题名

企業資源規劃系統內部控制制度之建構-以某通訊產業公司為例

并列篇名

A Study of ERP System Internal Control Framework-The Perspective from a Telecommunications Case Company

DOI

10.29767/ECS.200806.0003

作者

詹順吉(Derek Jan);張碩毅(She-I Chang);吳東憲(Tung-Hsien Wu)

关键词

內控制度 ; 企業資源規劃系統 ; 資料品質 ; 資訊循環 ; Internal Controls System ; Enterprise Resource Planning ERP ; Data Quality ; Information Cycle

期刊名称

Electronic Commerce Studies

卷期/出版年月

6卷2期(2008 / 06 / 30)

页次

159 - 187

内容语文

繁體中文
中文摘要

隨著企業採用企業資源規劃系統的協助作業以及無紙化作業的趨勢下,早期的紙張憑證已經被轉換為電子化的資訊。在此情況下,如何確保資訊系統的資料品質無誤,提供正確資訊供企業進行決策,同時讓會計師在簽證由系統所產生的財務報表時,可以將查核風險降到最低是現階段重要研究課題之一。 本研究第一階段採用紮根理論研究法找尋出資訊系統應有之內部控制作項目的相關變數,以證期局所訂定之「公開發行公司建立內部控制制度處理準則」中的控制規範建構出本研究雛形。再經擁有企業資源規劃系統維護、管理及稽核實務經驗專家們的修正與確認,試圖提出『企業資源規劃系統之資訊循環內部控制要點』。第二階段將以理論端建立之雛型為基礎,以個案研究法驗證,確認本研究提出之控制項目的可用性及有效性。 藉由本研究所建構出12個構面共37項控制項目的成果,期望能夠提供一個準則,供稽核人員進行企業資源規劃系統查核時可以針對應控管的內部控制點進行有效查核。而企業在資訊系統管理上,亦可考量本身基礎架構上的限制並搭配本研究之成果,決定有哪些控制點是必要的,有哪些可以被歸納為最好具備,如此一來不只可以降低資訊系統管理上的成本,同時亦可建構完善的資訊系統管理機制。
英文摘要

