparer performance and accountability
perceptions. The Accounting Review (forthcoming).
Brierley, J.A., and D.R. Gwilliam. 2001. Human Resource Management Issues inAccounting and
Audit Firms A Research Perspective. Aldershot England: Ashgate.
Carlson, P.J., B.K. Kahn, and F. Rowe. 1999. Organizational impacts of new communication
technology: A comparison of cellular phone adoption in France and the United States.
Journal of Global Information Management 7 (September): 19-30.
Carmichael, D. R. 2004. The PCAOB and the social responsibility of the independent auditor.
Accounting Horizons (June): 127-133.
saved 3/8/2016 8:29 PM
25
Chang, C.J., and N. R. Hwang. 2003. The impact of retention incentives and client business risks
on auditors’ decisions involving aggressive reporting practices. Auditing: A Journal of
Practice and Theory 22 (September): 207-218.
Chau, P.Y.K, and K.Y. Tam. 1997. Factors affecting the adoption of open systems: An
exploratory study. MIS Quarterly 21 (March): 1-14.
Chatterjee, D., V.J. Richardson, and R.W. Zmud. 2001. Examining the shareholder wealth
effects of announcements of newly created CIO positions. MIS Quarterly 25 (March): 4370.
Clemons, E. 1991. Evaluation of strategic investments in information technology.
Communications of the ACM. 34 (January): 24- 36.
Cook, T.D., and D.T. Campbell. 1979. Quasi-Experimentation Design & Analysis Issues for
Field Settings. Boston MA: Houghton Mifflin Company.
Coombs, R., D. Knights, and H. Willmott. 1992. Culture, control and competition: Towards a
conceptual framework for the study of information technology in organizations.
Organization Studies 13 (1): 51-72.
Curtis, M.B., and R.E. Viator. 2000. An investigation of multidimensional knowledge structure
and computer auditor performance. Auditing: A Journal of Practice & Theory 19 (Fall):
83-103.
Davis, F.D. 1989. Perceived usefulness, perceived ease of use, and user acceptance of
information technology MIS Quarterly 13 (September): 319-339.
Devaraj, S., and R. Kohli. 2003. Performance impacts of information technology: Is actual usage
the missing link? Management Science 49 3 (March): 273-289.
Elliott, R.K., and P.D. Jacobson. 1987. Audit technology: A heritage and a promise. Journal of
Accountancy (May): 198-217.
Elliott, R. 2002. Wireless information management. Information Management Journal 36
(September/October): 62.
Fischer, M.J., and J.P. McAllister. 1993. Enhancing audit efficiency with new technologies. The
CPA Journal 63 (November): 58-62.
________. 1996. “Real-izing” the benefits of new technologies as a source of audit evidence:
An interpretive field study. Accounting, Organizations and Society 21 (February-April):
219-242.
General Accounting Office. 2003. Public Accounting Firms: Mandated Study on Consolidation
and Competition. GAO office: http://www.gao.gov/atext/d03864.
saved 3/8/2016 8:29 PM
26
Hackbarth, G., V. Grover, and Y. Mun. 2003. Computer playfulness and anxiety: Positive and
negative mediators of the system experience effect on perceived ease of use. Information
& Management 40: 221-232.
Hackenbrack, K.E., and C.E. Hogan. 2002. Market response to earnings surprises conditional on
reasons for an auditor change. Contemporary Accounting Research 19 (Summer): 195224.
Hitt, L.M., and E. Brynjolfsson. 1997. Information technology and internal firm organization: An
exploratory analysis. Journal of Management Information Systems 14 (Fall): 81-101.
Ho, J., S. Vera-Munoz, and C. Chow. 2002. Towards a framework for understanding the
antecedents of knowledge sharing in large cpa firm audits. Working paper, University of
California-Irvine.
Hunton, J.E. 2002. The impact of digital technology on accounting behavioral research. In
Advances in Accounting Behavioral Research, V. Arnold (ed.). Amsterdam: Elsevier
Science: 2-17.
