Sunday, September 15, 2019
ACCOUNTING SYSTEM INSIGHTS
AIS ââ¬â Final Study Chapter Highlights Chapter 1 ââ¬â ACCOUNTING SYSTEM INSIGHTS 1. Enterprise system ââ¬â A system that supports business activities throughout the enterprise, including inputs, processing, and outputs 2. Integrated enterprise system ââ¬â Shares data across functional areas within the enterprise 3. Business processes ââ¬â Related activities performed by an enterprise to create value by transforming input into output 4.Value chain ââ¬â An organizing framework for business processes, beginning with vendors and ending with customers Baseline accounting system ââ¬â A model that provides an enterprise-wide view of the firm`s accounting system 1. Transaction cycles ââ¬â Accounting transactions related to specific business processes (1) Purchasing cycle ââ¬â Transactions related to purchasing items from vendors (2) Payroll cycles ââ¬â Transactions with employees (3) Sales cycle ââ¬â Exchange or transactions between an enterprise    and its customers 2.Vendors module ââ¬â A module related to purchasing goods and services 3. Customers module ââ¬â A module related to selling the customer a product or service 4. Employee module ââ¬â A module related to the payroll cycle 5. Banking module ââ¬â A module that involves cash received and cash paid 6. Financial module ââ¬â A module that includes adjusting and correcting entries (1) Adjusting entries ââ¬â Entries to bring accounts up to date at year end (2) Correcting entries ââ¬â Entries to correct errors (3) Closing entries ââ¬â Zeros out income and expense accounts at year end 7.Reports module ââ¬â A module that relates to output from the accounting system (1) Financial reports ââ¬â Reports that include a company`s income statement, balance sheet, and statement of cash flows (2) Tax reports ââ¬â Reports used when filling federal, state, and local returns (3) Management reports ââ¬â Reports prepared to assist managers in    making decisions (4) Sustainability reports ââ¬â Reports used to evaluate an enterprise`s sustainability performance What is the importance and value of information as an asset? Today, the value of information assets for some business exceeds the value of other assets, such as land and buildings What is the role of the accounting system within the larger enterprise system? * The accounting system spans the entire value chain of an enterprise, tracking transaction information from the purchase of items from vendors through the sale of products or services to customers. Business processes are associated with the related accounting transactions known as transaction cycles.  Also readà  Modules 9 & 10The purchasing cycle consists of employee and payroll transactions. The sales cycle involves exchanges or transactions between an enterprise and its customers. In addition to the accounting system, other modules or subsystem can include supply chain management (SCM), operations/production system (OPS), human resource management (HRM), and customer relationship management (CRM). What are the database essentials that todayââ¬â¢s accounting professional needs to know? 1) A field is a piece of data, such as customer first name (2) A record is a collection of related fields, such as a customer record (3) A table is a collection of related records, such as a CUSTOMER table (4) A database is a collection of related tables, such as an accounting database (5) A database form is a computer-based form for entering data into the database (6) A database query is used to extract data from a database, such as searching for a customerââ¬â¢s account balance. (7) A dat   abase report is a computer-based output to display What are the SDLC (Software Development Life Cycle) phases? The system development life cycle organizes the activities involved in developing a new system into the following six distinct phases: (1) Plan the system project including scheduling, budgeting, and staffing (2) Analyze the new system requirements, such as what reports are required and what data needs to be collected by the system (3) Design business processes and databases for the new system (4) Build/buy and test databases and computer programs for the new system (5) Install new IT hardware, software, and databases 6) Deploy the new system, using the system on an ongoing basis and maintaining and updating it as necessary. Why is it important to safeguard information assets? * To protect information assets, organizations implement security and controls to prevent fraud, unauthorized access, modification, destruction, or disclosure. Internal control is the set of policies    and procedures enterprises use to safeguard assets, including information assets, and to prevent and detect errors. What are the three functions of an accounting system in todayââ¬â¢s business environment? 