The Impact of Enterprise Resource Planning (ERP) on the Internal Controls System in Zimbabwean Organizations

The Impact of Enterprise Resource Planning (ERP) on the Internal Controls System in Zimbabwean Organizations

Makota Justin, Moyo Abel And Kabote Ferdinand

Zimbabwe Ezekiel Guti University, Bindura, Zimbabwe.

DOI: https://dx.doi.org/10.47772/IJRISS.2023.7915

Received: 05 August 2023; Accepted: 19 August 2023; Published: 21 September 2023

ABSTRACT

This research paper investigates the impact of Enterprise Resource Planning (ERP) systems on the internal controls system within Zimbabwean organizations. The study adopts a qualitative methodology, focusing on four organizations operating in Zimbabwe. Eight participants, comprising key personnel responsible for implementing and managing ERP systems, were selected for in-depth interviews. The research aims to understand how the implementation of ERP systems affects the internal controls system, including the associated challenges and opportunities. The qualitative data analysis involved transcribing and coding the interview responses, followed by thematic analysis to identify recurring patterns and themes. Findings from the study reveal several key insights. Firstly, ERP systems have a significant impact on the internal controls system, enabling organizations to streamline processes, improve data accuracy, and enhance decision-making. However, challenges were identified, such as resistance to change, staff training needs, and potential risks associated with system vulnerabilities. Overall, this research contributes to the existing literature by providing insights into the impact of ERP systems on the internal controls system in Zimbabwean organizations. The findings can assist organizations in understanding the challenges and opportunities associated with ERP implementation and provide recommendations for improving internal controls within this context.

Keywords: Enterprise Resource Planning, Internal control Systems, Information Technology, Information Systems

INTRODUCTION AND BACKGROUND TO STUDY

Enterprise Resource Planning (ERP) systems have become increasingly prevalent in modern organizations as they offer integrated solutions for managing various business functions and processes. Estensoro et al., (2022) and Wang et al., (2021) defined ERP is referred to as s one that integrates all subsystems, components, or elements that work together to achieve a mutual goal. The comments include all business operations. According to (Mercy, 2023), (Sastrodiharjo & Khasanah, 2023), (Kunduru, 2023) agreed that ERP systems integrate core business functions such as finance, human resources, procurement, and supply chain management into a single comprehensive software system, facilitating information flow and decision-making across different departments. While the benefits of ERP implementation are well-documented in terms of efficiency gains, cost savings, and improved productivity their impact on internal controls systems within organizations has received limited attention, especially in the context of Zimbabwe.

Internal controls play a crucial role in organizations by safeguarding assets, ensuring data integrity, and promoting compliance with regulatory requirements. They are designed to minimize the risk of errors, fraud, and misstatements in financial reporting. Given the complexity and interconnectedness of ERP systems, it is important to understand their impact on internal controls to effectively manage risks and maintain an adequate control environment (Braim, 2023).

Zimbabwean organizations, like their counterparts in other countries, have increasingly adopted ERP systems to enhance their operational efficiency and competitiveness. However, the specific implications of ERP implementation on internal controls within the Zimbabwean context remain relatively unexplored. This study aims to fill this gap by examining the impact of ERP systems on the internal controls system in Zimbabwean organizations using a qualitative research approach.

The findings of this study will contribute to the existing body of knowledge by shedding light on the specific implications of ERP implementation on internal controls within the Zimbabwean organizational context. By identifying both the positive and negative consequences of ERP systems on internal controls, the research aims to provide valuable insights to organizations considering or currently undergoing ERP implementation. (Haislip et al., 2016) Additionally, the study will identify challenges and opportunities associated with ERP adoption, offering recommendations for effectively managing the impact on the internal controls system.

Overall, this research seeks to enhance our understanding of the relationship between ERP systems and internal controls in Zimbabwean organizations, ultimately contributing to improved risk management and governance practices in the era of digital transformation. (Noor et al., 2019 )

Enterprise Resource Planning (ERP) systems have become a cornerstone of modern organizations, offering integrated software solutions that streamline business processes and enhance operational efficiency (Noor et al., 2019, ). By integrating various functional areas such as finance, human resources, supply chain management, and customer relationship management, ERP systems provide a centralized platform for data management and decision-making., (Alsurayyi & Alsughayer, 2021; Pvt, 2022; Widyaningdyah & Ezra, 2020) argued that the adoption of ERP systems has been driven by the potential benefits they offer which including improved productivity, cost savings, enhanced data accuracy, and better resource allocation.

However, while the advantages of ERP implementation are well-documented, the impact of these systems on the internal controls system within organizations has received relatively limited attention. Internal controls are essential mechanisms that organizations rely on to ensure the reliability of financial reporting, prevent fraud, safeguard assets, and comply with regulatory requirements. With ERP systems being highly interconnected and influencing multiple business processes simultaneously, it becomes crucial to understand how their implementation affects the internal controls system. (Widyaningdyah & Ezra, 2020)

The specific context of Zimbabwean organizations provides an interesting setting to study the impact of ERP on internal controls. Zimbabwe has witnessed a significant growth in ERP adoption over recent years, driven by the need for increased operational efficiency and improved decision-making in the face of economic challenges. As organizations in Zimbabwe transition to digital platforms, it is crucial to assess how ERP systems influence internal controls and governance practices in this unique setting. (Noor et al., 2019 )

Zimbabwean organizations face various challenges and complexities that may influence the impact of ERP systems on internal controls. Factors such as the country’s regulatory framework, economic conditions, cultural dynamics, and organizational structures may have distinct implications for the effectiveness of internal controls in the ERP context. (Alsurayyi & Alsughayer, 2021). Understanding these factors and their relationship with ERP implementation is crucial for organizations and policymakers in Zimbabwe to make informed decisions regarding risk management and governance.