Iacovou, C.L., I. Benbasat, and A.S. Dexter. 1995. Electronic data interchange and small
organizations: Adoption and impact of technology. MIS Quarterly 19 (December): 465485.
Johnstone, K.M. 2000. Client-acceptance decisions: Simultaneous effects of client business risk,
audit risk, auditor business risk, and risk adaptation. Auditing: A Journal of Practice &
Theory 19 (March): 1-26.
Kachelmeier, S.J., and W.F. Messier, Jr. 1990. An investigation of the influence of a
nonstatistical decision aid on auditor sample size decisions. The Accounting Review 65
(January): 209-227.
Kauffman, R.J., J. McAndrews, and Y. Wang. 2000. Opening the “black box” of network
externalities in network adoption. Information Systems Research 11 (March): 61-82.
Kearns, G.S., and A.L. Lederer. 2003. A resource-based view of strategic it alignment: How
knowledge sharing creates competitive advantage. Decision Sciences 34 (Winter): 1-29.
Kim, Y.J. and G.L. Sanders. 2002. Strategic actions in information technology investment based
on real option theory. Decision Support Systems 33 (May): 1-11.
Knechel, W.R. 1988. The effectiveness of statistical analytical review as a substantive
accounting procedure: A simulation analysis. The Accounting Review 63 (January): 7496.
Kogan, A., E.R. Sudit, and M.A. Vasarhelyi. 1999. Continuous online auditing: A program of
research. Journal of Information Systems 13 (2): 87-104.
saved 3/8/2016 8:29 PM
27
Liang, D, F. Lin. And S. Wu. 2001. Electronically auditing edp systems with the support of
emerging information technologies. International Journal of Accounting Information
Systems 2 (June): 130-147.
Lowe, D.J., and P.M.J. Reckers. 2000. The use of foresight decision aids in auditors’ judgments.
Behavioral Research in Accounting 12: 97-118.
Mackay, J.M., and C.W. Lamb, Jr. 1991. Training needs of novices and experts with referent
experience and task domain knowledge. Information & Management 20 (March): 279286.
Manson, S., S. McCartney, and M. Sherer. 1997. Audit Automation: The Use of Information
Technology in the Planning, Controlling and Recording of Audit Work. Edinburgh:
Institute of Chartered Accountants of Scotland.
_______, _______, _______and W.A. Wallace. 1998. Audit automation in the UK and the US:
A comparative study. International Journal of Auditing 2: 233-246.
_______, _______, and _______. 2001. Audit automation as control within audit firms.
Accounting, Auditing and Accountability Journal 14 (1): 109-130.
McCausland, R. 2004. ERP for the masses? (June 1): https://www.cpa2biz.com/News.htm
Messier, W.F., Jr. and J.V. Hansen. 1987. Expert systems in auditing: The state of the art.
Auditing: A Journal of Practice & Theory 7 (Spring): 94-105.
_______. 1995. Research in and development of audit decision aids. In R.H. Ashton, and A.H.
Ashton, Eds., Judgment and Decision Making Research in Accounting and Auditing New
York: Cambridge University Press, 207-228.
Montana, J.C. 2004. E-mail, voice mail, and instant messaging: A legal perspective. Information
Management Journal 38 (January/February): 37-41.
Moore, G., and I. Benbasat. 1991. Development of an instrument to measure the perceptions of
adopting an information technology innovation. Information Systems Research 2
(September): 192-222.
_______, and _______. 1996. Integrating diffusion of innovations and theory of reasoned action
models to predict utilization of information technology by end-users. In Diffusion and
Adoption of Information Technology, K. Kautz and J. Pries-Hege (eds.). London:
Chapman and Hall: 132-146.
