ACCT INFO SYSTEM
ACCT INFO SYSTEM ACCT 322
Popular in Course
Jarvis Reilly DDS
verified elite notetaker
Popular in Accounting
This 59 page Study Guide was uploaded by Jarvis Reilly DDS on Saturday September 26, 2015. The Study Guide belongs to ACCT 322 at Clemson University taught by Richard Dull in Fall. Since its upload, it has received 732 views. For similar materials see /class/214237/acct-322-clemson-university in Accounting at Clemson University.
Reviews for ACCT INFO SYSTEM
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 09/26/15
Andrew T Sheils Examination Questions 11 Although it is the specific role of the data librarian would that process along with other control processes not be included together as data control 18 It states that written approvals are not considered a control goal of input accuracy Written approvals these take the form of a signature or initials on a document to indicate that someone has authorized the event This control ensures that the data input arises from a valid and accurate business event and that appropriate authorizations have been obtained Another control aspect of approving an input document is that such an approval segregates authorizing event from recording events 19 Would endorsing a check not be an example of authorizing an event His signature on the check is executing but would it not also be considered a method of authorizinggiving consent with his signature Chapter 1 Themes 1 Enterprise systems integrate the business process functionality and information from all of an organization s functional areas such as marketing and sales cash receipts purchasing cash disbursements human resources production and logistics and business reporting including financial reporting EBusiness use of networks to undertake business processes Internal control a system of integrated elements that provide reasonable assurance that a business will reach its business process goals 5 quot 10 Elements of AIS 9 Technology 9 Databases 9 Reporting 9 Control 9 Business operations 9 Events processing 9 Management decisionmaking 9 Systems development and operation 9 Communications 9 Accounting and auditing principles SarbanesOxley Act of 2002 9 Section 404 0 Management must identify document and evaluate significant internal controls 0 Auditors must report on management s assertions regarding internal controls 9 Section 409 o Requires disclosure to the public on a llrapid and current basis of material changes in an organization s financial condition Accounting Systems and Subsystems 9 A system is a set of interdependent elements that together accomplish specific objectives 9 A subsystem is the interrelated parts that have come together or integrated as a single system which we have named System 10 Information System Model 9 An information system IS or management information system MIS is a manmade system that generally consists of an integrated set of computerbased and manual components established to collect store and manage data and to provide output information to users Enterprise databasethe central repository for all the data related to an organizations business activities and resources Purpose of AIS 9 Collect process and report information related to the financial aspects of business events 9 Often integrated and indistinguishable from overall information system 9 Like the IS the AIS may be divided into components based on the operational functions supported Q 0 Comparison of Manual and Automated Systems Components of Business Process T Poliis procedures personnel hiring Operations Management process Goods 7 Sales quotes 2 and IS design speclhcations 5 Shipping r n a nest 5i snipping notice Sales 1 reports row a Invoice I Customer rig 139 l f I i n orma 390quot Packing slip I Order acknowledgment 3 Customer order NOTE external In this particular example the operations parties process comprises warehousing and shipping I l I l l I I dary J Broken line depicts the organization s boun Operations process a man made system consisting ofthe people policies equipment and procedures whose objective is to accomplish the work ofthe organization Management process a man made system consisting ofthe people authority organization policies and procedures it is to plan and control the operations ofthe organization Information System Information System or Management Information System ISMIS is a manmade system that generally consists of an integrated set of computer based components and manual components established to collect store and manage data and to provide output information to users Information Qualities Effectiveness deals with information being relevant and pertinent to the business process as well as being delivered in a timely correct consistent and usable manner Efficiencyconcerns the provision of information through the optimal most productive and economical use of resources Confidentiality concerns the protection of sensitive information from unauthorized disclosure Integrity relates to the accuracy and completeness of information as well as to its validity in accordance with business values and expectations Availabilityrelates to information being available when required by the business process now and in the future It also concerns the safeguarding of necessary resources and associated capabilities Compliancedeals with complying with those laws regulations and contractual arrangements to which the business process is subject that it externally imposed business criteria as well as internal policies Reliability relates to the provision of appropriate information for management to operate the entity and exercise its fiduciaw and governance responsibilities Hierarchy of Qualities Understandab ty enables users to perceive the information39s significance valued from the user39s point of view Relevance information needs to be capable of making a difference in a decision making situation by reducing uncertainty or increasing knowledge forthat particular decision Timeliness info needs to be available before it loses its capacity to influence a decision PredictiveValueFeedback Value improve a decision makers39 capacity to predict confirm or correct earlier expectations nfo can have both types bc knowledge of the outcomes of actions already taken will generally improve a decision maker s abilities to predict the results of similar future actions Veri ability info needs to have a high degree of consensus among independent measurers usingthe same metho s Neutrality or Freedom from Bias info is objective amp non bias no representation Comparab ty info quality that enables users to ID similarities and differences in tow pieces of in 0 Consistency if information is the same over different points oftime Validity info portrays actual events and actual objects Accuracy the correspondenceagreement bwthe info and the actual events that it represents Completeness the degree to which the info includes data about evew relevant event necessaw to make a decisio Dwsmu mukevs m USERS or INFORMATiON PEHVASlVE wNETRAlNY OVERALL QUALITY USERSPEClFIL 0mm PHlMAHY DEClSiON SFECIFlC OHALlTIES lNGREDlENTS OF PHiMAFW ouALmts sEcoNDAav AND lNTERAchVE OUAUTV YHHESHDLD FOR HECOGNII lON Mammy Management Decision Making 1 Intelligence Searching the environment for conditions calling for a decision 2 Design Inventing developing and analyzing possible courses of action 3 Choice Selecting a course of action Structured decisionsdecisions for which all three decision phases intelligence design and choice are relatively routine or repetitive Unstructured decisionsa decision for which none of the decision phases intelligence design choice are routine or repetitive Management Problem Structure and Information Requirements 9 Horizontal flows relate to specific business events such as one shipment or to individual inventory items 0 The information moves through operational units such as sales the warehouse and accounting 9 Vertical Flows relate to the flow of information to and from strategic management through tactical management operations management and operations and transaction processing Management Problem Structure and Information Requirements 9 Higher up the pyramid the less structured the decision 0 Less defined External orientation More summarized information Future oriented Less frequent 0 Less accurate 9 Lower down the pyramid the more structured the decision 0 More defined 0 Internal orientation 0 More detailed information 0 Historical O O 0000 More frequent More accurate 9 Accountant s Role 0 Designer application of accounting principles auditing information systems and systems development 0 User participate in design 0 Auditor provide audit and assurance services Chapter 2 Enterprise System 0 Integrates business processes and information from entire enterprise 0 Helps coordinate the operation of business functions o ERP systems are software packages that can be used for the core systems necessary to support enterprise systems Integrate Business Functionality 0 When purchasing equipment the ERP will Provide an electronic order form Apply business rules Routing the order for approvals Sending the order to a buyer Connecting to the supplier Use data to receive goods project funding requirements compare to budget and analyze vendor performance Enterprise Resource Planning Systems Software packages that can be used for the core systems necessary to support enterprise systems They are made up of modules that complement the core elements of the ERP The most common addon 3rd party modules include 0 Customer relationship software CRM builds and maintains a company s customer database The data is aggregated managed and coordinated across the entire organization This helps to unify the company together when dealing with customers 0 Customer selfservice software CSS often an extension of CR5 software it allows customers to conduct business or an inquiry without the aid of an employee 0 Sales force automation software SFA automates sales tasks such as order processing contact management inventory monitoring order tracking and employee performance evaluation 0 Supply chain management SCM helps plan and execute the steps in an organization s supply chain including demand planning acquiring inventory and manufacturing distributing and selling the product 0 Product lifecycle management PLM manages product data during a product s life 0 Supplier relationship management SRM manages the interactions with the organizations that supply the goods and services to an enterprise Middleware software that connects 2 or more separate applications or software modules Enterprise Application Integration EAI 0 Used to connect multiple pieces of the enterprise system together 0 Combines processes software standards and hardware to link together two or more systems and allow them to operate as one Application program interface a means for connecting to a system or application provided by the developer of that system or application Enterprise application integrationcombines processes software standards and hardware to link together two or more systems and allow them to operate as one Enterprise services bus uses standardized protocols to let eventdriven applications communicate less expensively than can be tightly coupled synchronous EAI platforms Eventdriven architecture an approach to designing and building enterprise systems in which business events trigger messages to be sent by middleware between independent software modules that are completely unaware of each other Business process management modeling automating managing and optimizing business process often used interchangeably with business process management Business process management systems systems for modeling automating managing and optimizing business processes often used interchangeably with business process management Business event a meaningful change in the state of the enterprise such as creating a new employee record submitting a purchase order to a vendor receiving payment from a customer picking goods from the warehouse and delivering them to the shipping department and revaluing inventory Enterprise Service Bus ESB 0 Uses standardized protocols to let eventdriven applications communicate in a lessexpensive manner than can be tightly coupled Enterprise Systems Value Chain 0 Enterprise systems facilitate value chain management 0 The value chain is the system of activities that transform inputs into outputs valued by the customer 0 The goal of an organization is to add the greatest value with the lowest costs thereby increasing competitive advantage 0 The Value of Systems Integration 0 One of the values provided by an enterprise system is the coordination of value activities in the value chain 0 The system performs this coordination by sharing data across business processes Major ERP Modules 0 Sales and Distribution 0 Records customer orders 0 Shipping 0 Billing 0 Connections to I Materials management module I Financial accounting module I Controlling module 0 Materials Management 0 Acquisition and management of goods from vendors I Purchase order preparation I Receiving I Recording invoice o Interacts with I Sales and distribution module I Financial accounting module I Controlling module 0 Financial Accounting 0 Plays a central role in an ERP system and incorporates data from other modules into general ledger accounts and nancial statements O 0 Business events from other modules such as SD and MM are incorporated by the FI module into the general ledger accounts and included in the external account statements the balance sheet pro t and loss statement and statement of cash ows The F1 module also includes accounts receivable and accounts payable functions to record and manage that data directly and to complete events begun in the SD and MM modules 0 Controlling and Pro tability Analysis 0 Handles internal accounting including I Cost center accounting I Pro tability analysis for sales I Activitybased accounting I Budgeting 0 Human Resources 0 O O O 0 Recruiting management and administration of personnel Payroll processing Training and travel Bene ts Reports Order to Cash Process I sale of goods to a customer I the recognition of the revenue I collection of the customer s payment I Steps OOOOOO Presales activities Sales order processing Pick and pack Shiping Billing Payments Purchase to Pay Process I Purchase of goods from a vendor I Recognition ofthe cost ofthose goods I Payment to the vendor I Comprises all activities from the purchasing process I Steps 0 O O O 0 Requirements determination Purchase order processing Goods receipt Invoice veri cation Payment processing Chapter 3 Electronic Business the application of electronic networks including the Internet to undertake business processed between individuals and organizations 0 Electronically linking business processes individuals and organizations 0 Byproduct elimination of sales staff normally intermediary between two