1) Collecting, recording, and storing financial and accounting data (2) Providing financial analytics and business intelligence for improved decision making and business performance (3) Safeguarding information assets stored in accounting systems using security, controls, and risk management Chapter 2 ââ¬â ACCOUNTING DATABASES 1. Operational database ââ¬â Databases used to store data related to business operations and transactions 2. Data warehouse ââ¬â Stores data from a variety of sources and is used for business intelligence 3. Database administrator (DBA) ââ¬â Responsible for managing the enterpriseââ¬â¢s databases 4.Intersection table ââ¬â Placed at the junction of two tables to eliminate a many-to-many relationship 5. Composite primary key ââ¬â    Used when more than one field is required to uniquely identify a record 6. Normalization ââ¬â A process for removing database anomalies or problems 7. Database integrity ââ¬â Ensures that the database contains accurate, valid data Rule 1: Entity integrity Each record in the database must have a unique identifier. No two records in the database can have the same primary key value. Rule 2: Primary key integrity The primary key value cannot be null (empty).Rule 3: Domain integrity The field values must be from a pre-defined domain. Rule 4: Referential integrity Data referenced and stored in related tables must be consistent across the database. DBMS is a software used to (1) Create database tables (2) Transfer data from the accounting software to the database (3) Update data in the database (4) Delete data from the database (5) Sort database tables (6) Run queries What data is stored in accounting databases? * Organizations store data about assets, liabilities, operations, tran   sactions, employees, customers, vendors, and more in databases.Accounting databases needs to be well structured, redundancy-free, consistent, and current What are the three tiers in accounting system architecture? (1) Database tier: The back-end accounting database stores accounting data in database tables. A back-end database management system (DBMS) sorts, stores, inserts, updates, and deletes accounting data and runs queries (2) Application tier: Accounting software applications interact with the DBMS to access the back-end accounting database (3) User tier: The user tier consists of the interface appearing on the accountantââ¬â¢s computer screen.The user interface consists of database forms and reports. What are enterprise databases? * Enterprise databases used by an enterprise for business purposes can be considered as one of two types: internal databases or external databases (1) Internal databases are databases in which the data belongs to the organization. Internal databa   ses consist of two varieties: operational databases and data warehouses. Operational databases, such as an accounting database, store enterprise transactions. Data warehouses store data from a variety of sources. 2) External databases are databases containing data collected by other organizations. What problems can result from poorly designed databases? * Poorly designed databases may contain database problems or anomalies, such as problems with inserting, updating, and deleting data. This can result in inaccurate, unreliable accounting data. * Three types of database anomalies (problems) are DUI: Deletion, Update, Insertion What are the steps used to build an accounting database? (1) Identify and build database tables (2) Identify and enter fields in each database table (3) Select the primary key for each table 4) Identify and build relationships among database tables, removing any many-to-many relationships by creating intersection tables Chapter 3 ââ¬â ACCOUNTING INTERFACE 1.    Graphical User Interface (GUI) ââ¬â User interface containing images and icons 2. Data validation ââ¬â Tools used to minimize data entry errors, such as drop-down lists 3. Real-time reports ââ¬â Reports that provide up-to-the-minute data without a time lag 4. Live reports ââ¬â Reports that provide up-to-the-minute data continuously 5. Structured query language (SQL) ââ¬â Code used to search and retrieve data 6.Query Builder Tools ââ¬â Streamlines query development What is the role of the accounting system interface? * The accounting system user interface plays an important role in entering accounting data and retrieving accounting information. The accountant views the interface on the screen, and the RDBMS and database are behind the screen. The accounting software interface interacts with the RDBMS using database forms, queries, and reports. Features of a well-designed interface include user-friendly, effortless navigation, and customizable preferences. Wha   t is the role of database forms? Database forms are commonly used to input data into accounting system. The database forms are frequently designed to look like commonly used and familiar items, such as an invoice or a check. What is the role of database reports? * The output of the accounting system is typically displayed