Morris, M.B., and V. Venkatesh. 2000. Age differences in technology adoption decisions:
Implications for a changing workforce. Personnel Psychology 53 (Summer): 375-403.
saved 3/8/2016 8:29 PM
28
Murphy, U.S., and D.S. Kerr. 2004. Comparing audit team effectiveness via alternative modes of
computer-mediated communication. Auditing: A Journal of Practice and Theory 24
(March): 141-152.
O’Donnell, E. and J. Schultz. 2003. The influence of business-process-focused audit support
software on analytical procedures judgments. Auditing: A Journal of Practice and Theory
22 (September): 265-279.
O’Leary, D.E. 2002. Knowledge management in accounting and professional services. In
Researching Accounting as an Information Systems Discipline, V. Arnold and S. Sutton
(eds.). Sarasota FL: American Accounting Association: 273-283.
Palmrose, Z. 1986. Audit fees and auditor size: Further evidence. Journal of Accounting
Research 24 (Spring): 97-111.
Pappas, C. 1984. Strategic management of technology. Journal of Product Innovation
Management (1): 30-35.
Pratt, J., and J.D. Stice. 1994. The effects of client characteristics on auditor litigation risk
judgments, required audit evidence, and recommended audit fees. The Accounting Review
69 (October): 639-656.
Premkumar, G., and M. Roberts. 1999. Adoption of new information technologies in rural small
businesses. Omega: The International Journal of Management Science 27 (August): 467484.
PricewaterhouseCoopers. 2003. TeamMate. http://www.pwcglobal.com/extweb/ service.nsf/
docid/443881f8a1da32d0852568b6001a514e
Public Oversight Board (POB), Panel on Audit Effectiveness. 2000. Report and
Recommendations. Stamford, CT: POB.
Ragowsky, A., N. Ahituv, and S. Neumann. 1996. Identifying the value and importance of an
information system application. Information & Management 31 (November): 89-102.
Rezaee, Z., R. Elam, and A. Sharbatoghlie. 2001. Continuous auditing: The audit of the future.
Managerial Auditing Journal 16 (3): 150-158.
Rich, J.S., I. Solomon, and K.T. Trotman. 1997. The audit review process: A characterization
from the persuasion perspective. Accounting, Organizations and Society (July): 481505.
Riemenschneider, C., D. Harrison, and P. Mykytyn, Jr. 2000. Understanding IT adoption
decisions in small business: Integrating the theory of planned behavior and the
technology acceptance model. Working paper, University of Arkansas.
saved 3/8/2016 8:29 PM
29
Rittenberg, L.E., and B.J. Schwieger. 2003. Auditing: Concepts for a Changing Environment.
Mason OH: South-Western.
Shapiro, C., and H.R. Varian. 1991. Information rules: A Strategic Guide to the Network
Economy. Boston MA: Harvard Business School Press.
Shumate, J.R., and Brooks, R. C. 2001. The effect of technology on auditing in government: A
discussion of the paperless audit. The Journal of Government Financial Management 50
(Summer): 50-55.
Sinason, D.H., J.P. Jones, and S.W. Shelton. 2001. An investigation of auditor and client tenure.
Mid-American Journal of Business 16 (Fall): 31-40.
Solomon, I, and K. Trotman. 2003. Experimental judgment and decision research in auditing:
the first 25 years of AOS. Accounting, Organizations and Society 28 (May): 395-412.
Sprinkle, G.B., and R.M. Tubbs. 1998. The effects of audit risk and information importance on
auditor memory during working paper review. The Accounting Review 73 (October):
475-502.
Straub, D., M. Limayem, and E. Karahanna. 1995. Measuring system usage: Implications for IS
theory testing. Management Science 41: 1328-1342.
Sutton, S.G., and C. Hampton. 2003. Risk assessment in an extended enterprise environment:
Redefining the audit model. International Journal of Accounting Information Systems 4
(March): 57-73.
Truman, G.E., K. Sandoe, and T. Rifkin. 2003. An empirical study of smart card technology.
Information & Management 40 (July): 591-606.
Varian, H.R. 1984. Microeconomic Analysis Second Edition. New York NY: W.W. Norton &
Company.
