The impact of information technology risks on the quality of accounting information in enterprises in Vietnam

unintentional changes to data (Probst et al., 2010). When considering external threats, hackers are often the ones that come to mind, but previous research has shown that the costs and impacts of internal threats can be even greater (Posey et al., 2011; Wall, 2012).

For the success of an ERP system, data quality is very important because it ensures the improvement of efficiency in the company (Emeka-Nwokeji, NA, 2012). Zhang et al (2002) also argued that the accuracy of data is related to the success or failure of ERP system operation. Redman (1992) and Xu (2003) agreed with the view that incomplete and inaccurate data can harm the competitiveness compared to competitors, poor data quality seriously affects the output of the ERP system.

Laudon and Laudon (2018) advise organizations to have a plan to deal with data incidents if they occur, strengthen the role of data quality auditing and data encryption to provide information systems with reliability, security, and safety. In addition, it is necessary to pay attention to threats to the organization's data from both inside and outside (Yang and Jiang, 2014; Zhuang, 2014).

Inheriting the viewpoints from previous studies by Redman (1992); Zhang et al. (2002); Yang and Jiang (2014); Zhuang (2014) and Laudon and Laudon (2018) and the implications of contingency theory (Galbraith, 1973; Wetherbe and Whitehead, 1977; Otley, 1980; Ginzberg, 1980; Chenhall and Morris, 1986; Mahmood and Swanberg, 2001; Daoud and Triki, 2013), the following hypothesis is put forward:

Maybe you are interested!

H3: Data risk has an impact on CLHTTTKT.

The relationship between IT application risks and IT governance

IT impacts the quality of information technology (measured by scope, reliability, comprehensiveness, flexibility, timeliness, and usefulness), which in turn impacts the quality of information technology (Wisna, 2013).

The future of AI will continue to be closely tied to technology platforms. Cloud computing technology provides processing power that is not available to all businesses to date (Strauss et al., 2015), and the spread of AI will increase as technology advances.

unprecedented developments in technology. Smaller businesses will be able to use AI as effectively as large businesses have been able to for decades, data can be collected not only from regular user inputs, but also from previously unconnected internet-enabled devices, the Internet of Things will provide businesses with data from the most unusual places, used for accounting purposes (Mazhelis et al., 2012). In addition, the emergence of more and more smart mobile devices allows decision makers to access and retrieve information from their AI anytime, anywhere. Therefore, the technological future of AI looks promising and bright (Quinn and Strauss, 2018).

Like other professions, accountants and finance professionals face emerging challenges brought by new technology, not least external and internal compliance reporting (Belfo and Trigo, 2013). Inadequate technology to support the accounting information system can burden the company with increased costs of maintenance and data recovery and issues of data reliability, security and privacy. Inadequate technology therefore has the potential to corrupt the results of the accounting information system, namely the reports and information that support decision making (Ghasemi et al., 2011), leading to inaccurate and unreliable decisions.

Quinn and Strauss (2018), point out some emerging challenges to the adoption of technology in AI related to big data analytics, cloud computing, and mobile technology in the current period. Smarter and more powerful infrastructure combined with unparalleled access to data are creating new business models that are associated with new complexities; complexities that AI cannot escape from.

Increased global competition and constant changes in information processing technology pose new challenges to both auditors and managers who are responsible for establishing, implementing, and monitoring internal control solutions within organizations.

Due to the rapid pace of change in IT, many organizations find it difficult to keep up with the skills required to operate new systems, while also understanding

The impact of this new information processing technology. IT brings opportunities but it also opens the door to new threats to the internal control of the information system (Korvin, 2004). The IT risks that can threaten the information system of the enterprise include: failure to monitor or adapt to changes in IT, instability of IT architecture, mismatch of IT with business needs, new IT is difficult to use and the complexity of IT is also noted in the study of SA Sherer and S. Alter (2004).

According to Abu-musa (2006), advances in technology have also created significant risks related to ensuring the security and integrity of computer-based information systems. In many cases, technology has developed more rapidly than advances in control practices and has not been accompanied by similar developments in staff knowledge, skills, awareness and compliance.

Inheriting the contingency theory implications (Galbraith, 1973; Wetherbe and Whitehead, 1977; Otley, 1980; Ginzberg, 1980; Chenhall and Morris, 1986; Mahmood and Swanberg, 2001; Daoud and Triki, 2013) and the NC perspectives of Korvin (2004), SA Sherer and S. Alter (2004) and Abu-Musa (2006), the following hypothesis is formulated:

H4: The risk of applying IT advances affects the quality of IT services.