in a report format. The report displayed on the userââ¬â¢s computer screen is actually a database report that is formatted to meet accounting requirements. The database report uses information from the database to populate the report. What is the role of database queries? * One component of the user interface is retrieval or query.Sometimes the interface will call this a search and provide a form where the search question can be entered. In other instances, a query may be run to prepare a report, retrieving data from the database to enter into the database report that appears on the userââ¬â¢s computer screen. Well-designed database forms are designed to save    time and minimize data entry errors. A few general guidelines for database form design include the following: (1) Enter data once (2) Use data validation (3) Enable auto entry (4) Mirror paper forms (5) Design user-friendly forms (6) Implement appropriate security Chapter 4 ââ¬â ACCOUNTING SYSTEMS AND B.PROCESSES 1. Data flow diagrams (DFDs) ââ¬â a technique used to document business processes using agent, event, data store, and data flow symbols 2. Data flows ââ¬â shows how data enter, moves, and exits a system 3. Data stores ââ¬â a database table represented by an open rectangle 4. Events ââ¬â a process represented by a rounded rectangle 5. Agents ââ¬â a person or department represented by a square symbol 6. External agent ââ¬â an agent outside the enterprise 7. Internal agent ââ¬â employees within the organization 8. Event-agent-database (EAD) table ââ¬â each row in this table corresponds to an event in a DFD 9.DFD Fragment ââ¬â a DFD of a    single event 10. Black hole ââ¬â a DFD error that occurs when data goes into a process but no data exists 11. Gray hole ââ¬â a DFD error that occurs when the input data does not correspond to the output data 12. Miracle ââ¬â a DFD error that occurs when there is no input to a process The approach to reading a DFD is to use the following four steps (1) Identify the agents (internal and external) (2) Identify events (3) Identify database tables (4) Trace the data flows How are accounting systems developed today? * Today, most accounting systems are developed in two stages.First, baseline accounting software is selected. Then the accounting software is customized to meet the enterpriseââ¬â¢s specific needs. How is customization of accounting systems documented? * Customizing an accounting system involves documenting the specific needs of the enterprise using data flow diagrams to provide a detailed view of the enterpriseââ¬â¢s business processes. Each module of the b   aseline model can be customized to meet the enterpriseââ¬â¢s needs. Additional modules might also be needed to provide the required customization, such as a production module to track manufacturing costs.Chapter 5 ââ¬â BUSINESS PROCESSES 1. Gap Analysis refers to analyzing the gap between the baseline modules and the customization required to meet enterprise-specific needs. 2. Big Bang refers to when all system modules are built and implemented for the entire enterprise at the same time. 3. Stages refers to when modules or locations for a new system are built and implemented stage by stage instead of all at once. How are business processes documented? * The baseline accounting system can be customized using data flow diagrams (DFDs) to document the enterpriseââ¬â¢s business processes.What is gap analysis? * A gap analysis identifies the gap between the selected baseline system, such as SAP, and the customization required by the specific enterprise. What is the difference b   etween the big bang approach and stages approach to customization? * The two approaches to customization are big bang and stages. The big bang approach is used when all the modules are built and implemented for the entire enterprise at the same time. The stages approach involves completing modules or locations stage by stage instead of all at once. What is a workflow management system? Workflow management systems automate workflow by automatically forwarding the electronic document to the next step in the business process. Chapter 6 ââ¬â INTEGRATED ENTERPRISE SYSTEMS 1. Order-to-cash ââ¬â corresponds to the sales cycle 2. Procure-to-pay ââ¬â corresponds to the purchasing cycle 3. Spaghetti code ââ¬â programming code used to connect stand-alone systems 4. Three-tier architecture ââ¬â when an enterprise system uses layers of IT components: enterprise database, application, and client computers 5. Firewall ââ¬â software programs on a router that monitor network    traffic 6.Business process management (BPM) ââ¬â transforming business processes to improve efficiency Top Reasons for Failed ERPs include the following: (1) Unrealistic budget. Underestimated costs. Overestimated benefits. (2) Unrealistic schedule. Not enough time allowed for project completion. (3) Not a good fit. User requirements are not net. Baseline system not