Venkatesh, V., and M. Morris. 2000. Why don’t men ever stop to ask for directions? Gender,
social influence, and their role in technology acceptance and usage behavior. MIS
Quarterly 24 (March): 115-139.
_______, M. Morris, G. Davis, and F. Davis. 2003. User acceptance of information technology:
Toward a unified view. MIS Quarterly 27 3 (September): 425-478.
Viator, R.E., and M.B. Curtis. 1998. Computer auditor reliance on automated and non-automated
controls as a function of training and experience. Journal of Information Systems 12
(Spring): 19-30.
Weil, J. 2004. Behind wave of corporate fraud: A change in how auditors work. Wall Street
Journal (March 25): A1.
saved 3/8/2016 8:29 PM
30
Whitecotton, S.M. 1996. The effects of experience and confidence on decision aid reliance: A
causal model. Behavioral Research in Accounting 8: 194-216.
Whittington, O.R, and K. Pany. 2004. Principles of Auditing and Other Assurance Services. 14th
Edition. New York, NY: Irwin/McGraw Hill Publishing Co.
Winograd, B.N., J.S. Gerson, and B.L. Berlin. 2000. Audit practices of Pricewaterhouse
Coopers (PwC). Auditing: A Journal of Practice & Theory 19 (Fall): 175-182.
Winters, B.I. 2004. Choosing the right tools for internal control reporting. Journal of
Accountancy (February): 34-41.
Woo, E., and H.C. Koh. 2001. Factors associated with auditor changes: A Singapore study.
Accounting and Business Research 31 (2): 133-146.
Wright, A. 2002. Foreword forum on continuous auditing and assurance. Auditing:A Journal of
Practice & Theory 21 (March): 123.
Zhu, K. and J.P. Weyant. 2003. Strategic decisions of new technology adoption under
asymmetric information: A game-theoretic model. Decision Sciences 34 (Fall): 643-675.
saved 3/8/2016 8:29 PM
31
TABLE 1
Participant Demographics
n = 140
Frequencies
Years as an external auditora
Agea
37.9
(10.2)
Firm Sizea
Big 4
30
22.0 %
National
15
11.0 %
Regional
26
19.1 %
Local
65
47.8 %
Highest education levela
Bachelor’s degree
115
82.7 %
Master’s degree
22
15.8 %
Ph.D.
2
1.4 %
Certificationa, b
Certified internal auditor
1
Certified public accountant
122
Certified information systems auditor
0
Certified management accountant
1
Certified financial executive
7
Certified financial planner
0
Other certification
1
Gendera
M = 98
71.0%
F = 40
29.0%
24
17.3 %
Intermediate
95
68.3 %
Expert
20
14.4 %
IT expertisea
Novice
a
b
Mean or %
(Std Dev)
13.7
(9.5)
One or more participants did not respond.
Participants could list more than one certification.
saved 3/8/2016 8:29 PM
32
TABLE 2
Use and Importance of Information Technology Audit Applications
Audit Application/Tool
Extent of
Usea Mean
Extent
of Use
Std. Dev.
Level of
Importanceb
Mean
Level of
Importance
Std Dev.
Analytical review / financial ratio tools
5.16**
1.57
5.53 **
1.47
Audit planning software
4.09
2.44
4.70 **
2.35
Audit report writing
4.81**
2.26
5.03 **
2.20
Client acceptance
3.43
2.44
4.01
2.46
Client relationship management
2.85
2.23
3.67
2.42
Continuous transaction monitoring
1.84
1.58
2.44
2.13
Data mining
2.44
1.86
3.33
2.46
Database modeling
1.69
1.38
2.14
1.85
Digital analysis
1.44
1.21
1.77
1.73
Electronic work papers
4.99**
2.27
5.17**
2.33
Expert systems
1.58
1.37
2.15
1.98
Fraud review
2.63
1.99
4.09
2.37
Graphs
2.82
1.64
3.04
1.79
Internal control evaluation
3.77
2.45
4.62**
2.41
Internet search tools
4.65**
1.87
4.81**
1.91
Knowledge management systemsc
2.20
1.99
2.75
2.42
Review clients fin. disclosures on web site
2.34
1.92
2.76
2.22
Risk assessment
4.02
2.44
4.62**
2.41
Sampling
4.46**
2.14
4.75**
2.22
Test of on-line transactions
1.66
1.46
2.36
2.15
** One-tailed t test indicates usage/importance rating is significantly greater than neutral point (i.e., 4) at p . 01 level.