The relationship between human resource risk and CLHTTTKT

According to Aziz et al. (2012), the most successful factor for information systems is considered to be related to the individual factor and it has been revealed that for any organization, people are always an important asset. The application of information technology and the operation of information systems are influenced by the skill level, education level, training level, expertise and attitude of each individual towards information technology and information systems in the organization (Mahmood and Swanberg, 2001). Mkonya et al. (2018) quoted from NC Tambovcevs (2010), unskilled employees are also considered to be the cause of failure in operating information systems.

The work experience of the manager is also an important success factor (Hyvari, 2006). The ineffectiveness of the accounting information system is due to the lack of skilled, competent and untrained staff (Shareia, 2006 cited in Mkonya et al., 2018). In addition, the competence of the accounting staff is also considered to be key to the success or failure of the accounting information system (Daoud and Triki, 2013). Furthermore, knowledge

Accounting managers' knowledge has long been recognized as influencing the accounting information system (Komala, 2012).

Xu et al (2003) argue that people are important and even more important than the system. Human factors have a much greater impact on IT quality and IT staff cannot create all the controls to put into the system but still need people to enforce the rules and controls.

Wongsim (2013) argues that lack of proper training and education can lead to serious problems for the organization due to its impact on the quality of information systems and the quality of information systems. Shien (2015) cites Romney and Steinbart (2012), stating that the success of an information system often depends on the organization’s ability to overcome constraints/obstacles. Iskandar (2015) concludes that management commitment and user competence influence the quality of information systems. Users are the ones who produce the results and are responsible for making the system work as expected. The main reason for training and education is to improve the expertise and knowledge level of people in the company (Zhang et al., 2002).

The following hypothesis is derived from the contingency theory implications (Galbraith, 1973; Wetherbe and Whitehead, 1977; Otley, 1980; Ginzberg, 1980; Chenhall and Morris, 1986; Mahmood and Swanberg, 2001; Daoud and Triki, 2013) and inherits the NC perspective of Xu et al. (2003), Zhang et al. (2002), Wongsim (2013), Iskandar (2015) and Shien (2015):

H5: Human resource risk has an impact on the quality of human resource management.

The relationship between management commitment risk and CLHTTTKT

If the operation of an information system is supported and committed by management at multiple levels, it is more likely to be positively perceived by both IT staff and users. Both groups will believe that their involvement in the development process will receive greater attention and priority. They will be recognized and rewarded for the time and effort they put into the work. Management support also ensures that the information system will have the resources and funding to succeed. In addition, changes in work habits and processes, or organizational arrangements, affect

implementation of a new system will be effective when there is management support. When managers view a new system as a priority, it increases the likelihood that subordinates will behave similarly (Laudon and Laudon, 2018).

In terms of function, senior managers are considered to be decision makers, policy makers, resource allocators, monitors and evaluators of the implementation of the IT system, and their support and commitment will have more influence on the design and implementation of the IT system and the success of the information (Young and Jordan, 2009). Mkonya et al. (2018) stated that senior management support is policy making, resource allocation and monitoring of the implementation of the IT system. Darma, J. et al. (2018) cited the research of Fortune and Peters (2005) who stated that senior management support refers to the willingness of managers to provide the necessary resources for the successful operation of the IT system. Mahmood and Swanberg (2001) found that management support creates a better chance of avoiding system inefficiency and failure. Zhang et al. (2002) added that the implementation of an information system can be severely handicapped if some important resources (human, financial, and equipment) are not available. In addition, lack of top management support, data accuracy, and user participation are the causes of system implementation failure. In the statement of Wilson et al. (1994) cited by Zhang et al. (2002) on ERP system implementation, it is also pointed out that lack of top management support, changes in personnel, lack of discipline, resistance, and lack of company-wide commitment are the major factors that slow down the system implementation process.

IT projects require the allocation of resources to design, train employees, and technology processes (Mkonya et al., 2018). Zhang et al. (2002) added that senior management support in ERP implementation has two main aspects: (1) providing leadership and (2) providing the necessary resources. For a smooth and successful ERP implementation, enterprises require a steering committee to attend team meetings and oversee implementation efforts, spend time with people, and provide clear direction for the project.

In every stage of the system development cycle, top management plays a crucial role, including planning and implementation (Meiryani, 2014). Mkonya et al (2018) cited Mahmood and Swanberg (2001) in their study, stating that support from managers will give a better chance of avoiding system inefficiencies and failures. Top management support is not only important for allocating the necessary resources but also sends a strong message to employees that the changes being made are necessary for the system to function (Shien, 2015 cited in Muntoro, 1994).