Prior research on the impact of ERP systems on internal controls has mainly focused on developed countries, with limited attention given to developing economies such as Zimbabwe. Therefore, conducting research in the Zimbabwean organizational context fills an important gap in the literature and contributes to a more comprehensive understanding of the implications of ERP implementation on internal controls.

The research will provide valuable insights into the specific impact of ERP systems on internal controls in the Zimbabwean context, highlighting both positive outcomes and potential risks. The findings will help organizations navigate the complexities associated with ERP implementation and develop effective strategies for managing internal controls within an ERP environment.

Investigating the impact of ERP on the internal controls system in Zimbabwean organizations is crucial for understanding the dynamics of digital transformation and its implications for risk management and governance. By addressing this research gap, the study aims to provide actionable recommendations for organizations in Zimbabwe and contribute to the broader body of knowledge on ERP systems and internal controls in a developing country context.

Research questions

• How does the implementation of Enterprise Resource Planning (ERP) systems impact the design and structure of internal control systems in Zimbabwean organizations?
• What are the challenges and opportunities associated with ERP implementation in relation to internal controls in Zimbabwean organizations?

LITERATURE REVIEW

Information systems (ISs) are a mixture for software, hardware, infrastructure and skilled workforce structured to aid planning, managing, coordination, and judgment making in a company (Noor et al., 2019). Businesses are being revolutionised these days through traditional development or new service suppliers in areas including insurance, wholesaling, finance and retailing industries. These ITs are altering the organisation of markets, and changing the product life cycle. Production and redistribution patterns are being reordered. They are causing main alterations in the structure of companies. They alter the way employees work, preparing them for the information era.

Rahardja et al., (2023) affirms that Information systems (IS) have revolutionised the scope of worldwide infrastructure and natural world, altering business processes and removing traditional limits of companies. Evident in the survey carried out by Katuu, (2020) who advocated that the knowledge of ERP  resulted in intra-enterprise harmonisation and inter-enterprise synchronization with external business partners with the aid of customer relations and supply chain management systems. This was also supported by Alaba and Katerine (2023) who found that IT as an enabler and driver of administration strategies and processes. The capabilities of computers must be recognised and techniques in gathering, producing, and assessing data for managerial decision making associated with business strategies, management of risk and controls, and mostly for efficient organisational control. IT in itself cannot amplify the usefulness but internal auditors have to value audit objectives first and adopt the most suitable IT technique to accomplish the objectives (Student, 2023).

Information technology plays a big responsibility in communications. In-order to recognise and analyse huge amounts of data and to deal with risks, reliable and timely information is mandatory at all levels of the company (Braim, 2023). Demir & Okoth (2023) has found that information has to be conveyed faultlessly across the entire company. ERPs with the help of integrated warehouses of data can gather and process massive amounts of external and internal data for the management of enterprises.

They also provide channels for disseminating information horizontally or vertically across organisations. The internet provides a way of disseminating essential information about the organisation’s risks to parties outside the organisation (Rahardja et al., 2023)

Another important role carried out by IT is to establish and maintain monitoring activities to make sure that risk responses are conceded. These controls have to sustain strategical, reporting, operational, and compliance goals. They should guarantee that business transactions are accurate, reliable, valid and complete (Demir & Okoth, 2023). Computerised controls are not limited to endorsement, permissions, reconciliations, reasonableness and logic tests, verification, generation of computerised exception reports and check digits.

Enterprise resource planning (ERP)

Several studies have which examined ERP defined ERP systems as a collection of configurable systems which can device and administer all of the company’s resources, and they can simplify and incorporate all business processes contained by functional or technical boundaries in the organisation (Demir & Okoth, 2023,Sastrodiharjo & Khasanah, 2023, Moulogianni et al., 2023). They are company management systems may incorporate sets of wide-range of software programs, which can be used to administer and integrates all the business processes of a company. Usually they include a well-established and organised application tools used for cost and financial accounting, sales and distribution, human resources management, production and planning (Sastrodiharjo & Khasanah, 2023, Kunduru, 2023). The packages have a capacity to make possible a smooth flow of data between all supply chain processes both externally and internally in an organisation. ERP systems’ purpose is to allow room for the integration of a company’s business processes both horizontally and vertically covering the entire organisation through synchronised software applications (Buana et al., 2022).