a good fit with business processes. (4) Too much change. Failure to educate employees on changes to expect. Lack of adequate change management. (5) Lack of project champion at the top. Commitment by top management is lacking to champion the project.What are advantages of an integrated enterprise system? * The integrated enterprise system offers many advantages over the functional silo approach to enterprise systems. The accounting functions are integrated into the larger enterprise system, permitting accounting to share data with other functional areas and better coordinate activities. What are challenges associated    with an integrated enterprise system? * Challenges of an integrated enterprise system include business processes that may need to be redesigned and managing the changes required by the new system. How is data entered in an integrated enterprise system? Database forms that relate to business process activities permit users to enter data once into the IES and have the data shared throughout the enterprise, eliminating the need for different functional areas to rekey the same data. How does an integrated enterprise system relate to the accounting system? * Integrated enterprise system use a modular approach that is consistent with the baseline accounting system model. The basic module names may vary but the functions are basically the same. Integrated enterprise systems integrate accounting with other modules for an enterprise.Customer and vendor systems can also be integrated. Chapter 10 ââ¬â FRAUD AND INTERNAL CONTROL 1. Entity-level IT controls ââ¬â processes, organization s   tructure, and leadership for IT to support an organizationââ¬â¢s business strategy and objectives, such as internal audits 2. IT general controls ââ¬â controls that apply to IT services in general and ensure continued IT operation and availability, such as change and access controls 3. Application controls ââ¬â controls embedded within business process applications, such as accounting software controls A.Classification by the control objectives specified in the COSO internal control framework: i. Operation controls ââ¬â controls to ensure that operations are completed appropriately, such as the timing of cash disbursements to ensure that late fees are avoided ii. Financial controls ââ¬â controls to ensure that external financial reports are prepared on a timely basis in compliance with laws, regulation, or contractual agreements iii. Compliance controls ââ¬â controls to maintain confidentiality of information in accordance with all applicable laws and regulati   ons B.Classification by how the process is completed: iv. Manual controls ââ¬â controls performed without the assistance of technology v. Automated controls ââ¬â controls performed automatically by computers 1. Input controls ââ¬â controls over data entered into the system 2. Processing controls ââ¬â controls to ensure that amounts have been processed appropriately 3. Output controls ââ¬â controls to ensure that reports are distributed only to appropriate users vi. Hybrid controls ââ¬â a combination of manual and automated controls What is SOX and how does it affect the accounting system? Sarbanes-Oxley (SOX) legislation resulted from the accounting scandals of 2002. This legislation requires organizations to use recognized framework for internal controls. As a result, many organizations adopted COSOââ¬â¢s Internal Control ââ¬â Integrated Framework and the COBIT framework for IT controls What is IT control architecture? * IT control architecture is a b   lueprint for IT controls in the organization. This blueprint shows that internal control impacts IT at three levels within the organization resulting in three levels of IT controls: * Entity-level IT controls Application controls * IT general controls How can control weaknesses be documented? (1) Build a DFD (2) Document preventive and selective controls on the DFD (3) Document control HotSpots on the DFD Fraud and abuse can be classified into three broad categories: (1) Corruption, such as bribery (2) Misappropriation of assets, including theft of cash, fraudulent disbursements, or stealing merchandise (3) Fraudulent financial reporting, such as misstating financial statements in order to meet earning targets. Three elements required to prove fraud are the followings: 1) A material false statement is made with the intent to deceive (2) A victim relies upon the false statement (3) The victim incurs damages The fraud triangle depicts the three conditions that typically must exist in    order for a fraud to be perpetrated (1) Motive ââ¬â reason for committing the fraud, such as financial difficulties (2) Opportunity ââ¬â access to the asset or financial statements in order to carry out the fraud (3) Means ââ¬â knowledge or skills that permit the perpetrator to commit the crime Internal Control is a process, effected by an entityââ¬â¢s board of directors, management, and