An examination of auditor planning judgements in a complex accounting information system environment

This study investigates the effects of computer assurance specialist (CAS) competenceand auditor accounting information system (AIS) expertise on auditorplanning judgements in a complex AIS environment. Recent professional standardsstate that auditors need to change their audit strategies in reaction to theall-encompassing changes in their clients’ AIS (American Institute of CertifiedPublic Accountants [AICPA] 2001, 2002). Information technology (IT) applications,such as enterprise resource planning (ERP) systems, are significantly changingthe ways in which companies operate their businesses (e.g., business process reengineering)and auditors perform their duties (Helms 1999; Public OversightBoard [POB] 2000). For example, the implementation and utilization of ERP systemsat many major corporations can increase audit-related risks such as businessinterruption, data base security, process interdependency, and overall control risk(Hunton, Wright, and Wright 2004). As technological developments continue,auditors must expand their AIS knowledge and skills in order to perform effectiveand efficient audits (POB 2000; Kinney 2001; AICPA 2002). Prior researchsuggests that expertise in the AIS domain may make auditors more cognizant ofAIS-specific risks and provide them with the sophisticated audit skills required insuch settings (Lilly 1997; Hunton et al. 2004). To our knowledge, our study is thefirst to examine whether auditors’ AIS expertise levels affect their risk assessmentsand subsequent testing decisions in a complex AIS setting.