If a company make use of ERP system, it can computerise all its important business aspects, decrease the complication and the cost of the association, force the organisation itself to participate in the business process reengineering to optimise its operations and finally result in a successful business (Noor et al., 2019). ERP systems help in reducing cycle time and therefore they may be used as a tool to help boost the level of performance of a supply chain network. ERP systems have been used in capital demanding industries such as building, aerospace, development and defence.(Braim, 2023)

History of ERP systems

Katuu (2020) ERP systems are a natural development of Manufacturing Resource Planning (MRP). The first MRPs (1960s) were known as Materials Requirements Planning (Mugahed et al., 2017). In addition, Sastrodiharjo & Khasanah (2023) further explained that both MRP and early enterprise resource planning systems focused on planning tasks in manufacturing organisations only. ERP system software developed  were mainly used for planning and scheduling software for the in-house environment including suppliers and consumers, fundamentally as unlimited enterprise software systems (Pvt, 2022). ERP software were then prolonged to include organisations in the service sector and government (Kunduru, 2023). Early computers were developed in the 1960s, and also the first MRPs recognized as MRP 1. Growth of hardware occurred in the 1970s, and the first personal computers (PCs) emerged, of which only a few included accounting functions and an early focus on the processes of a business.  Commencement of software organisations including SAP and JD Edwards emerged, as well as Oracle with their initial industrial structured query language (SQL). Then there was the arrival of MRP II in 1980s, which included closed loop business processes. The chief hardware trader by then was IBM (Aroba & Abayomi, 2023).

There was a fast growth in 1990s realised by hardware and ERP systems mainly focusing on the integration of business transactions encompassing all functional units. There was a rapid increase in the number and variety of software and hardware on the market. (Student, 2023) found the major software organisations that survived include Oracle and SAP. The challenges experienced by organisations were resistance to change caused most failures in the implementation processes of these systems. In addition, the other challenge were management of databases and projects resulted in the failure of running these systems. The organisations implementing ERP experienced budget overruns and financial constraints.

There will be an improvement in the prospect ERP systems in terms of cycle time or user friendliness for new users, and probably fast updates for active users, and huge returns for the rest of the company (Katuu, 2020)

According to Buana et al., (2022) ERP system software were used for only easy accounting and human resource management. With time, the arrival of Web technologies allowed organisations such as Baan, Oracle and SAP to initiate the development of sets of application software for ERP systems. These new technologies have had a major effect on ERP systems. Alaba & Katherine (2023) found the benefits as of ERP enjoyed by organisations who implemented ERP as a cost reduction through use of web services and also integration became simple. The desire of users for accessing information without going through ERP systems was achieved through use of web services and their composition (Kunduru, 2023). This means that users are now able to place orders, check their bank accounts, and perform any other application services effortlessly. Furthermore, the web services also offers a platform for users to communicate with the ERP software through websites that they will not have to deal directly with complexities of the system. ERP software developers are introducing broker hub setups, which intermediates web services and the ERP system software. This is witnessed in SAP via mySAP and Oracle offers this hub through e-business suite (Buana et al., 2022). This means that great improvements are ever occurring in the ERP industry.

ERP systems are mainly being installed in a dispersed and often broadly spread way. The server are mostly centralised and the user workstations are usually spread to several sites throughout the organisation. There are usually three functional units that are responsible for and coordinate the servers and workstations (Goldston, 2020). The database is the centralised component responsible for the central storage of all the data obtained from users and the data that clients may need for carrying out their tasks. This data stored in the database need to satisfy the needs for the users. There will be also an application program that interfaces the users and the data repository. The physical location of these processes and the way they are dispersed vary greatly from one system setup to another. The main architectures that are commonly used are two tier and three tier client/server implementations.

Internal Controls

Katuu (2020) noted that Internal Controls (ICs) as the acceptable business methods or procedures that are used to protect company assets, guarantee compliance with all financial and operational requirements, make sure that financial records are reliable and accurate, and in general help in achieving the company’ objectives. Alsurayyi & Alsughayer (2021) emphasised that IC methods crucial in an organisation, they can be applied to enforce financial and accounting information integrity, to realise operational and profitability objectives and convey company policies throughout the entire organisation. However, Goldston (2020) argued that ICs can be mostly classified as detective or preventative. Preventative controls are those controls that intend to keep away from errors or occurrence of abnormalities. Examples of preventative controls are

• Separation of duties as applied in cash handling processes which can be done through authorisation of different individuals to duties such as cash collection, document maintenance and the reconciliation of statements.
• Allowing the reading and understanding of the organisation’s policies and procedures, will help and avoid breach of some organisational acts
• Managers have to review periodical statements to check their validity and correctness before approving the purchases. This will help avoid misuse of funds.
• An error or abnormality is identified by a detective control after it has occurred. Detective controls are carried out on a regular basis to identify possible issues that may cause risks to the organisation on a regular basis (Aroba & Abayomi, 2023).

Importance of internal controls

Katuu (2020), Buana et al., (2022) and Kunduru (2023) uphold that internal controls help in aligning business objectives to guarantee detailed reporting process and to ensure that the tasks conducted by the employees are in line with the company’s objectives. In addition, Alaba & Katherine (2023) proved that ERP assist organisation to safeguard assets by ensuring that they are sheltered from mismanagement, hoax, robbery and inaccuracy, support first-class management, encourage observance to ruling, set laws, declaration and events

Moulogianni et al., (2023) recommend the implementation of ICs make it possible to take necessary actions in case unwanted acts occurred. This means they authorise prescribed ways to deal with fraudulence or hoaxes in case they took place. ICs also reduce susceptibility to risks, and guarantee correct financial reporting that is they ensure maintenance of precise and proper management or legislation reports. They also reduce in error correction time and allow efficient distribution of resources.