other personnel.This process is designed to provide reasonable assurance regarding the achievement of objectives in effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations. SOX (Sarbanes-Oxley Act) emphasize a strong system of internal control as a means of avoiding Enron-sized accounting frauds. SOX Requirements to remember (1) Section 302. Corporate responsibility for financial reports (2) Section 404. Management assessment of internal controls (3) Section 806.Protection for employees of publicly traded comp   anies who provide evidence of fraud (4) Section 906. Corporate responsibility for financial reports Audit and Internal Controls (SOX) (1) Audit of internal control ââ¬â tests of controls to obtain evidence that internal control over financial reporting has operated effectively (2) Audit of financial statements ââ¬â tests of controls to assess risk and substantive procedures to collect evidence regarding the accuracy, completeness (3) IT audit ââ¬â audit of IT controls 4) Integrated audit ââ¬â integrates an audit of internal control with an audit of financial statements There are two types of deficiencies that may be found in internal control over financial reporting: (1) Material weakness ââ¬â deficiency that results in a reasonable possibility that a material misstatement of financial statements will not be prevented or detected on a timely basis (2) Significant deficiency ââ¬â a deficiency in internal control over financial reporting that is less severe tha   n a material weakness COSO (Committee of Sponsoring Organization of the Treadway Commission) Internal Control Objectives 1) Effectiveness and efficiency of operations (2) Reliability of financial reporting (3) Compliance with laws and regulation Internal Control Components (1) Control environment ââ¬â control environment factors include integrity and ethical values, importance of board directors, management philosophy and operating style, organization structure, commitment to financial reporting competencies, authority and responsibility, and human resources (2) Risk assessment ââ¬â involves identifying, analyzing, and managing risks that affect a companyââ¬â¢s ability to record, process, summarize, and report financial data properly.Risk assessment control objectives include the following: A. Importance of financial reporting objectives B. Identification and analysis of financial reporting risks C. Assessment of fraud risk (3) Control activities ââ¬â include policies    and procedures to mitigate risks including financial, operational, and compliance controls. Control activities include the following: D. Segregation of duties ââ¬â to divide authorization, recording, and asset custody among different individuals E. Independent reconciliations of assets and accounting records ââ¬â such as bank statement reconciliations and inventory reconciliations F.Physical controls ââ¬â to provide for physical security of assets, such as security cameras and restricted access to corporate buildings G. IT controls ââ¬â to ensure appropriate information processing, authorization, and data integrity. (E. g. Data validation) (4) Information and communication ââ¬â includes the accounting system for identifying, recording, processing, and reporting transactions and financial data. An organizationââ¬â¢s system produces reports, containing operational, financial, and compliance information.Internal control principles related to this component inclu   de information technology, information needs, information control, management communication, upstream communication, board communication, and communication with external parties (5) Monitoring ââ¬â involves assessing internal controls as well as the process for taking corrective action if needed. Effective monitoring includes: H. Ongoing monitoring ââ¬â such as controls over purchasing I. Separate evaluations ââ¬â such as an internal audit that assesses internal controls. J.Upstream communication to report internal control deficiencies COBIT (Control Objectives for Information and related Technology) Three Dimensions (1) IT Resources can be divided into the following four categories: A. Application ââ¬â consists of manual and programmed procedures to process information B. Information ââ¬â includes structured and unstructured data in any form, such as text, graphics, pictures, audio and video. Data is input, processed, and output by the system C. Infrastructure à   ¢â¬â refers to IT technology including hardware and software. It may also include physical structures, such as a data center facility D.People ââ¬â includes staff members as well as their knowledge and skills to plan, organize, acquire, implement, deliver, support, monitor, and evaluate IT processes and systems (2) IT Processes deliver information, run applications, and use infrastructure and people to accomplish IT goals in light of business requirements. IT processes are grouped into the