parties to transactions 0 Transactions completed more quickly more efficiently and more effectively Batch Processing the aggregation of several business events over some period of time with the subsequent processing of these data as a group by the information systems 0 Periodic Mode the processing mode in which a delay exists between data processing steps 0 Delay occurs between business event and updating master data 0 Business event occurs 0 Record business event data 0 Update master data 0 Generate outputs o The disadvantage of periodic mode systems is that the only time the master data are up to date is right after the processing has been completed 0 As soon as the next business event occurs the master data are no longer up to date Online Transaction Entry the use of data entry devices allows business event data to be entered directly into the information system at the time and place that the business event occurs Computer input device used to enter data at source 0 Input document is eliminated 0 Price data is retrieved from the system 0 Source documents are printed by the system 0 Event information in accumulated on tape or disk Online Realtime Processing the systems gather business even data at the time of occurrence update the master data almost instantaneously and provide the results arising from the business event within a very shore amount of timethat is in real time 0 Transaction occurrencerecording in transaction files 0 Update master files essentially instantaneously 0 Also known as llimmediate mode the data processing mode in which little or no delay occurs between any two data 0 Generate reports periodically or on an as needed basis 0 Support queries to generate unique reports for key decisions Communication Networks 0 Client server technology the physical and logical division between useroriented application programs that are run at the client level ie user level and the shared data that must be available through the server ie a separate computer that handles centrally share activitiessuch as databases and printing queuesbetween multiple users 0 LAN s communication networks that link several different local user machines with printers databases and other shared devices 0 WAN s communication networks that link distributed users and local networks into an integrated communications network 0 Internet a massive interconnection of computer networks worldwide that enables cornmunica 39on etween dissimilar technology platforms Web Browsers software programs designed speci cally to allow users to easily view various documents and data sources available on the Internet Extranet a type of internal network intranet that has been extended to limited external access to members of an organization s value system Intranetminiintemal equivalents to the lntemet that link an organization s internal documents and databases into a system that is accessible thou h web browsers or increasingly through internally developed from utilization of organizational information resources 0 Public database databases that provide rich information sources that are searchable eitherfor free or on a forfee basis Electronic Document Management EDM the capturing storage management and contro 0 electronic document images forthe purpose of supporting management decision makingand facilitating business event data processing 0 Document storage and retrieval 0 Business event data processing Electronic Data Interchange is the compute rtocomputer exchange of business data in structured formats that allow direct processing of those electronic documents by the receiving system Trunslahun soilwars l Apprsren Me I Cemmumeensne nelwurk e crearee an EDI envelope comprising he as Aral ers and and and Conlrol lllnchcns s ssagc Translatas message In required cammunic rien standard w necessary 7 Translates mess e m require I u use GED 2 Y aurhenneeres message is m er e hacks Yer messnge Inlegr y is g cemplezenees and eruhorrreuen e Rouree to appropriate mailbox osmmuniesnsns Application sullwave network Picks up EDI messages rem VAN bu g cusmme order Methods of Conducting EBusiness o E Maili the electronic transmission of nonstandardized messages between two individuals who are linked via a communications network Electronic Document Managementicapture and storage of document images instead of paper 0 Electronic Data Interchange the computertocomputer exchange of business data in structured formats that allow direct processing of those electronic documents by the receiving computer system 0 Internet Commerce the computertocomputer exchange of business event data in structured or semistructured formats via Internet communication that allows the initiation and consummation of business events Journalize the process of recording a business event ie accounting transaction in a book of original entry ie a special or general journal Postmoving business even from a journal to a subsidiary ledger Summarize prepare a trial balance to show the total impact on each general ledger account of a set of business events Business event data store a book of original entry used for recording business events also known as a transaction file Master data repositories of relatively permanent data maintained over an extended period of time Information processing dataprocessing functions related to economic events such as accounting events internal operations such as manufacturing and financial statement preparation such as adjusting entries Data maintenancea process that employs math algorithms and keys to encode data making it unintelligible to anyone without the keys Standing datarelatively permanent portions of master data such as the credit limit on customer master data and the selling price and warehouse location on inventory master data Offline a device that is not directly connected to a central computer or network Online a computer configuration in which certain equipment is directly connected to the computer Public database databases that provide rich information sources that are searchable either for free or on a forfee basis Valueadded network a service that acts as the EDI llpost office an organization can connect to the VAN when it wants leave its outgoing messages and at the same time pick up incoming messages from its mailbox Web services a software application that supports direct interactions with software object over an intranet of the Internet Serviceoriented architecture welldefined independent functions that can be distributed over a network via Web Services Network providers companies that provide a link to the Internet by making their directly connected networks available for access by feepaying customers Internet assurance a service provided for a fee to vendors to provide limited assurance to users of the vendor s Web site that the site is in fact reliable and event data security is reasonable Electronic storefronts internetlocated resources for displaying goods and services for sale and for conducting related sales events Internet auction markets provide Internet base for companies to place products up for bid or for buyers to put proposed purchases up for bid Internet market exchanges these exchanges bring together a variety of suppliers in a given industry with one or more buyers in the same industry to provide Internet commerce through organized markets Chapter 4 SOX 404 reemphasized the importance of documenting business processes and internal controls various people may be involved in the documentation required by SOX DFD s show business process activities stores of data and flows of data System flowcharts show a picture of mgt operations IS and process controls documentation is used to explain systems and train workers auditors use documentation to understand and evaluate systems 0 Data Flow Diagram DFD a graphical representation of a system Showscomponents data flow among components and sources destination and storage of data O Bubble Symbol an entity or process where inputs are changed to outputs on a physical DFD a bubble can be entity on a logical DFD it s a process A Data Flow Symbol shows pathway of data External entity Symbol source or destination of data outside the system these symbols do not show in DFD below 0 so they are not in diagrams that have 11 12 13 etc Data Store Symbol a place where data is stored it can represent a view or portion of a larger database its location indicates where in the system it is bookkeeping and its label indicates how blue sales book it s kept in the system therefore its label shows the specific storage medium Types of DFD 1 Context Diagram top level least detailed diagram shows system and activities as single bubble shows data flow into and out of system and into and out of external entities External Entities entities outside the system that send data to or receive data from system 2 Physical DFD shows internal and external entities and flows of data into and out of them tels where how and by whomNOT HOW data is transmitted physica shows the systems infrastructure labels describe the means of how the flow is accomplished described with nouns Internal Entities entity within the system that transforms data Ex departments clerks computers 3 Logical DFD shows the processes data stores and flows of data into and out of them these are used to document IS advantage of logical concentrates on the functions that a system performs logica shows the systems activities described with verbs LEVEL 0 DIAGRAM a diagram containing numbers followed by a zero ex 40 when two DFD s have equal data flows they are balanced therefore they are correct Top Down Partitioning subdividing or exploding logical DFD leading to balanced DFD s this is when you have a level 0 diagram and you explode 40 to make it have 41 42 etc 0 Systems Flowchart representation of business process including information processes inputs data storage outputs and related operations processes people equipment show the sequence of activities performed tels who what how and where combines physical and logical incudes operations and management for the system which is not shown in DFD s Symbols for Systems Flowchart INFUTS rnocsssws OUTPUY mm sronss CoNNECTons Slamsle NOYE Alsa rs Includes NDTE Can also aulpufdocumenl mm nu be axlemal or mm in mm army 0 OH39FEOe comecmr Use A s c ell ladgers mm logs me Ollr lsge cannecluv Use Page number a 9 MiCR manor kequcisk device and A B c wit scanner RFiD reader MISCELLANEOUS Logic new A exam I Nance lack m arrowhead Budge luv crassmg Now any Iolnl Butch olal rauammnmmcmns W andx a invenlmy shipmpnl processes are separated in systems flowcharts for example separating clerk processes and automated processes when master data is updated two data stores are shown to showthe old and new data these are connected by dash line to show that new becomes old of39fline devices square should have their own 39 quot quot 39 39 39 quot rectangle to be able to read data from a document a scanner must have OCR optical recognition capabilities Documentation DF s sed to document existing systems or create one from scratch Step 1 make table of entities and activities Activity action being performed by internalexternal entity can include actions related to data or operations process circle activiti s each activity must have an entity to perform the activity box entities list activities in order performed regardless of how it appears in nar 39 ta e should include entity paragraph number activity and activities numbered Step 2 draw context diagram consisting of one circle and external entities formation Processing Activ etrieve data from storage transform it orfile it both manual and automated ac E tiVItIes sending and receiving data is not an IP activity but filing it is or retrieving info from table is entities that do not perform any IP activities are external ogica labels verbs used in context diagrams when multiple entities operate the same depict one to represent all of them even if not mentioned data stores should be added to your physical DFD to depict the delaying of processes that does take place technically Step 3 draw the logical DFD unmarked activities on table of entities are to be included in Level 0 Diagram group activities if they occur at same place and same time different places but same time or are logically related use 57 bubbles of groups with no one group with one activity and then name them accordingly a data flow should go to operations process entity square if its only has operations processes a data flow should enter an entity bubble if the operations process entity is to perform an IP activity data flows can not go from high to low numbered bubbles Exception routines error routines when processing can t proceed as planned these processes are done to handle the action for erroneous unordinary events Reject stub data flow assigned the label reject that leaves a bubble but does not go anywhere else Step 4 make system flowchart divide flowchart into columns for internal and external fow should be from left to right and top to bottom and keep it on one page or use off page connector with code on page 1 you put P2 A on page 2 you put P1 A only way to get data into or out of computer data storage is through a computer processing rectangle purpose of documentation is to simplify and clarify a narrative avoid crossing lines if you do use a quotbridgequot if an E5 was to be implemented then all data stores would be replaced by enterprise database in physical DFD logical and context DFD wouldn t change Chapter 5 Database Management Systems accounting information is stored in database tables Data mgt consists of creating and maintaining master data and recording event data data can be copied and stored in a separate database known as a data warehouse data mining is analyzing data with multidimensional tools advanced systems use software tools called intelligent agents Events activities that occur during the execution of business processes event data is captured to describe who what where and when Applications approach to business event processing concentrates on the process being performed data plays a supportive role to programs in systems Data redundancy data stored in multiple locations indicated by double ended arrows increases storage costs may not be sharable information when updated in one file may not be updated in another causing inconsistent data violating integrity data mirrors and monitors operations and provides the basis for mgt decisions its difficult and expensive to obtain data from application approach Database approach to business event processing facts about events are stored in relational database tables instead of separate files solves redundancy databases have improved the efficiency of processing business event data by eliminating redundancy and improving integrity one massive collection of business data mutipe users can view and aggregate data to their needs information processing is seems