Internal Control Responsibility

All employees are answerable to ICs of an organisation or the section in question. The degree of involvement of an employee is decided by his position. (Alsurayyi & Alsughayer, 2021). Internal controls are developed by the people for guiding the people and providing these persons with ways of responsibility and people have to bring it out (Moulogianni et al., 2023). However since ICs are the arrangements, policies and regulations used to make sure that companies achieve their objectives and meet their responsibility therefore this means that the largest amount of accountability rests within the management team of the section or the organisation at large (Aroba & Abayomi, 2023).

Internal Control Limitations

Even though a sufficient and efficient system of internal controls may reduce risks to a tolerable level, ICSs are put in place to supervise rather than to get rid of risks of failure or make best use of the chances for a business to accomplish its business objectives by providing acceptable guarantee ((Demir & Okoth, 2023), (Alaba & Katherine, 2023)). Causes for collapses in ICSs include but are not limited to

• A culture which do not emphasize values of internal control systems
• Employee using short cuts rather than following proper ways
• Team member’s carelessness, lack of knowledge and poor judgement.
• Failure of recognising or taking appropriate action in case of unusual transactions
• An IC system that does not reveal altered operating conditions, particular group activities of possible new risks
• The collusion by employees for their gain or any possible reasons (FMF, 2013)

The actions that might need to be taken in order to minimise these internal control breakdowns include management encouraging reporting of internal control weaknesses, showcasing a culture of responsiveness to recognized flaws in controls, training staff members as part of induction and developing a manual for financial management practices which reflect current practice of the agency (FMF, 2013)

Mawanda (2008) from Uganda carried out a research on the effects of IC systems on the financial performance of a higher education institution. The study revealed that the administration of the organization is dedicated to the control systems and it energetically participates in the management and supervision of the operations of the University. The top level management initiates all the activities of the institution, and their audit department is not efficient.

The study concluded that the IC systems are working but with some drawbacks and that, there is an important association between ICSs and the financial performance in this institution of upper learning.

Moulogianni et al., (2023) conducted a research on the crucial success factors for the ERP implementation projects. It was evidently noted that most problems that arise in the implementation of the projects were mainly organisational rather than technological and that a critical success factor is very helpful in avoiding long term problems since most of them are strategic.

The study conducted by Kunduru (2023), Demir & Okoth (2023), Aljawarneh & Alomari, (2018) extols that auditors’ adoption of IT based tools for preventing electronic fraud is increasingly positively affecting their objectivity and independence. In his study continuous online auditing was alleged to be very efficient in avoiding fraud rather than in detecting it in the financial sectors of organisations. The study also contributed to the debate on the significance of the adoption of ICT in financial disciplines by identifying benefits perceived, external pressures and company readiness as the underlying factors.

The implementation and upgrade of ERP is influenced by existing contextual factor to include national and organisational though not necessarily bound by them (Aroba & Abayomi, 2023) study also proposes an IT strategy framework which can be used by organisation planning to implement ERP to align their business and the IT strategy.

Moulogianni et al., (2023) conducted a research on the effect of emerging technologies on organisational internal control systems. The technologies mostly implemented included ERPs, internet technology, e-commerce and wireless networks. His research revealed that more than half of the companies review their system of internal controls annually using frameworks of their choice. The study concluded that these technologies in use benefited greatly the institutions, businesses and individuals but there is need to properly control the technologies since they also introduce risks.

A study by Aroba & Abayomi (2023) revealed that ERP systems have an audit service that allows event recording in an audit trail, reviewing of access patterns and histories of objects and individuals, misuses and unauthorised activity detection, discovering user privilege extension attempts and attempts to bypass protection mechanisms. The study also recommended proper training about ERP systems for auditors to obtain a thorough understanding of the systems.

According to a study carried out by Noor et al., (2019) internal control systems have a significant effect in achieving value for money. The research additional revealed that there is a constructive relationship between the control activities, assessment of risks, control environment, information and management and value for money in Local governance. The implication was that the sounder in ICS is, the more people will stick on to it.

A study carried out by Noor et al., (2019), Braim (2023) applauds  that if internal controls are weak over financial reporting, they would negatively affect support from the public significantly. The study also presents some factors which influence donations and revealed that donors react directly or indirectly on information regarding internal controls.

The management is responsible for setting up ICSs and the role of an auditor is to assess the usefulness on the system (COSO).

This implies that the auditor plays a vital role in monitoring the system and needs to be readily available however this might make the influence of the internal control system to rest under one person, who can easily override the controls (Braim, 2023).

In his research Moulogianni et al., (2023) urged that future study might want to explore whether the implementation of ERM enhances an organisation’s internal controls because sound controls systems rests on the analysis and management of enterprise wide risks. The empirical evidence from his research shows that both internal control and ERP are related to firm’s performance but the relationship between internal control and ERP remains unclear and should be further investigated and hence the purpose of this study.