following four domains E. Plan and Organize (PO) domain ââ¬â relates to IT strategy and tactics to contribute to attaining business goals F. Acquire and Implement (AI) domain ââ¬â identifies, acquires (built or bought), and implements IT solutions.Also ensures that the SDLC phases and activities are used when upgrading and modifying current systems G. Deliver and Support (DS) domain ââ¬â concerned with the delivery of IT services. Encompasses IT operations, security and training   . Assures the continued support and maintenance of these services H. Monitor and Evaluate (ME) domain ââ¬â monitors IT processes for compliance with control requirements. Includes management oversight of control processes as well as independent assurance services provided by internal and external audits (3) Business Requirements (Information Criteria) I.Three criteria relate to the information security: confidentiality, integrity, availability (CIA) J. For the remaining four criteria, COBIT relies upon definitions used by COSOââ¬â¢s Internal Control ââ¬â Integrated Framework (Effectiveness, Efficiency, Reliability, Compliance) Chapter 11 ââ¬â CYBERSECURITY What are the 10 domains of cybersecurity? (1) Legal, regulations, compliance, and investigations (2) Information security and risk management (3) Security architecture and design (4) Telecommunications, network, and Internet security (5) Control access (6) Operations security (7) Physical and environmental security    8) Application security (9) Business continuity and disaster recovery (10) Cryptography What is the scope of cybersecurity in the accounting system? * Cybersecurity in an enterprise is not limited to just guarding against hackers and cyberattacks. It involves many aspects of enterprise operations, including how you train and educate your employees about security awareness to safeguarding information assets, how to implement new technologies in a security conscious manner, how to maintain backups in order to recover and continue business operations, and how to provide the highest level of security in a cost-effective wayWhy is encryption important in securing accounting data? * For accounting purposes, encryption provides an especially valuable tool offering increased data integrity and confidentiality. Encryption can be used for accounting data in transit and for accounting data stored in the database. If an attacker is successful in penetrating the enterprise security and reaches t   he database, encryption of the stored data is an additional line of defense *Refer to Lecture PPT slides for more detailed information regarding key terms.Chapter 12 ââ¬â THE RISK INTELLIGENT ENTERPRISE What is a risk intelligent enterprise? * The risk intelligent enterprise moves beyond security and controls to managing risk and then to using risk to create value What is the enterprise risk management (ERM) framework? * The ERM framework offers guidance to enterprises implementing enterprise risk management. ERM units may consist of entity-level units, divisions, business units, and/or subsidiaries * The four ERM objectives are Strategic ââ¬â relate to goals that support the entityââ¬â¢s mission * Operational ââ¬â relate to the effective and efficient use of the entityââ¬â¢s resources * Reporting ââ¬â relate to the reliability of the enterpriseââ¬â¢s reporting, both internal and external * Compliance ââ¬â relates to the entityââ¬â¢s compliance with a   ll applicable laws and regulations * The eight ERM components consist of * Internal environment ââ¬â involves the risk management philosophy of the enterprise, including the tone set by top management. Risk resilience, risk appetite, risk tolerance, integrity, and ethical values also affect the nternal environment * Objective setting ââ¬â setting objectives that are consistent with the entityââ¬â¢s mission and risk appetite * Event identification ââ¬â involves identifying potential events that might affect the entity. Events can be either internal events or external events that might affect the entityââ¬â¢s ability to achieve objectives. * Risk assessment ââ¬â the process of assessing the extent to which events would impact an entityââ¬â¢s ability to achieve its objectives (impact/likelihood) * Risk response (avoidance/reduction/sharing/acceptance) * Control activities Information and communication * Monitoring What is spreadsheet risk management? * A signif   icant risk for many enterprises is the widespread use of spreadsheets with limited controls. A spreadsheet risk management program includes using access and change controls with spreadsheets in order to be SOX compliant Chapter 13 ââ¬â ACCOUNTING SYSTEM DEVELOPMENT * This chapter explains stages of SDLC (Software Development Life Cycle) and SDM (Software Development Methodologies). Refer to Lecture PPT slides for more information.    
Subscribe to:
Post Comments (Atom)
 
 
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.