With the advancement of information technology and the assistance of information systems, such as Enterprise Resource Planning (ERP), which promotes a paperless working environment, companies have gone from paper certificates to the electronic storage of information in the form of corporate resource organization system archives. However, with companies increasingly relying on information technology, how does this ensure that the information contained in information systems will be error-free, so that it can improve policy-making abilities, and at the same time minimize the auditing risk associated with having an accountant certify financial statements generated by ERP? This is an important task that needs to be studied at this juncture. In the first stage of this study, necessary related variables contained in the internal controls of the information system were searched through the discussion and arrangement of relevant documents and by grounded theory. We used the control regulation set by the Securities and Futures Bureau in the ”Regulations Governing Establishment of Internal Control Systems by Public Companies,” as a model. With revision and acknowledgment by professionals with actual experience in the maintenance, management and auditing of Enterprise Resource Planning (ERP), we attempt to raise ”Critical Points in the Internal Controls of Enterprise Resource Planning (ERP),” to provide auditors with a method to audit the data quality accordingly. The second phase will use a model built upon theories as a basis, relying on the case study method to verify the usefulness and effectiveness of the control entries raised by this study. By constructing 12 elements and a total of 37 critical factors, we hope that the results will provide a standard, which the auditors can effectively use when auditing the internal control points that should be in a corporate resources organization system. This will thereby reduce risks when accountants audit and certify financial statements. When examining their control of the corporate resources organization system, corporations can look to the restrictions of their own basic structure, then look to the results of this study and decide which control points are ”Need to do” and which ones can be classified as ”Best to have.” In turn, this will reduce the cost of information technology management and concurrently develop a complete system for information technology control.
主题分类 基礎與應用科學 > 資訊科學
社會科學 > 經濟學
参考文献
  1. 審計準則公報第三十二號內部控制之考量
  2. 審計準則公報第三十一號電腦資訊系統環境下執行查核工作之考量
  3. AICPA(1997).Auditing procedures study.New York (NY):
  4. Anselm Strauss、Juliet Corbin原著、吳芝儀、廖梅花譯(2001)。紮根理論研究方法。嘉義市:濤石文化。
  5. Brown, Paul(2004).Bad data eats IT budgets.Computer Weekly, ABI/INFORM Trade & Industry.
  6. Cerullo, M. J.,V. Cerullo(2000).The internal auditor's role in developing and implementing enterprise resource planning systems.Internal Auditing,15,25.
  7. Cooper, R.,R. Kaplan.(1998).The promise and peril-of integrated cost systems.Harvard Business Review,76,109-119.
  8. Coppers,Lybrand L. L. P.(2002).Security, Audit and Control Features SAP R/3: A Technical and Risk Management Reference Guide.IT Governance Institute.
  9. Elliot, R.K.(1986).Auditing in the 1990s: implications for education and research.California Management Review.
  10. Glaser, B.,Strauss, A.(1967).The discovery of grounded theory.Chicago:Aldine.
  11. Glover, S.,D. Prawitt,M. Rommy(1999).Implementing ERP.Internal Auditor.
  12. Graeme,P.(1999).The Electronic Enterprise ERP, SCM, E-Business and Beyond.Strategic Intelligence.
  13. ISACA(2007).IS Standards, Guidelines and Procedures for Auditing and Control Professionals.ISACA.
  14. Jennifer H.(1999).ERP system: Audit and Control Risks.ISACA LA spring Conference
  15. Lawshe, C. H.(1975).A Quantitative Approach to Content Validity.Personnel Psychology,28,563-575.
  16. Mancuso, A.(1997).Auditing Standard Board issues SAS No. 80.The CPA Journal,67,74.
  17. Oracle(2005).Internal Controls Manager-Implementation Guide Release 11i.
  18. Sally, W.,M.W. Arnold(2002).Information System Assurance for Enterprise Resource Planning System: Unique Risk Considerations..Journal of Information Systems,16,99-113.
  19. SAP(2005).Note 754273-Availability of the system audit.
  20. Steven M.G.(1999).Implementing ERP.The Internal Auditor,56(Iss.1),40-46.
  21. Strauss, A(1987).Qualitative analysis for social scientists.Cambridge:Cambridge University Press.
  22. Strong, D. M.,Y. W. Lee,R. Y. Wang.(1997).Data quality incontext.Communications of the ACM,40(5),103-113.
  23. Wand, Y.,R. Y. Wang.(1996).Anchoring Data Quality Dimensions in Ontological Foundations..Communications of the ACM,39(11),86-95.
  24. 朱延智(2003)。企業危機管理。台北:五南。
  25. 公開發行公司建立內部控制制度處理準則
  26. 何思湘(2002)。美國安隆公司倒閉事件對我國相關立法之啟示。會計研究月刊,200,96-107。
  27. 吳琮璠(2005)。會計財務資訊系統。台北:智勝文化。
  28. 李宗黎、林蕙真(2004)。審計新論。台北:證業初版社。
  29. 徐宗國(1997)。質性研究概論。台北市:巨流圖書。
  30. 張秀雲(2002)。東吳大學會計系。
  31. 張富美(2001)。會計資訊系統理論與應用。台北:台灣西書出版社。
  32. 張碩毅(2006)。以平衡計分卡建構ERP系統導入效益評估雛形。致遠通訊,5月號,16-24。
  33. 陳祥輝(2000)。中國文化大學資訊管理研究所。
  34. 程文鬱(2002)。國立中山大學企業管理學系研究所。
  35. 黃士銘、阮金聲、吳隆、洪育忠、洪新原、陳鴻基(2001)。企業資源規劃。中正大學製商整合科技中心。
  36. 黃劭彥、陳雪如、李超雄、施志成(2006)。導入企業資源規劃系統對財務、管理及稽核面之影響。會計研究月刊,247,52-58。
  37. 資策會MIC(2006)。台灣大型企業資訊應用需求分析研究報告台灣大型企業資訊應用需求分析研究報告,資策會。
  38. 歐進士、黃士銘(2005)。企業決策與資訊品質。致遠通訊,4月號
  39. 蔡文賢、范懿文、簡世文(2006)。進階ERP企業資源規劃會計模組。台北:前程文化。
  40. 鄧治萍(2001)。完全查帳入門手冊。台北:財經傳訊。
  41. 薛富井、林千惠(2003)。美國2002沙氏法案對會計師事務所與發行公司影響之探討。會計研究月刊,209,102-131。
  42. 嚴紀中、黃士銘、李佳玲、夏詠清(2006)。沙濱法案(Sarbanes-Oxley Act)之適用、影響及衝擊。電腦稽核期刊,15,1-11。
被引用次数
  1. 熊杏華、李蕙如、王若蓮(2012)。ERP系統中內控品質滿意度之研究。當代會計,13(2),195-220。
print cancel