as a decisions support activity first and then a reporting function second IDatabase Mgt System enterprise database set of integrated programs designed to simplify the tasks of creating accessing and managing data DBMS defines data defines relations among data stores as physical media maps each users view of data schema a complete description of the record types data items and relationships among them defines the logical structure or organizational view subschema description of portion of the schema DBMS contains query language or data manipulation language DML used to access data and produce reports allows nontechnical users to get data DBMS include controls to protect the data from unauthorized users or from accidental changing of data data independence major difference bt database and application approach makes it so that data is independent of the application of other users data is shared by multiple systems data can be accessed through two user types report generation onscreen printed summaries and ad hoc user inquiries queries allow user to ask s about data through query language software two layers of software are needed to translate user view into instructions for retrieving data logica view the way the user thinks about the data in a database physica view the way the data is actually stored tabes are logical views of data that are physically stored users can access data in a table byquery creating a report requesting data SQL structured query language users don t always know querys are taking place because they can be placed in reports or can be a part of the program code Limitations of Applications Approach are overcome by 1eiminating data redundancy 2easier to maintain because you don t have to update data multiple times 3 reduced storage costs 4 data integrity by eliminating redundancy 5 data independencemeaning multiple programs can use data at the same time 6privacy Limitations of DBMS 1expensive 2 requires powerful expensive hardware 3requires hiring more peopleexpensive Limitation of DBMS Operations 1if DBMS fails all info gone 2 continuous data protection more important 3 when multiple users attempt to retrieve data at the same time the database can face contention or concurrency 4territorial disputes over who owns the data who is responsible for data maintenance database administrator is used to resolve operations limitations of DBMS ii Logical DBMS 1hierarchical records recorded in pyramid structure for simple situations ex bank using it for customer child records records below upper level records can only have 1 parent record a child of a parent record and a be a parent for another child parent records include lower level child records 2network database model a child record can have more than one parent record used to handle more complex database 3reationa database model data are organized in 2 dimensional tables each fact stored in its own table deveoped using set theory 2 dimensional collection of info is a relation cons requires more computer memory and processing time allows only text and numerical info most companies still use this 4 object oriented database model simple and complex objects can be stored here including video clips pictures data is stored in objects and instructions on objects encapsulated methods can be performed objects drawn with a rectangle with rounded corners divided into 3 parts name attributes and encapsulated methods objection relational databases have been developed relational database with the ability to store complex objects iii Elements of DBMS all have the same essential elements including 1 queries tools that allow users to access data stored in various tables 2 forms onscreen presentations of data in tables collected by queries or tables 3 reports printed lists and summaries of data most important step to useful database is designing the tables right each table stores data about 1 thing cell in database table can only include data allowed in its column and must include a specific value each row in database must be unique with a unique identifier known as primary key value stored in first column of table most companies create an artificial value for this Artificial values created by classifying and coding cassifying process of grouping common data ex sophomore junior senior coding creation of substitute values or codes for classifications Types of Coding 1Sequential Coding serial coding numbers in chronological sequence additions can be made only at the end deletions result in unused numbers codes tell nothing about attributes 2Block coding groups of numbers are dedicated to particular characteristics of the objects UPC s use this because first block indicates manufacturer second block tells product 3 Significant Digit Coding assigns meaning to specific digits ex inventory item 4 Hierarchical Coding assigns meaning to specific digits but does so in descending order where each successive rank is a subset of the rank above it ex Zip code 5Mnemonic Code some or all of the code is made of letters ex Acc 322 6 self checking digit code includes an extra digit that can be used to check the accuracy of the code extra digit computed by mathematical formula composite primary key when tables use two or more columns as primary key iv Approaches to making relational database bottom up approach designers identifies attributes and puts them into tables normal forms rules that include specifications that must be met by relational databases 6 levels but business are good if they comply with the first 3 1NF preferred to table not in 1NF 2NF preferred to 1NF etc 3NF best normal forms are inclusive each higher normal form includes the ones below it anomalies tables that prevent errors functionally dependent an attributecolumn in table is dependent on a second attribute 1st always determines 2n an attribute is the primary key if all attributes are functionally dependent on that attribute no other columns have the first property unnormalized table contains repeating attributes within each row first normal form 1NF if it does not have repeating groups update anomalies dependencies in lNF data that cause problems including 1 many updates 2 inconsistent data 3 additions cause problems 4 deletions can end up deleting many things probems arise because we have dependency or partial dependency second normal form 2NF when a table is in lNF and has no partial dependencies no non key attributes attributes that aren t a part of the primary key transitive dependency exists when a non key attribute is functionally dependent on another non key third normal form 3NF a table that is in 2NF and has no transitive dependencies most database users prefer top down approach because it results in a better design even though its harderto understand data model tells user requirements for data stored in a database Types 1 Entity relationship modeling designer identifies the entities in which info will be stored about and then identifies how the things are related to each other relationships Entity relationship modelER includes an entity and relationships to others ER Diagram shows the systems key entities and relationships use rectangles entities connecting lines relationships and diamonds show the characteristics of relationships systems analyst determines the user requirements for the database if the process only occurs once it is NOT an entity Types of entities resources assets tangible and nontangible that company owns events occurrences related to resources that are of interest to the business agents people or organizations that participate in events can be external or internal ocations places or physical locations where events occur resources are stored and agents participate in events each relationship has a characteristic cardinality that shows the degree to which the entity participates in a relationship max cardinality measure of the highest level of participation that one entity can have in another entity 1 cardinality of one N of M cardinality of many reationships can be one of three types 1N or N1MN11 Creating ER Diagram 1create relational table for each entity 2 determine primary key for each entity 3determine attributes for each entity 4implement relationships among entity s reationship junction tables tables with composite primary keys that connect tables in a MN relationship 5 determine attributes for tables benefit of info in a database is that its easier to access decisions are unstructured therefore with databases mgt can make decisions wo assistance they can be assisted with problem solving aids and the system might at some point replace the decision maker Ways to replace the decision maker Decision Support Systems DSS user makes presentation of info that is suitable for them can perform llwhat if analysis info comes from internal and external structures the data wo giving solution a passive tool Executive IS ElS user gets presentation that isn t necessarily suitable for them these follow programmed instructions asking for more info drill down has a graphical user interface GUI both of these provide views but don t actually make the decision they just help mgt make decisions better to distinguish systems by the users and the purpose today group support systems 655 or GDSS computer systems that support work for decision making creates a virtual meeting for a group groupware software that goes with 355 including email scheduling and document sharing expert systems ES these are used in complex decisions when consistency is desirable when you want to minimize time spent and maximize the quality experts are involved and their knowledge can be captured active teacher can make the decision or assist part of the downsizing strategy they are used to collect knowledge from retired distribute knowledge to employees or employees who can t get in touch with expert train new employees guide workers ES to implement must exceed the cost and cost of maintaining neural networks computer hardware systems that mimic humans brain ability used to find fraudulent credit cards they get their knowledge from data and trends in the data PWC uses TeamMate software which is a relational database used to filter and sort info for auditors inteigent agent software that can be integrated into a D55 designed to learn from the actions of the users and respond based on usage patterns knowledge mgt capturing storing retrieving and distributing knowledge for use by others to improve the quality and efficiency of decision making data warehousing use of IS to focus on the collection organization of long term storage of entity wide data done by copying data periodically in a separate database to be stored in data mining analysis of large amounts of data from across the company Chapter 6 Relational Databases and SQL REA approach makes sure that the system captures all the business events you can extract and analyze data through SQL REA Resources Events Agents SQL a database query language used to construct and manipulate relational databases Wiliam McCarthy published a paper that outlined the REA approach lla new way of thinking about acct information he was attracted by the ER models capability to capture the meaning semantics of business events more efficiently and effectively he classified business info into 3 types resources events and agents instance one specific thing of the type defined of an entityso the entity could be Employee and the instance would be Dan and Misty an entity is represented as a table and the instances are represented as rows in the tables attribute an item of data that characterizes an entity or relationship ex Name address phone number attribute can include several different subattributesex attribute is address subattributes would be house number street state zip composite attributes attributes that consist of multiple subattributes ex address attributes do NOT need to be broken down into the smallest possible units necessary that one or more attributes be identified so that the user can access the correct entity key attribute attribute whose value is unique for every entity that is in a database used as primary key most designers use coding to get key attribute databases include multiple entities the ease that a user can extract data from a database depends on the logical design of the database most common way to gather info about relationships among entities is to interview employees NOT just managers recursive relationship a relationship bt two different instances of an entity represented by a diamond DBMS include a feature that enforces max constraints which ensure that data are never entered that connect more than one employee to a single work entry participation constraint specifies the degree of min participation of one entity in the relationship with another entity minimum can be zero or one cardinaity with participation constraint is shown as min max it provides more info but is used less frequently objective of REA model is to integrate the data in way that allows mgt and other users to access the info they need to perform effectively REA models continue to grow with an explosion of entities and relationships reationa database driven systems are in large organizations legacy systems systems that have existed in a company for a long period of time and developed using an organizations previous computer hardware and software reationa databases are perceived as a collection of tables reation a collection of data representing multiple occurrences of a resource event or agent rows are tuples a set of data that describes a single instance of an entity represented by a relation ordering of tuples is not important in relational databases each tuple must be distinct from all other tuples primary key is specified to identify each tuple in the relation coumns are attributes which are often called fields candidate keys additional attributes are secondary keys Key attributes are required to be non null meaning they must have a value nu a missing value referentia integrity for every attribute value in one relation that has been specified to allow reference to another relation the tuple being referenced must remain if someone were to erase a tuple with referential integrity restraint on then the constrait would require you to reassign the attributes to another tuple before deleting it an arrow represents the referential integrity constraints the destination of the arrow is the attribute the must be controlled to achieve referential integrity SQL a powerful database language used to define database systems query the database generate reports and access data by using SQL commands SQL is a survival tool SQL was first introduced as a Structured English Query Language SEQUEL deete a table with the DROP command DROPTABLE table name data can be changed in a database by 1 INSERT command to add a single tuple to an existing relation but first you must use the CREATE command to generate the