Effective control systems minimise asset loss risk, ensure completeness of plan information and its accuracy and enforce the reliability of financial statements (Buana et al., 2022). A company is reasonable assured for achieving financial reporting objectives given effective internal controls, but without them there is no such or just a little assurance. These controls are based on a risk oriented and systematic approach to make sure the availability of adequate controls in high risk areas and minimum controls in low risk areas are achieved (AICPA, 2007).

Controls were usually applied on information received by a department and were based on that department only. With the implementation of ERP systems, departments are now responsible for those controls run on behalf of other units of the company enabling trusting data captured as final. Controls are also applied at different points in processing and are put in place throughout the company (Katuu, 2020)

Many organisations have not yet fully maximised use of computerised controls inbuilt in ERP software such as Oracle and SAP. The systems need to be configured to maximise effectiveness and compliance prior to implementation, and the installation teams often does not configure properly the controls available with these systems(Widyaningdyah & Ezra, 2020)

Additionally, (Alaba & Katherine, 2023; Demir & Okoth, 2023) prove that no organisation can operate effectively without internal control system, adequate controls result from all-inclusive design process effective internal control system is a pre-requisite for achieving overall organisational objective and internal audit requires certain qualities to be effective

Furthermore the study conducted by (Kunduru, 2023; Rahardja et al., 2023) shows that ERP systems bring innovative control logics which are based on a number of linked hypothesis which have an impact on the internal audit function (IAF). His study also revealed that ERP systems’ control judgment is associated with the corporate governance objectives and goals and. There is need for an additional alignment to make the most excellent use of ERP systems in enhancing ICs. The study goes on declaring that the implementation of an ERP system produced uncertainty about activities involved by IAF, which encourages it to learn by altering its practices and structures.

Controls need to be rightly set during the implementation phase of an ERP system in-order to cut costs. Implementation teams often focus more on functionality rather than controls, spending much time on testing processes rather than issues of security (Goldston, 2020).

METHODOLOGY

Research Design:

This research article employs a qualitative research design to investigate the impact of Enterprise Resource Planning (ERP) systems on internal control systems in Zimbabwean organizations. The qualitative approach allows for an in-depth exploration of participants’ perspectives and experiences, providing rich and contextual insights (Creswell, 2009) The research design involves conducting semi-structured interviews with participants from four selected companies: Telone, Agribank, GMB, and ZESA.

Participant Selection:

The selection of companies for this study is based on purposive sampling to ensure representation across different industries in Zimbabwe. Telone, Agribank, GMB, and ZESA have been chosen to provide a diverse range of organizations that have implemented ERP systems. From each company, 2 participants were selected which gives us a total of 8 people, based on their roles and responsibilities related to ERP implementation and internal control systems. The participants include IT auditors, finance managers, internal control specialists, and other relevant stakeholders. The total number of participants for this study will be eight.

Data Collection:

Semi-structured interviews were a primary method of data collection.  Were carried out in person at the employees’ workplace on the agreed time after the permission from the company administration and employees respectively. Carrying interviews at the company premises helps employees to share their experiences, perceptions, challenges, and observations regarding the impact of ERP on internal control systems in their respective organizations (Creswell, 2009). Probing questions were employed to explore specific themes and gather detailed insights into the subject matter.

Data Analysis:

The data collected from the interviews will be transcribed verbatim and analysed using thematic analysis. Creswell (2009) and Downs (1990) emphasized that qualitative data analysis process will involve several steps. Initially, the transcripts will be read and re-read to gain familiarity with the data. Then, open coding will be conducted to identify and label meaningful units of information (Lochmiller, 2021). Codes will be grouped into preliminary themes, and through a process of constant comparison and data immersion, overarching themes and patterns will be identified. This analysis will provide a comprehensive understanding of the impact of ERP on internal control systems in the selected Zimbabwean organizations.

Validity and Reliability:

To ensure the validity and reliability of the study, several measures will be taken. The researcher will establish rapport and trust with the participants to encourage open and honest responses (Dawadi, 2020). Triangulation will be employed by collecting data from multiple sources (different companies and participants) to enhance the credibility of the findings. Member checking will be conducted by sharing the preliminary findings with participants to validate the accuracy and interpretation of their responses.

Ethical Considerations:

The research will adhere to ethical guidelines throughout the process. Informed consent will be obtained from all participants, ensuring their voluntary participation and confidentiality(ENAGO, 2012). Participants’ identities and company information will be anonymized and treated with strict confidentiality. The research will comply with ethical standards regarding data storage, analysis, and dissemination.

Limitations:

This study has a few limitations to consider. Firstly, the findings may not be generalizable to all Zimbabwean organizations, as the sample size is limited to four companies. However, the aim of qualitative research is to provide in-depth insights rather than generalizability. Secondly, the study relies on self-reported data, which may be subject to participants’ biases or limited recall. Despite these limitations, the study aims to provide valuable insights into the impact of ERP on internal control systems in the selected Zimbabwean organizations.

By utilizing a qualitative methodology involving semi-structured interviews with twelve participants from Telone, Agribank, GMB, and ZESA, this research article aims to gain a comprehensive understanding of the impact of ERP on internal control systems in Zimbabwean organizations. Thematic analysis will be employed to identify key themes and patterns from the interview data. The study’s findings will contribute to the existing literature and provide practical insights for organizations in Zimbabwe regarding the challenges, opportunities, and best practices associated with integrating ERP systems with internal control systems.

