Configuring the Enterprise Systems Portfolio: The Role of Information Risk
Information risk, the likelihood that corporate financial information is of poor quality, adversely impacts investor confidence regarding a firm’s financial health, making it an economically important problem. Viewing a firm’s enterprise systems (ES) portfolio as made up of operational modules (customer relationship management and supply chain management) and functional modules (accounting and finance, and human resource management), we examine how firms configure their ES portfolio by changing the balance in the implementation of two types of modules in response to information risk. We find internal controls to be an important contingency in determining how firms change their ES portfolio balance when information risk increases. When there is no weakness in internal controls, firms change their ES portfolio balance more toward operational modules. However, when internal controls are afflicted with material weakness, firms change their ES portfolio balance more toward functional modules instead. When evaluating the link between ES portfolio configuration and information processing requirements in the context of financial processes, managers should assess both information risk and internal controls to decide how to change the balance between operational and functional modules that are implemented.