structure of the table 2 DELETE command one of the weaknesses of SQL because it doesn t enforce referential integrity 3 UPDATE used when you want to change one or more attribute values for one or more tuples in a table queries are driven by SELECT commands SELECT command consists of 1 a list of attributes you want to select 2 a list of tables where the attributes can be found 3 a where clause that sets the conditions under which attribute values are to be retrieved we use connectors such as AND to link multiple conditions that must all be met when selecting tuples from one or more tables OR is another type of connector ad hoc means as needed we can create views of data that look like additional tables but are really just alternative ways to view the data that already exists in a database view creates the appearance of a different set of table the user needs to see views do not replicate data they only provide alternative ways to examine the data permanent views can be deleted by using DROP VIEW statement create a view by using SELECT statement views can be used to generate standard reports to provide all data necessary views are likely to come and go in databases Chapter 7 Controlling Information Systems Organizational governance is a process by which organizations select objectives establish processes to achieve objectives and monitor performance Objective setting includes defining mission vision purpose and strategies to establish relationships Enterprise risk management a process effected by an entity s board of directors management and other personnel applied in strategy setting and across the enterprise designed to identify potential events that may affect the entity and manage risk to be within its risk appetite to provide reasonable assurance regarding the achievement of entity objectives Helps management identify assess and manage risk 1 Strategic high level goals aligned with and supporting its mission 2 Operations effective and efficient use of its processes 3 Reporting reliability of reporting 4 Compliance compliance with applicable laws and regulations Components of ERM internal environment 7 tone of org and how risk is viewed and addressed objective setting 7 support and align with company s mission event identi cation 7 internal and external events affecting achievement of objectives risk assessment 7 risk analyzed consider likelihood and impact risk response 7 develop set of actions avoid accept reduce share control activities 7 ensure risk responses are carried out effectively information and communication 7 in for and timeframe that allow people to carry out their responsibilities monitoring 7 with modifications as necessary SOX change the way we design implement and evaluate systems of internal control managing risks that may prevent achieving organizational objectives created new accounting oversight board PCAOB strengthened auditor independence rules increased accountability of company officers and directors mandated upper management to take responsibility for internal control structure enhanced the quality of financial reporting and put teeth in white collar crime Internal control process designed to provide reasonable assurance regarding the achievement of objectives in effectiveness and efficiency in financial reporting reliability of financial reporting and compliance with applicable laws and regulations can be a system managements responsibility success is people dependent not free control environment 7 sets tone of organization foundation for other components risk assessment 7 basis for determining how risks should be managed control activities 7 policies and procedures to make ensure mgt directives are carried out information and communication in for and timeframe that allow people to carry out their responsibilities 0 monitoring 7 process that assesses the quality of internal control performance over time Fraud deliberate act or untruth intended to obtain unfair or unlawful gain management responsibility to prevent it provide shareholders with reasonable assurance that the business is adequately controlled 0 SAS 99 7 brainstorming fraud risks increasing professional skepticism using unpredictable audit test patterns detecting management override of internal controls 0 Computer virus 7 program code that can attach itself to other programs can reproduce themselves Trojan horses and Logic bombs Management is responsible for internal control and can respond to this requirement legalistically or by creating a control environment 0 Control environment 7 re ects the organizations general awareness of and commitment to the importance of control throughout the organization make organization control conscious 0 Codes of conduct 7 illegal or improper payments con icts of interest insider trading computer ethics and software privacy Control matrix tool designed to assist you in evaluating the potential effectiveness of controls in a business process by matching control goals with relevant control plans Control goals 7 business process objectives that an internal control system is designed to achieve The breakdown of these goals is shown as column headings on a portion of our control matrix 0 Operations process 0 Ensure effectiveness of operations 7 ensure that a given operational process is fulfilling the purpose for which it was intended 0 Ensure ef cient employment of resources 7 evaluated only in a relative sense 0 Ensure security of resources 7 physical and nonphysical 0 Information process 0 Ensure input validity 7 input data appropriately approved and represent actual economic events and objects 0 Ensure input completeness 7 all valid events or objects are captured and entered into a system 0 Ensure input accuracy 7 all valid events must be correctly captured and entered into a system 0 Ensure update completeness 7 all events entered into a system must be re ected in the respective master data 0 Ensure update accuracy 7 data entered into a system must be re ected correctly in the respective master data Control plans reflect information processing policies and procedures that assist in accomplishing control goals Pervasive control plans 7 relate to a multitude of goals and processes They provide a climate or set of surrounding conditions in which the various business processes operate They are broad in scope and apply equally to all business processes hence they pervade all systems 0 General controls 7 applied to all IT service activities ie prevent unauthorized access to computer system Business process control plans 7 applied to particular business process 0 Application controls 7 automated business process controls contained within IT systems Preventive control plans 7 stop problems from occurring Detective control plans 7 discover that problems have occurred Corrective control plans 7 rectify problems that have occurred Other Terms Risks 7 those events that would have a negative impact on organization objectives and opportunities are events that would have a positive impact on objectives Risks require assessment and response whereas opportunities are channeled back to the strategy setting process Process 7 a series of actions or operations leading to a particular and usually desirable result Results could be risk management as described by ERM effective internal control as proposed by COSO or a specified output of an operations process for a particular market or customer Computer Crime 7 includes crime in which the computer is the target of the crime or the means used to commit the crime The majority of computer crimes fall into these 2 basic types 1 the computer is used as the tool of the criminal to accomplish the illegal act and 2 the computer or the information stored in it is the target of the criminal Computer virus 7 a program code that can attach itself to other programs including macros within word processing documents thereby infecting those programs and macros They can reproduce themselves in a manner similar to biological viruses Effectiveness 7 a measure of success in meeting one or more goals for the operations process Ef ciency 7 A measure of the productivity of the resources applied to achieve a set of goals Security of resources 7 protecting an organization s resources applied to achieve a set of goals Input validity 7 Input data are appropriately approved and represent actual economic events and objects Input completeness 7 All valid events must be correctly captured and entered into a system 0 Update completeness 7 All events entered into a system must be re ected in the respective master data 0 Update accuracy 7 Data entered into a system must be re ected correctly in the respective master data 0 Input accuracy 7 All valid events must be correctly captured and entered into a system Chapter 8 IT governance the responsibility of executives and boards of directors and consists of the leadership organizational structures and processes that ensure that the enterprise s IT sustains and extends the organization s strategies and objectives It is about processes employed by organizations to select and attain goals and objectives COBIT designed to provide reasonable assurance that business objectives will be achieved and that undesired events will be prevented or detected and corrected provides guidance on the best practices for the management of IT IT resources must be managed by IT control processes to ensure that an organization has the information it needs to achieve its objectives Provide framework to ensure that 0 IT is aligned with the business 0 IT enables the business and maximizes benefits 0 IT resources are used responsibly 0 IT risks are managed appropriately Information systems organization department or function that develops and operates an organization s information system the function is composed of people procedures and equipment called the information systems department IT control process domains 0 Plan and organize develop strategy and tactics for realizing an organization s IT strategy 0 Establish strategic vision for IT ensure that organization s strategic plan is supported and that IT is used to the best advantage of the organization s short term goals 0 Develop tactics to plan communicate and manage realization of the strategic vision segregation of duties security officer IT steering committee rotation of duties forced vacations fidelity bond Segregation ofduties consists of separating the 4 basic functions of event processing 1 authorizing events 2 executing orders 3 recording events 4 safeguarding resources resulting from consummating events Basically no single employee should be in a position both to perpetrate and conceal frauds errors or other kinds of system failures Rotation ofduties a policy that requires an employee to alternate jobs periodically It prevents the organization s own personnel from committing acts of computer abuse fraud or theft of assets A personal security control plan 0 Acquire and implement domain identify develop acquire and implement IT solutions and integrate them into the business process 0 Identify automated solutions consistent with IT plan and technology infrastructure and information contained therein 0 Develop and acquire IT solutions application software technology infrastructure service level requirements 0 Integrate IT solutions into operational processes ensure that system is suitable 0 Manage changes to existing IT systems ensure processing integrity between versions of systems and consistency of results from period to period 0 Deliver and support domain processes to deliver required IT services efficiently and effectively 0 Deliver required IT services includes activities related to first 2 IT control processes 0 Ensure security and continuous service continue to be provided at the levels expected by users with secure operating environment 0 Provide support services training needs and sessions 0 Monitor and evaluate domain assess services for quality and ensure compliance with control requirements 0 Monitor and evaluate the processes management should establish system for defining performance indicators gathering data about processes and generating performance reports Continuous Data Protection CDP all data changes are data stamped and saved to secondary systems as the changes are happening on the primary The process is not the periodic backup of files but is a process for continuous and immediate replication of any data changes Each site must contain identical equipment and identical copies of all programs data and documentation Hot site a fully equipped data center often housed in bunkerlike facilities that can accommodate many businesses and that is made available to client companies for a monthly subscriber fee Cold site a facility usually comprised of airconditioned space with a raised floor telephone connections and computer ports into which a subscriber can move equipment It is less costly and less responsive than a hot site Mirror site the site that maintains copies of the primary site s programs and data used for CDP Electronic vaulting a service whereby data changes are automatically transmitted over the internet on a continuous basis to an offsite server maintained by the 3rd party These are for organizations who are unwilling to maintain duplicate computer facilities but still needs CDP and contract with these 3r parties The backup data can be retrieved when needed from the electronic vault to recover from a data loss at the primary computer facility Biometric identification system although not foolproof the technology has improved dramatically in recent years leading to the widening use of such systems in practice The most common biometric devices are those that read fingerprints Biometric fingerprint identification is used to secure physical access to many types of facilities and devices such as laptops and PDAs Other Terms Security of cer 7 the of cer might perform a multitude of controlrelated activities such as monitoring employees network access granting security clearance for sensitive projects and working with human resources to ensure that interview practices such as thorough background checks are conducted during the hiring process IT steering committee 7 coordinates the organizational and IT strategic planning processes and reviews and approves the strategic IT plan The steering committee can provide signi cant help to the organization in establishing and meeting user information requirements and in ensuring the effective and efficient use of the organization s IT resources It should consist of about 7 executive from major functional area of the organization including the CIO report to senior management and meet regularly Forced vacations 7 a policy that requires an employee to take leave from the job and substitutes another employee in his or her place It prevents the organization s own personnel from committing acts of computer abuse fraud or theft of assets A personal