ABC Pvt. Ltd. has recently migrated to real-time integrated ERP System. As an IS Auditor, advise the company as to what kinds of businesses risks it can face.

A Management Information System ICT Revision Questions and Answers

The company, ABC Pvt. Ltd. may face several new business risks when they migrate to real-time, integrated ERP systems. These risks include the following:

1. Single point of failure – All input data of an organization and transaction processing is within one application system.
2. Structural Changes – Significant personnel and organizational structural changes associate with reengineering or redesigning business processes.
3. Job Role Changes – Traditional roles of users are changed to empowered-based role. They have more chances to access enterprise information in real-time. This point of control shifts from the back-end financial processes to the front-end point of creation.
4. Online Real-Time – This environment requires a continuous business interaction. This warrants the capabilities of utilizing the ERP application and responds quickly to any problem that requires a re-entry of information (e.g., if field personnel are unable to transmit orders from handheld terminals, customer service staff may need the skills to enter orders into the ERP system correctly so the production and distribution operations will not be adversely impacted).

5. Change Management – It is challenging to bring together a highly integrated environment when different business processes have existed among business units for long. The level of user acceptance of the system has a significant influence on its success. Training and awareness of users is mandatory, to understand that their actions or inaction have a direct impact upon other users and in the performance of their day-to-day duties.
6. Distributed Computing Experience – Inexperience with implementing and managing this kind of environment may pose significant challenges.
7. Broad System Accessibility – Increased remote access by users and outsiders and high integration among application functions allow increased access to the application and data.
8. Dependency on External Assistance – Organization accustomed to in-house legacy systems may find that they have to rely on external help. Unless such external assistance is properly managed, it could introduce an element of security and resource management risk that may expose the organizations to a greater risk.
9. Program Interfaces and Data Conversions–Extensive interfaces and data conversions from legacy systems and other commercial software are necessary. The exposures of data integrity, security and capacity requirements for ERP are much higher.
10. Audit Expertise – Specialist expertise is required to effectively audit and control an ERP environment. The relative complexity of ERP systems has created specialization such that each specialist may know only a relatively small fraction of the entire ERP‘s functionality in a particular core module, e.g. FI auditors, who are required to audit the entire organization‘s business processes, have to maintain a good grasp of all the core modules to function effectively.
11. Single sign on – It reduces the security administration efforts associated with administrating web-based access to multiple systems, but simultaneously introduces additional risks in that an incorrect assignment of access may result in inappropriate access to multiple systems.
12. Data content quality – As enterprise applications are opened to external suppliers and customers, the need for integrity in enterprise data becomes paramount.
13. Privacy and confidentiality – Regularity and governance issues surrounding the increased capture and visibility of personal information, i.e. spending habits.

Leave a Reply

Your email address will not be published. Required fields are marked *