RESULTS

The implementation of ERP systems has a significant impact on the design and structure of internal control systems in Zimbabwean organizations. The findings reveal several key aspects:

Standardization and Automation: Of the 8 employees all agreed that ERP implementation promotes standardization of business processes across different functional areas. The IT Audit staff agreed that parastatals in Zimbabwe lack internal proper ERP system. This standardization facilitates the establishment of consistent internal control measures, reducing variations in controls across departments. Moreover, ERP systems enable automation of control activities, streamlining processes and reducing manual errors.

Integration of Controls: The results shows that ERP is widely used in bank as reported by the employees from the bank. They highlighted that ERP systems, assist organizations to integrate internal control activities, embedding controls within the automated processes. For instance, access controls, segregation of duties, and authorization processes can be built directly into the ERP system, strengthening the control environment and reducing the risk of fraud or errors.

Enhanced Monitoring and Reporting: The managers in all organisation agreed that ERP systems provide real-time data and reporting capabilities, enabling organizations to monitor internal controls more effectively. Organizations can track control activities, identify control gaps, and generate timely reports on control effectiveness and compliance. This enhances visibility and facilitates proactive control management.

The findings identify several challenges and opportunities associated with ERP implementation in relation to internal controls in Zimbabwean organizations:

Challenges:

Resistance to Change: The interviewed employees from all the organisations insists that ERP implementation often faces resistance from employees due to changes in work processes and job roles. This resistance can hinder the adoption of new control measures and the redesign of internal control systems.

Staff Training: The managers and auditors warns that ERP systems require employees to acquire new skills and knowledge. Inadequate training programs can pose challenges in understanding and implementing control measures effectively within the ERP environment.

System Vulnerabilities: The auditors asserts that ERP systems may introduce new risks and vulnerabilities, such as unauthorized system access or data breaches. Ensuring robust security measures and controls is crucial to mitigate these risks.

Opportunities:

Process Optimization: The managers and auditors claims that ERP implementation provides an opportunity to optimize and redesign existing processes, integrating internal control measures into the system. This can lead to increased efficiency, reduced redundancies, and improved compliance.

Data Integrity and Accuracy: The banks and ZESA employees uphold that ERP systems facilitate data integration and standardization, enhancing data accuracy and integrity. Accurate and reliable data supports effective internal controls and decision-making.

Streamlined Auditing: All the auditors upholds that ERP systems enable all auditors to access centralized data, streamlining the auditing process and improving the effectiveness of control evaluations. This enhances transparency, accountability, and audit efficiency. The findings suggest several strategies and best practices for effectively integrating ERP systems with internal controls in Zimbabwean organizations:

Comprehensive Risk Assessment: Organizations should conduct a thorough risk assessment to identify control gaps and potential risks associated with ERP systems. This assessment should consider both system-related risks and process-related risks.

Change Management and Training: Effective change management strategies should be implemented to address resistance to change and ensure employee buy-in. Comprehensive training programs should be provided to equip employees with the necessary skills and knowledge to effectively implement and manage controls within the ERP system.

Segregation of Duties and Authorization Controls: Organizations should establish clear segregation of duties and authorization controls within the ERP system to prevent unauthorized access and reduce the risk of fraud. This involves defining user roles, assigning appropriate system privileges, and implementing dual approval processes.

Continuous Monitoring and Evaluation: The employees from the finance, auditors and managers approved that ongoing monitoring and evaluation of the internal control system after ERP implementation is crucial. Regular assessments should be conducted to ensure the effectiveness and efficiency of controls and address any emerging risks or system vulnerabilities.

The results of this study highlight the impact of ERP systems on the design and structure of internal control systems in Zimbabwean organizations. It identifies challenges and opportunities associated with ERP implementation, emphasizing the importance of change management, training, and comprehensive risk assessments. The study also provides strategies and best practices for effectively integrating ERP systems with internal controls to ensure ongoing effectiveness and efficiency in the control environment. These findings can guide organizations in Zimbabwe in optimizing their internal control systems within the context of ERP implementation.

DISCUSSIONS

The research findings provide valuable insights into the impact of Enterprise Resource Planning (ERP) systems on internal control systems in Zimbabwean organizations. The discussion focuses on addressing the research questions and examining the implications, challenges, opportunities, and best practices associated with ERP implementation in relation to internal controls.

Impact on Design and Structure of Internal Control Systems:

The implementation of ERP systems has a significant impact on the design and structure of internal control systems in Zimbabwean organizations. ERP promotes standardization and automation, leading to a more uniform approach to internal controls across different departments and processes. The integration of controls within the ERP system itself allows for seamless control activities, reducing manual errors and ensuring consistency in control execution. The real-time data and reporting capabilities of ERP systems enhance the monitoring and reporting of internal controls, facilitating proactive control management and timely decision-making.

Challenges and Opportunities Associated with ERP Implementation:

ERP implementation presents both challenges and opportunities for internal controls in Zimbabwean organizations. The identified challenges include resistance to change, staff training requirements, and system vulnerabilities. Resistance to change can hinder the adoption of new control measures and necessitates effective change management strategies. Comprehensive training programs are crucial to equip employees with the necessary skills and knowledge to implement and manage controls within the ERP environment. Additionally, organizations must address system vulnerabilities and ensure robust security measures to mitigate risks associated with unauthorized access and data breaches.