security control plan It is believed that this will deter to act of fraud Fidelity bond 7 indemnifies a company in case it suffers losses from defalcations committed by its employees Employees have access to cash and other negotiable assets are usually bonded Systems development life cycle SDLC 7 the progression of information systems through the systems development process from birth through implementation to ongoing use Steps on page 261 Program change controls 7 provide assurance that all modifications to programs are authorized and that the changes are completed tested and properly implemented Changes in documentation should mirror the changes made to the related programs Business continuity planning 7 a process that identifies events that may threaten an organization and provides a framework to ensure that the organization will continue to operate when the threatened event occurs or will resume operations with a minimum of disruption 6 stages are on page 265 Also called disaster recovery planning contingency planning and business interruption planning Backups 7 Periodically make a copy of important stored data programs and documentation They typically would be stored in a secure location not located near the primary facility They are often backed up to tapes or disks and may be picked up by and stored at 3rd party facilities such as those operated by SunGard After a disaster the backups are moved to sites where the organization can again resume processing Recovery 7the process whereby we restore the lost data and resume operations Recovery does not need to be at an alternative site Data might be lost or destroyed at a primary site that remains available for use Here we would use the backup data to restore the lost data and to resume operations Such processes are called backup and recovery Denial of service attack 7 a web site is overwhelmed by an intentional onslaught of thousands of simultaneous messages making it impossible for the attacked site to engage in its normal activities Distributed denial of service attack 7 uses many computers that unwittingly cooperate in a denialofservice attack by sending messages to the target web sites Unfortunately the distributed version is more effective b c the number of computers responding multiples the number of attack messages Security module 7 in an online environment access control software called the security module will ensure that only authorized users gains access to a system through a process of identification and authentication associate with authorized users the computing resources they are permitted to access and the action privileges they have with respect to those resources and report violation attempts Firewall 7 to prevent unauthorized access to computer networks organizations use a rewall to block all traf c except that which is explicitly authorized Intrusion detection system IDS 7 After a user has accessed a network the threat monitoring portion of the security module may employ an IDS to monitor system and network resources and activities and learn how users typically behave on the system The typical behavior is accumulated in user pro les IDSs can be used to detect attacks from outside the organization such as denialofservice attacks or from inside the organization as when authorized users attempt to undertake unauthorized actions Intrusion prevention system IP S 7 Organizations not wanting to wait until an authorized activity has occurred might employ an IPS to actively block unauthorized traf c using rules speci ed by the organization Library controls 7 restrict access to data programs and documentation Library controls are provided by a librarian function a combination of people procedures and computer software that serves 2 major purposes First library controls limit the use of stored data programs and documentation to authenticated users with authorized requests Second they maintain the storage media ie disks and tapes Computer hacking and cracking 7 re ects the intentional unauthorized access to an organization s computer system accomplished by bypassing the system s access security controls Think of these acts as illegal breaking and entering Usually a person outside the organization does the hacking or cracking Hackers are someone who gets a kick out of knowing the data of a computer system They usually do not have malicious intentions to destroy or steal rather they feel powerful and clever Crackers employ many of the same penetration techniques as hackers they do so with sinister motives that are bent on crime theft and destruction Preventive maintenance 7 in addition to relying on the controls contained within the computer hardware organizations should perform regular preventive maintenance periodic cleaning testing and adjusting of computer equipment to ensure its continued ef cient and correct operation Chapter 9 Controlling Information Systems Control matrix provides a means to explain and analyze the controls that have been annotated on a systems flowchart Steps in preparing a control matrix 0 Specifying control goals goals listed in top row of matrix 0 Identify operations process control goals I Effectiveness goals describe measures of success for the operations process I Efficiency goals ensure resources used in business process are being employed in the most productive manner I Security goals protect entity resources from loss destruction disclosure copying sale or other misuse 0 Identify information process goals I Input goals ensure lV IC IA with respect to all business process data entering the system I Update goals ensure UC and UA of the business process input data only apply when there is a periodic process 0 Identifying recommended control plans nature and extent of control plans that should be in place to accomplish our objectives and minimize risk to an acceptable level of residual risk 0 Identify quotpresentquot control plans controls that seem to accomplish one or more of the control goals 0 Evaluate quotpresentquot P1 P2 describe how the control plan addresses each noted control goal 0 Identify and evaluate quotmissingquot control plans examine the controls matrix evaluate the systems flowchart Other terms Document design a control plan in which a source document is designed to make it easier to prepare the document initially and later to input data from the document Written approvals these take the form of a signature or initials on a document to indicate that someone has authorized the event This control ensures that the data input arises from a valid business event and that appropriate authorizations have been obtained Another control aspect of approving an input document is that such an approval segregates authorizing event from recording events Electronic approvals business events are routed using a computer system s workflow facility to persons authorized to approve the event Preformatted screens these control the entry of data by defining the acceptable format of each data field The system may provide dropdown lists of data that is acceptable for a given field such as shipping methods and sales terms To facilitate the data entry process the cursor may automatically move to the next field on the screen Online prompting requests user input or asks questions that the user must answer By forcing one to stop and accept the data online prompting is in a sense advising you to check your data entries before moving on Many systems provide contextsensitive help whereby the user is automatically provided with descriptions of the data to be entered into each input field Populate input screens with master data The clerk enters the identification code for an entity such as a customer and the system retrieves data about that entity from the master data This reduces the number of keystrokes required making data entry quicker and more efficient Fewer keying mistakes are expected To enable this control numeric alphabetic and other designators are usually assigned to entities such as customers vendors and employees Procedures for rejected inputs designed to ensure that erroneous data are corrected and resubmitted for processing To make sure that the corrected input does not still contain errors the corrected input data should undergo all routines through which the input was processed originally A llsuspense file of rejected inputs is often retained to ensure the timely clearing of rejected items We often depict such routines with the annotation llError routine not shown Programmed edit checks automatically performed by data entry programs upon entry of the input data Erroneous data may be highlighted on the input screen to allow the operator to take corrective action immediately Rejected business events may be listed in a summary report periodically produced by the computer Programmed edits can highlight actual or potential input errors and allow them to be corrected quickly and efficiently Reasonableness checks limit checks test whether the contents of the data entered fall within predetermined limits May describe a standard range or max values Documentrecord hash totals reflect a summarization of any numeric data field within the input document or record such as item numbers or quantities on a customer order Calculated before and after entry of the document this total can be used to determine that the applicable fields were entered accurately and completely Mathematical accuracy checks compare calculations performed manually to those performed by the computer to determine whether a document has been entered correctly The user might enter the individual items on a document such as an invoice and the total for that document The computer adds the items and compares that total to the one input by the user If they disagree something has likely been entered erroneously Check digit verification involves the inclusion of an extra digit a check digit in the identification number of entities such as customer and vendors The check digit is calculated originally by applying a formula to an identification number the check digit then is appended to the identification number Confirm input acceptance this control causes the data entry program to inform the user that the input has been accepted for processing The program may flash a message on the screen telling the user that the input has been accepted or it might display a number assigned to the event The data entry clerk might write that on the customer s order or read the to the customer Automated data entry this is a strategy for the capture and entry of eventrelated data using technology such as OCR bar codes and EDI These methods use fewer human resources and capture more data in a period of time than is possible with manual entry These methods improve accuracy of the entered data by eliminating the keying errors that can occur in manual data entry Enter data close to the originating source a strategy for the capture and entry of eventrelated data close to the place that an event occurs OLTE and OLRT are example of this processing strategy Databases are more current and subsequent events can occur in a timelier manner There is less risk that inputs will be lost because data are not transported to a data entry location Digital signature This technology validates the identity of the sender and the integrity of an electronic message to reduce the risk that a communication was sent by an unauthorized system or user or was intercepted in transit Exception and summary report this report reflects the events that were accepted or rejected by the system Even though the keyed input was edited and validated some data still could be rejected at the update stage of processing where the computer compares the input data with the master data Batch control plans regulate information processing by calculating control totals at various points in a processing run and subsequently comparing these totals When the various batch totals fail to agree evidence exists that an event description may have been lost added or changed Batch totals can re reconciled manually or the computer can reconcile them Documentrecord counts simple counts of the number of documents entered This procedure represents the minimum level required to control input completeness Item or line counts counts of the number of items or lines of data entered such as a count of the number of invoices being paid by all the customer remittances By reducing the possibility that line items or entire documents could be added to the batch or not be input this control improves input validity completeness and accuracy Dollar totals a summation of the dollar value of items in the batch such as the total dollar value of all remittance advices in a batch By reducing the possibility that entire documents could be added to or lost from the batch or that dollar amounts were incorrectly input this control improves input validity completeness and accuracy Hash totals a summation of any numeric data existing for all documents in the batch such as a total of customer numbers or invoice numbers in the case of remittance advices Hash totals normally serve no purpose other than control They can be a powerful batch control because they can determine whether inputs have been altered added or deleted Turnaround documents used to capture and input a subsequent event Examples are picking tickets and remittance advice stubs attached to customer invoices They can facilitate automated data entry They can be used for the input of individual items rather than batches Key verification takes place when input documents are keyed by one individual and then rekeyed by a second person The data entry software compares the 2nd keystrokes to the strokes keyed by the 151 individual Differences are assumed that one person misread or miskeyed the data Sequence check can be applied to those documents to determine that all documents have been processed Batch sequence checks the event data within a batch are checked as followed the range of serial numbers constituting the documents in the batch is entered Each individual serially prenumbered document is entered The computer program sorts the input documents into numerical order checks the documents against the sequence number range and reports missing duplicate and out ofrange data Cumulative sequence check provides input control in those situations in which the serial numbers are assigned within the organization but later are not entered in perfect serial number sequence The matching of individual event data numbers is made to a file that contains all document numbers Reports of missing numbers are produced for manual followup periodically Agree runtorun totals reconciling totals prepared before a computer process has begun to totals prepared at the completion of the computer process The totals may be prepared and reconciled either manually or by the computer This control is useful when there are several intermediate steps