* One-tailed t test indicates usage/importance rating is significantly greater than neutral point (i.e. 4) at p  .05 level.
Participants were asked to rate ‘the extent of usage for each audit application on a typical audit’ using a seven point
scale with 1 = not important and 7 = very important.
a
b Participants
were asked to rate ‘the importance of each audit application for a typical audit’ using a seven point scale
with 1=not important and 7 = very important.
c
Knowledge management systems refer to efforts to (1) capture knowledge, (2) convert personal knowledge to groupavailable knowledge, (3) connect people to knowledge, and (4) measure knowledge (O’Leary 2002).
saved 3/8/2016 8:29 PM
33
TABLE 3
Use and Importance of Information Technology Productivity Tools
Productivity Tool
Cell phones
Extent of Usea
Mean
4.56**
Extent of Use
Standard
Deviation
2.07
Level of
Importanceb
Mean
4.59**
Level of
Importance
Std Deviation
2.11
E-mail
6.04**
1.50
6.03**
1.60
Instant messaging
1.61
1.46
1.64
1.59
Personal digital assistants (PDAs)
2.63
2.17
2.69
2.15
Remote network access
3.74
2.46
4.45 *
2.43
Wireless networks
2.11
1.95
2.96
2.33
Extensible business reporting language
(XBRL)
1.15
0.67
1.67
1.60
** One-tailed t test indicates usage/importance rating is significantly greater than neutral point (i.e. 4) at p . 01 level.
* One-tailed t test indicates usage/importance rating is significantly greater than neutral point (i.e. 4) at p  .05 level.
a Respondents
were asked to rate ‘the extent of usage for each audit application on a typical audit’ using a seven point scale with
1 = not important and 7 = very important.
Respondents were asked to rate ‘the importance of each audit application for a typical audit’ using a seven point scale with
1=not important and 7 = very important.
b
TABLE 4
Usage / Frequency of Workpaper Review Methods and IT Specialists
Mean
Standard
Deviation
E-mailb
25.70 %
34.94
Face to face
60.73 %
36.89
Telephonec
8.45 %
16.95
Other
18.64 %
33.44
18.29 %
29.24
2.25
2.07
Workpaper Review Methoda
IT Specialist
Frequency of usage over past yeard
Extent of usagee
a
Respondents were asked to estimate how frequently (0 to 100 % ) each method was used when conducting a typical
audit workpaper review (e.g. between staff and senior, or senior and manager).
Email refers to ‘preparer forward workpapers electronically to the reviewer, the reviewer examines the file online,
and sends his/her comments back electronically’.
b
c
Telephone refers to ‘feedback provided via phone conversion and voice mail messages’.
d
Respondents were asked to estimate how frequently (0 to 100 %) an IT specialist was used during audit
engagements over the past year.
e
Respondents were asked to rate the extent of IT specialist usage during audit engagements over the past year from
1 = none to 7 = extensively.
TABLE 5
Regression Results: Application Extent of Usage
Independent Variables
p-values
Dependent Variables
Model
Adj.
