Information Assurance for Enterprise Resource Planning Systems: Risk Considerations in Public Sector Organizations

• Main Authors: SHAHZAD NAEEM, MUHAMMAD HASAN ISLAM
• Format: Article
• Language: English
• Published: Mehran University of Engineering and Technology 2016-10-01
• Series: Mehran University Research Journal of Engineering and Technology
• Subjects: Enterprise Resource Planning System Assurance; Information Systems Auditors, Enterprise Resource Planning; Risk Management.
• Online Access: http://publications.muet.edu.pk/research_papers/pdf/pdf1408.pdf

ERP (Enterprise Resource Planning) systems reveal and pose non-typical risks due to its dependencies of interlinked business operations and process reengineering. Understanding of such type of risks is significant conducting and planning assurance involvement of the reliability of these complicated computer systems. Specially, in case of distributed environment where data reside at multiple sites and risks are of unique nature. Until now, there are brief pragmatic grounds on this public sector ERP issue. To analyze this subject, a partially organized consultation study was carried out with 15 skilled information systems auditors who are specialists in evaluating ERP systems risks. This methodology permitted to get more elaborated information about stakeholder?s opinions and customer experiences. In addition, interviewees mentioned a numerous basic execution troubles (e.g. inadequately skilled human resource and insufficient process reengineering attempts) that lead into enhanced hazards. It was also reported by the interviewees that currently risks vary across vendors and across applications. Eventually, in offering assurance with ERP systems participants irresistibly stresses examining the process instead of system end product.