between the beginning and the end of the process and we want to be assured of the integrity of each process Tickler file a manual file of documents or a computer file that contains business event data that is pending further action Such files must be reviewed on a regular basis for the purpose of taking action to clear items from that file Should tickler file documents remain in the file for an extended period of time the person or computer monitoring the file would determine the nature and extent of the delay Oneforone checking the detailed comparison of the individual elements of 2 or more sources to determine that they agree This control is often used to compare a source document to an output produced later in a process Differences may indicate errors in input or update If the output cannot be found for comparison there is evidence of failure to input or process the event This procedure provides detail as to what is incorrect within a batch Oneforone checking should be reversed for lowvolume highvalue events because it s very expensive to perform Data encryption a process that employs mathematical algorithms and encryption keys to encode data so that it is unintelligible to the human eye and therefore useless to those who should not have access to it It is used in situations where the data are of such a sensitive nature that we want to preserve the data s privacy and confidentiality Compare input data with master data We can determine the accuracy and validity of the input data Such comparisons may be done manually or by the computer Three examples include inputmaster data match inputmaster data dependency checks and inputmaster data validity and accuracy checks Descriptions of these examples are on page 298 Chapter 1011 Order entrysales process OES is the first four steps in order to cash process refects an interactive structure of people equipment methods and control designed to achieve goals primary function of OES to support repetitive work routines of various depts by capturing recording and communicating sales related data and to support decision needs of various sales and marketing functions 1 Presales activities 2 Sales order processing 3 Picking and packing 4 Shipping horizontal view shows how the OES process relates to the repetitive work routines of the depts shows the value chain and how it creates value to the customer order fulfillment process makes sure customers are satisfied shown with document symbol but most can be done with electronic communication workflow and data stored in an enterprise database credit authorized through electronic approval pick goods inform workers in shipping dept of pending shipment shown with a sales order or electronic image on comp screen informs billing of pending shipment vertica view shows how the OES process relates to managerial decision making within mkt saes related data are captured in the sales order dept and flow vertical to managers focused on customer needs success of companies based on their ability to know their customers and serve them better than the competition this increases the type and amount of data needed in OES customer relationship management systems share the same underlying database but still focus on the individual customer ways of collecting data regarding customers have become sophisticated advances in database mgt are leading to a focus on the use of data warehousing and data mining techniques data warehousing viewed as focused on either operation or analytical applications operation applications focus on providing decision makers with info they need to monitor and control their company operationa monitor and control company or analytical using data to get statistical info to get insight applications data mining intended to use software to help members develop insight about customers processes and markets toos extract data and analyze used to generate market analysis models major user of warehouse data is the mkt dept neural networks statistical analysis packages and graphical presentation software ebuisness systems used to penetrate global markets process orders wo a physical presence two types 1 buy sideuse the internet to automate and mangage corporate vendors uses EDI Ex supply chain mgt eprocurement automates corporate purchasing esourcing sets up auctions among various venders for products 2 sell side designed to allow a company to mkt sell and deliver goods to customers throughout the world through the internet can handle 828 and BZC transactions Ex customer relationship mgt mkt mgt manages campaigns and promotions catalog mgt keeps c atalog up to date epayment global credit authorizations and currency transactions order mgt processes order info CRM systems is designed to manage all the data related to customers including mkt field service and contact mgt data purpose is to retain customers prospection of customers includes finding new customers or new business with exisiting customers CRM contact mgt features facilitate the recording and storing of info related to each contact organization has with a client and the context of conversations and meeting allows salesperson to become familiar with customer before they call them as well as more personalization segmentation grouping customers into catagories based on the key characteristics saes route automations software routes calls to a particular sales rep who has previously worked with the customer provides the operator with soloutions to a customers problem customer self service systemsalows customer to complete inquiry and perform tasks wo the help of the company employees Ex ATMs pay at the pump systems automated telephone systems payback of these systems is huge because there is a reduced number of employees needed RFQ request for a quote ATP available to promise inventory availability exception routine aka reject stub info thrown away unless it helps mkt then it is stored customers enjoy internet based orders more than phone orders submitting orders just below your credit limit makes the credit risk greater than desired customers credit may be reviewed for each sale after successful credit approval these steps are done at the same time 1update the inventory master data 2update the sales order master data 3 circulate the sales order data on shipping tab tells the route that should be taken bt the plant and customer picking tickets authorizes the warehouse to pick the goods from the shelf and send them to shipping customer acknowledgement sent to the customer to notify them that orders acceptance and expected shipping date saes order notification is sent to billing to notify them of a pending shipment or this might not actually be quotsentquot at all computer record is sufficient sometimes if goods aren t available then a back order routine is initiated to order the missing goods for a customer shipping clerk matches the qty of goods qty on picking ticket and the quantity stored in the sales order data if they don t agree then they reject the order and resolves the discrepancies inventory master data is updataed to change the qty allowed for the sales order to an actual shipments reducing the qty of inventory shipping billing notification message on computer screen or report of shipments not billed Bill of lading contract bt shipper and carrier where carriers agrees to transport the goods to customer Packing slip attached to the outside of a package and identifies the customer and contents GL inventory sales update to notify GL process that inventory has been sold and C65 has increased 0 ES process involves these data stores 1 cusotomer master datarecord of every customer with whom you do buisness 2inventory master data record of each item in stock in warehouse or regularly ordered 3 marketing data repository of a variety of sales oriented data 4 sales order master data created on completion of sales order 5 AR Master data 0 ES Process performs data maintance and master data updates before goods are sold data must be performed to create a customer master record box around relationship indicates that their will be a relation in the data relations have few attributes optica based technology eliminates the need to key data in and to eliminate paper documents bar code readers devices that use light reflection to read differences in bar code patterns to identify a labeled item shipping companies use this too optical character recognition for pattern recognition of hand writing or printed characters both bar codes and OCR eliminate risk of error scanners input devices that capture printed images and convert them into electronic digital signals digital image processing computer based systems for capture storage and retrieval and presentation of images if valid customer number is entered the system retrieves llstanding data including name address credit terms then enters into preformatted screen picking ticket is eventually discarded monitoring open order to ensure prompt shipment is a form of lltickler file contro goals are listed across the top of a matrix Examples of operations process control goals include 1effectiveness of operations why the process exists 2 efficient employment of resources 3 resource security Examples of Information process control goals sales order inputs and shipping notice inputs 1input validity IV valid sales order from an existing authorized customer win authorized credit limits 2 input completeness IC and accuracy IA of sales orders and shipping notices 3 update completeness UC and accuracy UA happens twice at sale and shipping Control plans include both that are characteristic of AIS business process and those that realte to the technology used to implement the application Customer credit check performed to ensure that a company does not extend more credit to a customer than is sensible segregation of duties bt sales and credit dept Compare picking ticket and picked goods one for one checking ensuring correct goods Independent shipping authorization tells that someone other than the warehouse authorized the shipment segregation of duties among sales warehouse and shipping Compare shipment to sales order and picking ticket any discrepancy might show a unauthorized or duplicate shipment Independent customer master data maintenance segregation of duties among the people who create the customer record and who creates thee sales order Review file of open sales orders tickler file detect any shipments that should have taken place Chapter 12 The Purchasing Process The Purchasing Process is an interacting structure of people equipment methods and controls that is designed to accomplish the following primary functions 0 Handle the repetitive work routines of the purchasing department and the receiving department 0 Capturing and recording data related to the daytoday operations of the departments 0 Data Is used to generate source documents purchase ordersreceiving reports to produce internal and external reports 0 Support the decision needs of those who manage the purchasing and receiving departments 0 Assist in the preparation of internal and external reports Organizational Setting 0 Internal Perspective 7 look at the owchart on page 4212 0 Possible Goal Con icts 0 Different managers have different organizational objectives and incentives 0 Ex A purchasing manager may take advantage of discounts and buy too much causing storage problems for the receiving manager Purchasing manager 7 performs major buying activities as well as the required administrative duties of running a department professional buyers do the actual buying Receiving supervisor 7 responsible for receiving incoming goods signing the bill of laaling presented by the carrier supplier w shipment reporting the receipt of goods and making prompt transfers of goods to the appropriate warehouse or department 0 Prioritization of goals is used by managers to prevent goal con icts Various goals for a situation are prioritized in order to accomplish the best solution given the circumstances EX Pay more for a product if quality is a very sensitive factor for customers 0 EXtemal Perspective 0 Supply Chain 7 the connections between an organization including the ow of information materials and services from suppliers merchandise amp raw materials to the organization s customers Suppliers 9 Manufacturers 9 Distributors 9 Wholesalers 9 Retailers 9 Cust omers Move Raw Mat9Produce amp Deliver9Market amp Sell9Install amp Service Depicted as a value system 7 each player in the chain performs a set of activities to transform inputs into outputs valued by its customers Facilitated by the enterprise system 0 Supply Chain Management SCM 7 is the processes used to ensure delivery of GS s to customers for the lowest cost and highest value Goal 7 increase product availability amp reduce inventory across the supply chain Must coordinate the ow of info amp goods among members of the supply chain SCORmodel SupplyChain Operations Reference Model 7 a process reference tool that allows companies to standardize their supply chain process and to identify how to make improvements 0 Plan Determine demand and set a course of action to source produce deliver and possibly return a product Source Select supplysources and obtain the goodsservices needed to meet demand planned or actual receive the product and authorize payments to suppliers Make Transform a product to a finished state to meet demand Deliver Order fulfillment 7 receive customer orders provide goodsservices and invoice the customers Return Postdelivery support retums allowances on defectiveexcessive products SCM Software 7 helps an organization execute the steps in the supply chain Software produces can perform individual functions or complete steps There are 2 categories of software products 0 SC Planning Software 7 accumulates data from customers sales and manufacturing amp delivering capabilities how much product is needed to satisfy demand 0 SC Execution Software 7 automates the SCM steps It receives orders routes them amp executes the invoice for the sale Benefits lower costs to customers higher availability of product everyone higher availability leading to lower backorder costs higher response to customer request for product customization Reduced inventories along supply chain improved relations smooth workloads due to planned arrivalsdepartures of goods reduced item costs through planned purchases increased orders reduced defects Problems that can occur list on pg 425 o Bullwhip effect 7 misreading an order and causing them to multiply drastically thus creating huge uctuations in supply and demand Collaboration See table 122 pg427 o CPFR Process Collaboration Planning Forecasting amp Replenishment 0 Strategy and planning I Collaboration Arrangement 7 set up the business goals for the relationship define the scope of the collaboration amp assign roles responsibilities checkpoints and escalation procedures I Joint Business Plan 7 ID significant events