On the other hand, ERP implementation brings forth opportunities for internal controls. Process optimization becomes feasible as organizations can redesign and streamline processes, integrating control measures within the ERP system. This optimization leads to increased efficiency, reduced redundancies, and improved compliance. ERP systems also enhance data integrity and accuracy through data integration and standardization, supporting effective internal controls and decision-making. Streamlined auditing is another opportunity, as ERP systems enable auditors to access centralized data, simplifying the auditing process and enhancing control evaluations.

Strategies and Best Practices for Effective Integration:

To ensure the ongoing effectiveness and efficiency of the control environment, several strategies and best practices should be considered when integrating ERP systems with internal controls in Zimbabwean organizations. A comprehensive risk assessment is essential to identify control gaps and potential risks associated with ERP implementation. This assessment should consider system-related risks, such as system vulnerabilities, as well as process-related risks.

Change management strategies are crucial to address resistance to change and gain employee buy-in during ERP implementation. Effective communication, training programs, and stakeholder involvement are key components of successful change management. Segregation of duties and authorization controls should be clearly defined within the ERP system to prevent unauthorized access and reduce the risk of fraud. This involves defining user roles, assigning appropriate system privileges, and implementing dual approval processes.

Continuous monitoring and evaluation of the internal control system are critical after ERP implementation. Regular assessments should be conducted to ensure the effectiveness and efficiency of controls and address any emerging risks or system vulnerabilities. This ongoing monitoring allows organizations to adapt controls to evolving circumstances and maintain the integrity of the control environment.

The discussion highlights the impact of ERP systems on the design and structure of internal control systems in Zimbabwean organizations. It emphasizes the challenges of ERP implementation, such as resistance to change and system vulnerabilities, while also highlighting the opportunities for process optimization, enhanced data integrity, and streamlined auditing. The discussion further outlines strategies and best practices for effectively integrating ERP systems with internal controls, including comprehensive risk assessment, change management, segregation of duties, and continuous monitoring and evaluation. By implementing these strategies and practices, Zimbabwean organizations can maximize the benefits of ERP systems while ensuring the ongoing effectiveness and efficiency of their internal control systems.

RECOMMENDATIONS

Based on the findings and discussions of the research article on the impact of Enterprise Resource Planning (ERP) on internal control systems in Zimbabwean organizations, the following recommendations are suggested:

Develop Comprehensive Change Management Strategies: Recognize the importance of change management during ERP implementation. Organizations should develop comprehensive change management strategies that include effective communication, training programs, and stakeholder involvement. Addressing resistance to change and gaining employee buy-in are crucial for successful ERP adoption and integration with internal control systems.

Invest in Employee Training and Skill Development: Provide extensive training programs to employees involved in ERP implementation and internal control management. Focus on building their understanding of ERP functionalities and control measures within the system. Continuous skill development initiatives can ensure that employees have the necessary knowledge and competencies to effectively manage controls in the ERP environment.

Conduct Regular Risk Assessments: Continuously assess and evaluate the risks associated with ERP implementation and its impact on internal control systems. Identify control gaps, potential vulnerabilities, and emerging risks within the ERP system. This regular risk assessment process enables organizations to proactively address control deficiencies and ensure ongoing effectiveness and efficiency in the control environment.

Strengthen Segregation of Duties and Authorization Controls: Place significant emphasis on establishing clear segregation of duties and authorization controls within the ERP system. Ensure that user roles and system privileges are appropriately defined and enforced to prevent unauthorized access and reduce the risk of fraudulent activities. Implement dual approval processes for critical transactions and maintain a strong control environment within the ERP system.

Emphasize Data Security and Privacy Measures: Recognize the importance of data security and privacy within the ERP system. Implement robust security measures to protect sensitive information and ensure compliance with data protection regulations. Regularly review and update security protocols to address evolving threats and vulnerabilities, thereby maintaining the integrity and confidentiality of data within the ERP system.

FUTURE RESEARCH

In future the researchers recommends further study on exploring how emerging technologies like Artificial Intelligence (AI), block chain and Internet of things(IOT) could influence the integration of Enteprise Resource Planning(ERP) systems and their impact on internal control systems in Zimbabwean organisations.