R2
Analytical review / financial ratio
tools
p-value
Client
Innovative
0.01
0.01
0.01
+
Local firms higher
Audit planning software
13%
0.01
0.05
+
+
Audit report writing
13%
0.01
0.01
0.04
0.01
+
+
local and regional higher
Client acceptance
a
12%
IT
Complexity
All Clients
Sign of Coefficent for Significant Variables
Use of
Risk
Based
Firm
Audit
Firm Size
Innovative
Approach
8%
0.05
Client relationship management
3%
0.29
Continuous transaction
monitoring
4%
0.22
Data mining
7%
0.09
Database modeling
5%
0.13
Digital analysis
6%
0.12
Electronic workpapers
29%
0.00
Expert systems
13%
0.01
0.09
0.01
0.03
+
national higher
0.07
Big 4 and national
higher
0.07
0.03
+
Big 4 higher
Used two-tailed test since we were unable to make a directional prediction for this independent variable.
Shaded areas denote models with p-values  .10.
0.06
0.07
+
-
0.03
0.01
+
+
Financial
Audit
Experience a
Auditor
IT
Expertise
TABLE 5 (continued)
Regression Results: Application Extent of Usage
Independent Variables
p-values
Dependent Variables
Fraud review
Model
Adj.
R2
7%
p-value
Sign of Coefficent for Significant Variables
Client
Innovative
0.07
IT
Complexity
All Clients
0.06
Firm Size
Firm
Innovative
Use of
Risk
Based
Audit
Approach
0.09
0.07
0.04
+
-
+
Financial
Audit
Experience a
Auditor
IT
Expertise
+
Graphs
Internal control evaluation
Internet search tools
7%
20%
3%
0.08
0.00
0.03
0.08
+
Big 4 and national higher
0.28
0.02
-
Knowledge management systems
Review of client’s financial
disclosures on web sites
20%
14%
0.00
0.05
0.01
0.08
+
Big 4 higher
-
0.00
0.05
0.03
+
Risk assessment
11%
0.02
Sampling
18%
0.00
0.01
0.08
+
+
Test of on-line transactions
18%
0.00
0.09
0.00
+
37
0.07
+
0.07
0.03
0.06
Big 4 higher
+
-
3/8/2016 8:29:00 PM PST
TABLE 6
Regression Results: Application Importance
Independent Variables
p-values
Dependent Variables
Model
Sign of Coefficient for Significant Variables
Use of
Risk
Based
Firm
Audit
Firm Size
Innovative
Approach
IT
Complexity
All Clients
Auditor
IT
Expertise
Adj. R2
p-value
Analytical review / financial ratio tools
14%
0.00
0.00
Audit planning software
17%
0.00
0.00
0.10
+
-
0.01
+
Audit report writing
Client acceptance
28%
13%
0.00
0.01
Client relationship management
1%
0.40
Continuous transaction monitoring
6%
0.10
Data mining
11%
0.02
Database modeling
11%
local & regional firms higher
0.00
0.00
+
+
0.09
0.00
+
+
0.03
0.05
+
+
+
0.00
0.04
0.02
0.01
local & regional firms higher
0.08
0.09
+
Digital analysis
10%
0.03
Electronic workpapers
17%
0.00
Expert systems
27%
0.00
+
0.04
0.06
0.03
0.08
0.09
+
+
-
-
+
0.02
+
a
Financial
Audit
Experience a
Client
Innovative
0.03
0.04
0.00
+
+
Big 4 higher
Used two-tailed test since we were unable to make a directional prediction for this independent variable.
Shaded areas denote models with p-values  .10.