that affect supply and demand 0 Demand amp supply management I Sales Forecasting 7 project consumer demand at the point of sale I Order planningforecasting 7 determine future product ordering and delivery requirements based upon the sales forecast inventory positions transit lead times and other factors 0 Execution I Order Generation 7 transition forecasts into firm demands I Order fulfillment 7 produce ship deliver and stock products for consumer purchase 0 Analysis I Exception management 7 monitor planning operations for outofbounds conditions I Performance Assessment 7 calculate key metrics to evaluate the achievement of business goals uncover trends or develop alternative strategies Logical Process Description 0 Determine Requirements for reordering goods 0 Purchase recognition 7 an internal request to acquire goods and services from authorized personnel within an organization and for inventory replenishment from automated inventory replenishment systems 0 Reorder point ROP analysis 7 recognizes that each item of inventory is unique with respect to the rate at which it is sold 0 Economic order quantity EOQ 7 is a 39 39 J of 39J 39 all 39 39 costs associated with acquiring and carrying particular items of inventory I Inventory carrying costs 0 Opportunity cost 0 Insurance costs 0 Property taxes 0 Storage costs 0 Cost of obsolescence and deterioration 0 ABC analysis 7 is a technique for ranking items in a group based on the output of the items ABC analysis can be used to categorize inventory items according to their importance 0 Order Goods and Services 0 lSt process involves vendor selection buyer uses vendor master data to ID potential suppliers 0 Blanket orders amp annual agreements 7 combine as many orders as possible vender has been chosen in advance of a particular purchase and only determination is the quantity to order at this time I Competitive bids may be needed 7 found by using a request for quotation 0 Vendor selection can have an impact on the success of inventory control and manufacturing functions 0 Purchase orders 7 request for the purchase of goods from a vendor I Contains data regarding the needed quantities expected unit prices required delivery date terms and other conditions 0 Blind copies 7 certain data required for purchases is blanked out Receive Goods and Services 0 Vendor packing slop I Accompanies the purchased inventory from the vendor and identifies the shipment and triggers the receiving process 0 Receiving report 7 is the document used to record the merchandise receipts previously the PO receiving notification 0 Acceptance reports 7 used to acknowledge formally the satisfactory completion of a service contract Master vendor data 7 contains a record of each vendor that is approved for use 0 Stores info phone s addresses etc 0 Used by management to evaluate vendor performance Purchase requisitions data 7 stores purchase requisitions which are internal requests for P0 master data 7 compiles all order and the status 0 Purchase receipts data 7 is an event data store with each record re ecting a receipt of goods and services Technology Trends and Developments 0 eprocurement 7 is the information technology to automate signi cant portions of the procurement process 0 Improves supply chain management by lowering admin costs I Reduces people and time required for procurement processes 0 2 elements I Paperless system 7 eliminates documents and forms as the medium for conducting business 0 Replaced with compute screen displays I B2B marketplaces 7 web sites or portals that may be used as sources of supply in the procurement process 0 RadioFrequency Identi cation RFID 7 used to improve supply chain management 0 System for sending and receiving data using wireless tech 0 Uses tools to store information transmit and decode I Attached to things such as barcodes Physical Process Description 0 Requisition and order merchandise 0 Receive Merchandise Fraud Connection 0 Purchasetopay process makes it easier for cash to be embezzeled 0 Use of code of conduct Application of the Control Framework to Purchasing 0 Control goals of the operation process 0 Effectiveness of operations Ef cient employment of resources Resource security Input validity approval authorized Input completeness of purchase requisitions PR Input completeness of vendor packing slips VPS Input accuracy of PR Input accuracy of VPS 0 Update completenessaccuracy of the PO 0 Recommended control plans 0 Approve purchase requisition Use authorized vendor data Independent vendor master data maintenance Compare vendors for favorable prices terms quality and product availability Approve purchase order Con rm purchase order to requesting department Independent authorization to record receipt Inspect goods OOOOOOO OOOOOOO Chapter 13 The Account PayableCash Disbursements Process 3 Main Functions 0 Handles the related daytoday work routines like recording and paying vendor invoices and produce 0 Prepare internal reports for managers for decision making 0 Prepares external financial statements The Organizational Setting of Accounts Payable o The Horizontal Perspective 0 Flow 1 lnvoice from vendor 0 Flow 2 AP notifies the general ledger who updates the account for AP for the amount of the invoice 0 Flow 3 AP requests payment from the cashier and makes the general ledger aware of pending payment 0 Flow 4 Payment sent to vendor paid voucher sent to AP and notice of payment sent to general ledger o The Vertical Perpsective this includes all the small individual departments that help to execute the above flow chart they include 0 Warehouse manager uses purchasing data to control the inflows and outflows of inventory to provide space for goods The controller uses purchasing and receiving data to validate incoming vendor invoices The treasurer makes sure that there will be enough funds to pay for future obligations The cashier has custody over the money and executes the payments authorized by AP See figure 132 pg 466 0000 Logical Process Description 0 DFD of AP process pg 467 two main processes establish payable and make payment 0 Establish Payable Receive invoice 10 o Validate invoice 11 0 Authorize the invoice by comparing it to master data and to purchase order and then compared to receiving data 0 Accuracy make sure discounts terms etc match the amt due on invoice 0 Recording the payable 12 0 Record data in purchase events data store to update accounts 0 Create record in AP master data amp update inventory master data 0 Notify and update the general ledger 0 Make Payment 20 0 Prepare proposed payments a list of invoices selected by due date and discount dates that could be paid 0 Select and record payments amending the list of invoices to pay by adding ones made to a vendor or holding off on delayed shipments 0 Issue and record disbursements calculate payment to be made 0 Mark invoice as paid 0 Make cash disbursement event in data store 0 Send payment to GL where entry is made to record pmt 0 Payment schedule depends on how company wants to pay bills many invoices to one vendor with one check or keeping cash balance high to cover other cash disbursements 0 Processing Noninvoiced Disbursements o 2 different systems for paying pg 471 DFD 0 True voucher process where all pmts recorded formally as a payable before they can be paid 0 Nonvoucher processless formal approve then issue and record payment 0 Logical Data Descriptions 0 Purchasing events data chronologically show the details of invoices that are recorded with date vendor invoice account distributions tax freight assets and gross amount paid 0 Accounts payable master data repository of all unpaid invoices including all details of invoice 0 Cash Disbursements events data chronological sequence of cash payments made with all details of invoice and terms of payment shown check number invoice number discounts etc 0 Logical Database Design Entity relationship diagram on 473 which assumes that it is a nonvoucher system and that it is all merchandise inventory items 0 The primary key of the relationship PAYMENTRELATIONS is a composite key comprised of the invoice number and the cash disbursement Technology Trends amp Developments 0 Einvoicing 3 ways 0 Scanning the paper invoice into the computer where you can view a digital image of the invoice but to create a payable system this way the information must be typed in a standardized manner to avoid error 0 Use of purchasing p cards this reduces the number of invoices by consolidating multiple orders into one big invoice o Submitting invoices over the internet 0 Evaluated Receipt Settlement ERS process by which an organization pays for a purchase on the basis of the goods receipt This eliminates the invoice entirely and is only used with trusted vendorsyou tell them what you received and pay according to the purchase order 0 Uses of Electronic Data Interchange EDI for the APCD process organization sends purchase order to vendor which is automatically entered into the vendor s sales system The vendor will send an advanced shipping notice telling them goods are on the way Vendor then sends invoice to customer via EDI which is automatically pout into the AP system When time for payment comes the organization prepares an EDI payment from their bank to the vendor o Improves accuracy reduces costs no delay or lost papers 0 Epayments Electronic lnvoice Presentment and Payment Systems EIPP o 828 systems that combine einvoicing and epayment processes that send invoices to customers using a web portal or a 3rd party vendor Business need to integrate their business processes and integrate their legacy AP amp CD systems with that of the 3rd party I Savings are in reduced staff paper and postage fewer errors I Eliminates float which can be bad for the payer o XIG N s order to pay process is operated on a network called XPSN o The buying organization creates purchase order which is put into XIGN format onto the server 0 Email notifies seller of PO order which can be sent directly to their sales system 0 lnvoices from vendor can be done 3 ways I Log on to XPSN and convert PO to invoice I Create efile to link billing system with XPSN I Use web template to create invoice 0 Buyer receives invoice through enterprise adapter 0 Reduces costs from manual processing increased efficiency in routing reduced vendor calls Physical Process Description 0 Pg 481 flowchart 0 Uses batches compares purchase orders and receiving report and then updates payables and GL 0 To pay the invoices the AP data is searched periodically to see what invoices are due then paid then update the AP master data the GLfor payment and sends data to EDI translator which appropriately encrypts the data for the banks to pick up 0 The bank processes information and debits the payables of the buyer and credits receivables of seller 0 Exception Routines 0 Purchase returns and allowancesoccurs when inspecting amp counting goods I To adjust for returned goods a debit memorandum is prepared and sent to vendor where the vendor usually prepares a credit memo the goods are set aside and then returned upon agreement of credit memo o Other exceptions I mismatch of reports can result in purchase allowance I accept errors within certain of error I when reconciliation of batches doesn t match cash payments 0 The Fraud Connection 0 Fraud amp AP Function I creating phony vendors in vendor master data I submitting fictitious invoices 0 Fraud amp CD function I Check forgery fraudulent wire transfers I Counterfeit checks and cash 0 Nonfraudulent Losses 0 Overpayment of accounts payable I Incorrect decimal place I Mistake which vendor to pay accidenty pay twice Application of the Control Framework 0 Operations Control Goals 0 Effectiveness of operations I Optimize cash discou ntsrecorded amp paid in timely manner I Amount maintained in CD accounts is enough to satisfy invoices with cash discounts accounted for 0 Efficient employment of resources people and computers 0 Resource Security cash and AP data should be protected against fraud and other losses 0 Information process control goals 0 Input validity I Invoices what was ordered is what was received I Payments documented by valid and unpaid as to not pay twice 0 Input Completeness of invoices amp payments may result in lost discounts and late payments Unrecorded invoices understate liabilities 0 Input accuracy I Of invoices update payable data misstates liabilities incorrect dates set off payment schedule I Of Payments when pmt due terms of pmt don t duplicate pmt 0 Update completeness and accuracy of AP master data must be updated properly to pay and close invoices when complete 0 Recommended Control Plans 0 Independent Validation of vendor Invoices separate authorities like purchase orders and receiving data should record the vendor invoice not all the same person in order to prevent unauthorized invoices 0 Match Invoice w purchase order and receiving report 0 Independent Authorization to make payment AP records should be prepared by someone other than who actually executes the payments 0 Reconcile the bank accounts 0 Make sure to mark paid or void so not accidently paid again 0 Multiple signatures on checks 0 Don t allow long time outstanding checks to be cashed 0 Control matrix and explanations on pg 485 amp 487 Chapter 14 The Human Resource Management 8 Payroll Processes describes the basic roles played by an organization s human resources and payroll functions Human Capitol Management the process of managing how people are hired developed assigned and retained presumes that employees reflect a strategic investment rather than an administrative cost Process Definition and Functions Classic personnel management began with the handling of payroll and personnel administration and evolved by adding functions to handle recruiting employee relations etc as HR management realized the importance of personnel in achieving organizational objectives HCM philosophy based on 3 principles 1 Individual s value to organization is derived from job related knowledge skills attitude amp motivation 2 Human assets include full time permanent employees part time employees temporary employees and independent contractors Also w collaborative commerce arrangements it could include suppliers employees sales channel partners and customers 3 Person s relationship w an organization from hiring through termination must be nurtured to obtain maximum lifetime value Retaining an employee is less expensive than replacing one costs 25 times an employees annual salary plus benefits to replace Definition ofthe HR management process An interacting structure of people equipment methods and controls whose primary function is to create information flows that support 0 Repetitive work routines ofthe HR dept 0 Decision needs of those who manage the HR dept By 0 Capturing recording amp storing data concerning HR activities 0 Generating a variety of HR forms and documents 0 Preparing management amp