The above views indicate that commitment to support from managers in every stage of developing the IT system is essential. Their participation in planning, implementing, monitoring, and evaluating the IT system, as well as clear direction for system implementation will make subordinates see clear action goals, motivate and inspire them to perform tasks to achieve the unit's goals and successfully operate the IT system. Moreover, timely and appropriate support of necessary resources such as human resources, finance, time and means from managers also makes the IT system operate smoothly and without interruption. An effectively and successfully operated IT system will be a quality IT system, leading to an increase in the quality of the IT system. On the contrary, an organization that lacks commitment and support from management will risk causing failure, even disaster, in the operation of the IT system at that organization.

From the perspective of the research of Zhang et al. (2002), Meiryani (2014), Shien (2015) and Mkonya et al. (2018) and applying the implications of contingency theory (Galbraith, 1973; Wetherbe and Whitehead, 1977; Otley, 1980; Ginzberg, 1980; Chenhall and Morris, 1986; Mahmood and Swanberg, 2001; Daoud and Triki, 2013), the following hypothesis is formulated:

H6: Management commitment risk has an impact on the quality of financial statements.

The relationship between organizational culture risk and CLHTTKT

Corporate culture influences how an organization sets its strategy and objectives; structures its business; identifies, assesses and responds to risks; and is therefore the foundation for

all other components of enterprise risk management (ERM). There are three factors that influence the design of an accounting information system: IT development, business strategy, and organizational culture. Weak or non-existent internal environment often leads to failure in risk management and control (Romney and Steinbart, 2018). According to Omar et al (2016) in citation Kieso et al (2007), the application of accounting information systems depends heavily on the corporate culture for the accounting system to function well. Stair and Reynolds (2010) also argued that the effectiveness of developing new information systems is influenced by organizational culture.

Wongsim (2013) pointed out that lack of teamwork and communication between departments pose risks in the implementation of ERP systems. Zhang et al. (2002), in their study on the successful operation of ERP systems in the Chinese market, stated that cultural differences between Eastern and Western countries are factors that affect the success of the system. To elaborate, Zhang et al. cited the study of Krumbholz and Maiden (2001) which asserted that the conflict between the culture introduced in ERP and the existing organizational culture is the cause that affects the successful implementation of ERP systems.

Managers will always want to maintain the old culture in applying new information systems (cited in Susanto, 2013 by Omar et al., 2016). The results of research conducted on listed companies in Iran by Salehi and Abdipour (2011) showed that organizational culture becomes a barrier to establishing information systems.

Napitupulu (2015) cited McShane and Glinow (2010), confirming that organizational culture has a strong influence on the construction and operation of information systems in enterprises. Organizational culture is expressed through the characteristics: attention to detail, innovation, team orientation, results orientation, people orientation, stability and enthusiasm.

Romney and Steinbart (2018) emphasize that human resource standards should attract, motivate, develop, and retain talented people. Organizational culture should emphasize integrity and commitment to ethical values and competence. The more accountable management is, the more likely employees are to behave responsibly. If management is less concerned with internal control and risk management, employees will be less diligent in achieving control objectives.

Applying the implications from structuration theory (Giddens 1979, 1984; Walsham 1993, 2002 ; Bratteteig and Gregory, 1999 ; Wanyama, I., and Zheng, Q., 2010) and inheriting similar NC perspectives (Zhang et al., 2002; Wongsim, 2013; Napitupulu, 2015 and Romney and Steinbart, 2018), the author builds the hypothesis:

H7: Organizational culture risk has an impact on the quality of information technology.

The relationship between CLHTTKT and CLTTKT

Romney and Steinbart (2018) argue that an IS has the ability to capture, record, store, and process data to generate information for business decisions. Meiryani (2014), citing O'Brien (2003), states that an IS assists managers in performing managerial functions by providing the information they need. Hall (2011) states that the purpose of an IS is to (1) provide information about the resources used by the organization, (2) provide information relevant to managerial decision making, and (3) help employees perform their tasks effectively and efficiently.

A study by Sajady et al. (2008), evaluating the effectiveness of the accounting information system, shows that the performance of the accounting information system leads to improved quality of financial statements and faster transaction processing. Another conclusion by Sačer et al. (2006) describes the relationship between accounting information system and reporting based on the quality characteristics of accounting information (accuracy, reliability, timely access, updating, availability, meeting user expectations, etc.). Finally, according to Schipper and Vicent (2003), accounting information system is recognized as an important reporting system that provides stakeholders with quality accounting information to make useful decisions.

The evidence presented above leads to the final hypothesis:

H8: CLHTTTKT has an impact on CLTTKT.