REFERENCES

1. Alaba, F., & Katherine, E. (2023). Critical Success Factors & Enterprise Resource Planning Implementation and Organizational Performance. 15(1), 19–41. https://doi.org/10.56557/JGEMBR/2023/v15i18137
2. Aljawarneh, N. M., & Alomari, Z. S. (2018). The Role of Enterprise Resource Planning Systems ERP in Improving Customer Relationship Management CRM : An Empirical Study of Safeway Company of Jordan The Role of Enterprise Resource Planning Systems ERP in Improving Customer Relationship Management CRM. June. https://doi.org/10.5539/ijbm.v13n8p86
3. Alsurayyi, A. I., & Alsughayer, S. A. (2021). The Relationship between Corporate Governance and Firm Performance: The Effect of Internal Audit and Enterprise Resource Planning ( ERP ). 56–76. https://doi.org/10.4236/ojacct.2021.102006
4. Aroba, O. J., & Abayomi, A. (2023). An implementation of SAP enterprise resource planning – A case study of the South African revenue services and taxation sectors An implementation of SAP enterprise resource planning – A case study of the South African revenue services and taxation sectors. Cogent Social Sciences, 9(1). https://doi.org/10.1080/23311886.2023.2228060
5. Braim, S. J. (2023). The ( COSO ) Framework : Implications of Internal Control Components on the Performance Manufacturing Companies. 6566(8), 1203–1227. https://doi.org/10.25212/lfu.qzj.8.1.
6. Buana, U. M., Kusumah, L. H., & Buana, U. M. (2022). Enterprise Resource Planning for Outsource Logistics Companies : A Systematic Literature Review. 1943–1950.
7. Committee, B., Supervision, B., & September, B. (1998). FRAMEWORK FOR INTERNAL CONTROL SYSTEMS Basle Committee on Banking Supervision. September.
8. Creswell, J. W. (2009). John W. Creswell’s Research Design 3rd Ed. In Research Design 3rd Ed. https://www.worldcat.org/title/research-design-qualitative-quantitative-and-mixed-methods-approaches/oclc/269313109
9. Dawadi, S. (2020). Thematic Analysis Approach: A Step by Step Guide for ELT Research Practitioners. Journal of NELTA, 25(1–2), 62–71. https://doi.org/10.3126/nelta.v25i1-2.49731
10. Demir, E., & Okoth, B. (2023). Examining the critical success factors related to enterprise resource planning : a case study in Ordu province. January. https://doi.org/10.55976/dma.12023115710-22
11. Downs, F. S. (1990). Handbook of Research Methodology. Dimensions Of Critical Care Nursing, 9(1), 60. https://doi.org/10.1097/00003465-199001000-00018
12. ENAGO. (2012). Reseach & Publication Ethics: A Complete Guide To Conducting & Publishing Research. Maturitas, 71(3), 35. https://www.enago.co.kr/academy/wp-content/uploads/2018/05/Research_Ethics.pub_V2.pdf
13. Goldston, J. (2020). International Journal of Research Publications. April.
14. Haislip, J. Z., Peters, G. F., & Richardson, V. J. (2016). International Journal of Accounting Information Systems The effect of auditor IT expertise on internal controls ☆ , ☆☆. International Journal of Accounting Information Systems, 20, 1–15. https://doi.org/10.1016/j.accinf.2016.01.001
15. Katuu, S. (2020). New Review of Information Networking Enterprise Resource Planning : Past , Present , and Future Enterprise Resource Planning : Past , Present , and Future. New Review of Information Networking, 25(1), 37–46. https://doi.org/10.1080/13614576.2020.1742770
16. Kunduru, A. R. (2023). Effective Usage of Artificial Intelligence in Enterprise Resource Planning Applications. April. https://doi.org/10.14445/22312803/IJCTT-V71I4P109
17. Lochmiller, C. R. (2021). Conducting thematic analysis with qualitative data. Qualitative Report, 26(6), 2029–2044. https://doi.org/10.46743/2160-3715/2021.5008
18. Mercy, A. D. (2023). ISSN 2411-7323 © SAGE GLOBAL PUBLISHERS. 7(1), 439–448.
19. Moulogianni, C., Bournaris, T., Dimitriadou, E., & Nastis, S. A. (2023). Greek Agricultural Processing Industries : Relationships between Critical Success Factors and Enterprise Resource Planning implementation.
20. Mugahed, A., Abdullah, A., & Ambedkar, B. (2017). Evolution of Enterprise Resource Planning *. I(11), 1–6.
21. Noor, W., Wan, A., Asat, S. H., & Ahmad, J. H. (2019). INTERNAL CONTROL AND FRAUD IN CONSTRUCTION INDUSTRY. 3(1), 56–64.
22. Pvt, U. (2022). Internal Auditing and Enterprise Resource Planning ( ERP ) Systems Prepared by : Reyad Abdullah A . Al-Weshah Head of Internal Audit Department Greater Salt Municipality February / 2022. 15(12), 8818–8830.
23. Rahardja, U., Ibrahim, S., Building, C., & Iman, J. (2023). Implementation of Enterprise Resource Planning ( ERP ) in Indonesia to Increase the Significant Impact of Management Control Systems. 7(2), 152–159.
24. Sastrodiharjo, I., & Khasanah, U. (2023). Cogent Business & Management Is it the end of enterprise resource planning ? evidence from Indonesia state-owned enterprises ( SOEs ) Is it the end of enterprise resource planning ? evidence from Indonesia state-owned enterprises ( SOEs ). Cogent Business & Management, 10(2). https://doi.org/10.1080/23311975.2023.2212499
25. Student, P. D. (2023). History , Features , Challenges , and Critical Success Factors of Enterprise Resource Planning ( ERP ) in The Era of Industry 4 . 0. https://doi.org/10.19044/esj.2022.v19n6p31
26. Widyaningdyah, A. U., & Ezra, L. (2020). J r a k. 10(2), 234–246. https://doi.org/10.22219/jrak.v10i2.11507