38
3/8/2016 8:29:00 PM PST
TABLE 6 (continued)
Regression Results: Application Importance
Independent Variables
p-values
Dependent Variables
Model
Sign of Coefficient for Significant Variables
IT
Complexity
All Clients
Financial
Audit
Experience a
Adj. R2
p-value
Client
Innovative
Fraud review
10%
0.03
0.06
0.03
+
+
Graphs
6%
0.13
Internal control evaluation
17%
0.00
Internet search tools
3%
0.29
knowledge management systems
14%
0.00
Firm Size
0.00
0.06
+
Big 4 & national higher
Firm
Innovative
Use of
Risk
Based
Audit
Approach
0.02
+
Review of client’s financial disclosures
on web sites
18%
0.00
0.01
+
Risk assessment
Sampling
Test of on-line transactions
10%
18%
20%
0.03
0.03
Big 4 higher
0.06
national & Big 4
higher
0.00
0.00
0.02
0.01
+
Big 4 & national higher
0.04
0.05
Big 4 & national
higher
+
39
0.08
+
0.09
+
3/8/2016 8:29:00 PM PST
Auditor
IT
Expertise
-
TABLE 7
Regression Results: Productivity Tools Usage
Independent Variables
p-values
Dependent Variables
Cell phones
Model
Adj. R2
p-value
5%
0.18
E-mail
4%
0.20
Instant messaging
12%
0.02
Client
Innovative
Sign of Coefficient for Significant Variables
Use of
Risk
IT
Based
Complexity
Firm
Audit
All Clients
Firm Size
Innovative
Approach
0.01
+
Personal digital assistants
(PDAs)
10%
0.05
Regional & Big 4 higher
0.03
Financial
Audit
Experience a
Auditor
Expertise
0.05
0.02
0.08
-
+
-
0.07
Local firms higher
Remote network access
Wireless networks
Extensible business reporting
language (XBRL)
a
24%
0.00
6%
0.11
3%
0.27
+
0.012
0.00
Big 4 higher
+
Used two-tailed test since we were unable to make a directional prediction for this independent variable.
Shaded areas denote models with p-values  .10.
40
0.02
-
3/8/2016 8:29:00 PM PST
TABLE 8
Regression Results: Productivity Tools Importance
Independent Variables
p-values
Dependent Variables
Cell phones
E-mail
Instant messaging
Model
Adj. R2
p-value
0%
0.52
3%
0.27
9%
0.04
Personal digital assistants
(PDAs)
6%
0.10
Remote network access
14%
0.01
Client
Innovative
Sign of Coefficient for Significant Variables
Use of
Risk
IT
Based
Complexity
Firm
Audit
All Clients
Firm Size
Innovative
Approach
Financial
Audit
Experience a
Auditor
Expertise
0.01
0.03
0.02
+
-
-
+
0.03
Big 4 & regional higher
Wireless networks
Extensible business reporting
language (XBRL)
a
0%
0.57
-3%
0.85
Used two-tailed test since we were unable to make a directional prediction for this independent variable.
Shaded areas denote models with p-values  .10.
41
3/8/2016 8:29:00 PM PST
-
TABLE 9
Regression Results: Work paper Review Methods and Usage of IT Specialist
Independent Variables
p-values
Dependent Variables
Workpaper review method
E-mail
Face to face
Model
Adj. R2
pvalue
49 %
0.00
12 %
Client
Innovative
0.01
IT
Complexity
All Clients
Sign of Coefficient for Significant Variables
Use of
Risk
Based
Firm
Audit
Firm Size
Innovative
Approach
10 %
0.03
Auditor
Expertise
0.00
0.01
0.09
Big 4 higher
+
+
0.08
0.03
+
Telephone
Financial Audit
Experience a
-
0.03
0.07
+
Big 4 higher
Other
IT Specialist
Frequency of usage over
past year
Extent of usage
(1 = none, 7 = extensive)
a
1%
0.43
43 %
0.00
36 %
0.00
0.00
0.07
Big 4 higher
-
0.00
0.05
Big 4 higher
-
Used two-tailed test since we were unable to make a directional prediction for this independent variable.
Shaded areas denote models with p-values  .10.
42
3/8/2016 8:29:00 PM PST
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Big Data As Complementary Audit Evidence
Big Data As Complementary Audit Evidence
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
Green Impact Auditor
Green Impact Auditor
CIS 349 – Information Technology Audit and Control
CIS 349 – Information Technology Audit and Control
Lutz Internal Audit Director 10 22 2015
Lutz Internal Audit Director 10 22 2015
Case
Case
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
Download
advertisement