governmental reports More than any other information process it captures records and stores data that falls outside the normal accounting oriented transaction stream Definition ofthe Payroll Process An interesting structure of people equipment methods and controls that creates information flows to support the repetitive work routines of the payroll dept 0 Traditionally been considered separate from HRMP but because of closeness many companies merge the 2 0 Events Oriented process Integration of the HR management 8 Payroll process Advantages gained by allowing the 2 process to share common data include 0 Creating a single source for obtaining HR info 0 Provides for faster data access o Minimizes data redundancy o Ensures data consistency and integrity 0 Facilitating data maintenance 0 Improving data accuracy The HR management Process 0 Organizational Setting 8 Managerial Decision Making VP of Human Resources Mgr safety Mgr of Mgr of Mgr of Mgr of health employee amp human personnel personnel services amp industrial resource planning amp appraisal amp benefits relations systems staffing development Table 141 describes key functions decisions amp info needs of each HR mgr 0 HR management process supplies managers w certain types of useful info 0 Technology Trends 8 Developments 0 HR self service systems have greatly improved the efficiency and effectiveness of the HR management process Enterprise systems play a major role in implementing required HR amp payroll functionality O 0 Implementing the HR management Process It is generally considered essential to record HR actions as soon as they are approved A number of reasons exist for immediately recording changes affecting employees including the need to ensure that each employee s paycheck reflects the employee s current status 0 Processing inputs I Selecting employees departmental supervisors amp managers outside the HR function may initiate to satisfy needs using the needs request screen or may be initiated by system automatically if programmed Evaluating Employees managers and supervisors outside the HR function initiate actions affecting employees then mgr 5 typically approves review an initiates changes Terminating employees Closes the employment process loop It is usually based on both quantitative amp qualitative data HR process keeps track of quantitative data 0 Processing Logic 8 Processing outputs HR requests initiated outside the HR department must be routed to and approved within HR department once approved data is updated and reports are made Outputs produced include I Feedback to employees concerning performance I Employment letter to new employees I Dismissal letters I reports to unions I reports to Equal Employment Opportunity I reports to Occupational Safety amp Health administration I reports to Dept of Labor 0 Key Data Tables 0 Employee Payroll master data helps management determine the total cost of its workforce t aids in setting hiring policies in the context of providing info for compliance with affirmative action measures Labor Force Planning data maintains data concerning an organization s short and long term staffing requirements Skills Inventory Data catalogs each employees set of relative skills continually updates The Payroll Process Generally falls under the authority of the controller s office 0 Logical Description of the Payroll Process 0 O O OO 0 Process 10 perform data maintenance To begin the tax rates data is updated to ensure current tax rates are being used in preparing employee paychecks then 2 data flows enter the payroll process from departmental managers and supervisors I Attendance time records show time periods show the time period that employees are in attendance at the job site and available for work recorded near entrance of workplace I Job time records reflect start and stop time on specific jobs prepared by employees Process 20 reconcile hours worked Compares the total hours of each worker as shown by attendance record wjob time records hours should agree Process 30 distribute labor cost interfaces w the general ledger process to provide necessary journal entries for the distribution of labor charges Process 40 pay employees initiated by validated attendance time records I 41 prepare paychecks retrieves data from employeepayroll master data all employee info and tax rates data HR personnel enter data items into table control It then prints and distributes I 42 prepare disbursement voucher documentation to recognize liability I 43 prepare payroll transfer check sends check to bank to cover organizations periodic net payroll Process 50 Accrue liabilities accrues employer and withheld liabilities taxes Process 60 Prepares payments amp deposits initiated upon receipt of accrual notification data flow Process 70 Prepare payroll tax reports assistance in satisfying govt tax regulations in preparing I Form 941 I Form W2 I Form 1099 r I Employee retirement income security act ERISA report 0 The Employee Payroll Master data Central repository of data about people who work for an organization each record contains identification data as well as data used for paycheck computation 0 Accounting Entries Related to the Payroll Process exhibit 141 0 Implementing the Payroll Process In most organizations payroll processing is done on a periodic process 0 Electronic time management system computer based system that captures stores and reports time 0 Payroll direct deposit pay sent to bank account 0 Payroll service bureau a company that specializes in rendering payroll services to client companies for a fee 0 Once data is approved he payroll system I Updates the employeepayroll master data amp distributes labor costs I Prepares employee s checks and sends to banks I Prepares outputs like pay stubs I Send payroll register to ap dept who prepare a disbursement voucher which is sent to cashier where a transfer is made 0 The Fraud Connection 0 Ghost employees median loss 275000 employees who don t work but receive checks 0 Falsified Hours 8 Salary median loss 30000 exaggerations 0 Commission schemes median loss 200000 falsify sales or increase commission rate 0 False workers compensation claims median loss 155000 fake injuries Measure used to prevent or detect schemes 0 Segregation ofduties 0 Direct deposit eliminates alteration forgery amp theft of paper checks 0 Checking for duplicate names amp addresses amp SS s on employee data 0 Compare actual budgeted payroll Employees are also reimbursed for business related expenses which can lead to fraud 0 Application of the Control Framework Operations process control goals 0 Effectiveness ofoperations provide employees with timely paychecks provide timely filing oftax returns and other reports w gov t agencies comply with requirements of payroll tax laws amp regulations Efficient employment ofresources people and computers 0 0 Resource security Resource of interest include cash amp information resources residing on the employee payroll master data Control plans should eliminate unauthorized access of employeepayroll master data Information process control goals 0 IV valid time data 0 IC amp IA for the time data 0 UC amp UA for employee payroll master data Recommended Control Plans EXHIBIT 142 p524 526 Enter time data close to data s originating source Approve attendance time data amp job time data Reconcile attendance time data amp job time data Independent Paycheck distribution Use a payroll clearing account separate bank acct used solely for payroll Use an imprest payroll bank account the fund is reimbursed for the exact amount of the disbursements made from the fund When applied it requires that the amount of cash transferred from the general cash account to the payroll bank account be the amount of the total paychecks issued 0 O O O O O Chapter 15 Integrated Production Process Manufacturing area most impacted by global competition quickest route for developing countries to increase wealthy and wages 0 Drivers of complexity in manufacturing operations 0 Pressure to reduce costs throughout the value chain 0 Pursuit of new lucrative markets and channels 0 The quickening pace of product innovation 0 Key characteristics of companies successful at managing pressures from global complexity 0 Improved internal business processes in the areas of customers products and supply chains 0 Better use of technology to increase integration within and among these 3 areas customers products supply chains 0 Better general capabilities in the areas of collaboration exibility visibility and technology 4 key components of effective integrated production processes in more depth 0 Product innovation 7 designing innovative products and getting them to the market quickly is key cooperation between engineering manufacturing and marketing is vital 0 Product lifecycle management system PLM 7 enterprise system add ons that organize data by product allow access to data across the organization increase innovation in product design reduce design time and improve product performance 0 Production process innovation 7 o Throughput time 7 the time it takes from when authorization is made for goods to be produced to when the goods are completed 0 Push manufacturing 7 sales forecast drives production plan and goods are produced in large batches 0 Pull manufacturing 7 production is initiated as individual sales orders are received I Shorter r J quot time 39 ow 1 quot cellular manufacturing reduced work in progress and finished goods inventories reduced oor space 0 Supply chain management 7 the combination of processes and procedures used to ensure the delivery of goods and services to customers at the lowest cost while providing the highest value to customers manufacturer must forecast demand determine lead times monitor inventory levels for numerous raw materials and plan for the manufacture of finished goods 0 Subassemblies 7 separately manufactured components used in the final product could be manufactured at the same time as the final product or across the globe 0 Available to promise planning 7 accumulation of the data on current inventories sales commitments and planned production to determine whether the production of finished goods will be sufficient to commit to additional sales orders 0 Capable to promise planning 7 accumulation of the data on current inventories sales commitments and planned production and excess production capacity 0 Management accounting systems 7 0 Activity based costing 7 costing approach where detailed costs to perform activities throughout the value chain are computed and can be managed or assigned to cost objects including projects prevalent in companies seeking to increase cost accuracy and usefulness I Lifecycle costs 7 sum of the costs to design produce market deliver and support a product throughout the products lifecycle Integrated production process begins at the start of the value chain with the design and production process master production schedule developed detailed definition of needs for materials detailed production instructions information about process continually captured 0 Design product and production processes 7 vital in determining profitability of new product lines activity based costing 0 Computer aided designengineering CADCAE 7 application of computer technology that automates the product design process aim to improve design productivity reduce design lead time enhance quality facilitate access to and storage of product design etc I Bill of materials 7 listing of all subassemblies parts and raw materials that go into a parent assembly showing required quantities of each manufacturing process more standardized quality improved costs reduced Parts master 7 raw material inventory master lists details specs for each raw materials item Routing master 7 specifies operations necessary to complete a subassembly or nished good and the sequence of these operations Computer aided process planning 7 used in developing the routing master for new products Work center master 7 describes each work center available for producing products Workstation 7 assigned location where worker performs job Work center 7 group of similar workstations 0 Generate master production schedule 7 a statement of specific production goals developed from forecasts of demand actual sales orders andor inventory information emphasis on cost reduction means cannot generate too much of the wrong products based on multiple sources like customer orders 0 Global inventory management 7 inventory needs and production capabilities are matched across the entire global enterprise not just at a regional level 0 Determine needs for materials 7 identifying ordering and receiving materials 0 Materials requirements planning 7 uses bills of material raw material and work in progress inventory status data open order data and the master production schedule to calculate a time phased order requirements schedule for materials and subassemblies Exploding the Bill of Materials 7 involves extending a bill of material to 0 determine the total of each component required to manufacture a given quantity of upper level assembly or subassembly specified in the MPS 0 Develop detailed production instructions 7 detailed instructions showing exactly when the goods will be processed through each necessary work center and the labor necessary to complete the work 0 Capacity requirements planning CRP 7 uses information from the master production schedule and timephased order requirements schedule to develop detailed schedules that consider the feasibility of production schedules based on available capacity in the work center status records then assigns target start completion dates to workstationsworkcenters and releases manufacturing orders 0 Manufacturing orders 7 convey authority for the manufacture of a specified product or subassembly in a specified quantity and describe the material labor and machine requirements for the job offlcial trigger to begin manufacturing operations Move tickets 7 authorize and record movement of a job from one work center to 0 another Raw materials requisition 7 authorization that identi es the type and quantity of materials to be withdrawn from the storeroom and tracks the manufacturing order 0 being produced and the work center needing the raw materials Manufacturing resource planning 7 integrated decision support system for O planning executing and controlling manufacturing operations 0 Manufacturing Production work centers 0 Flexible manufacturing systems 7 used to control the actual production of the goods Computer aided manufacturing 7 application of computer and communication 0 technology to improve productivity by linking computer numerical control machines monitoring production and providing automatic feedback to control operations Automated storage and retrieval systems ASRS 7 computer controlled 0 machines that store and retrieve parts and tools Just in time HT 7 pull manufacturing philosophy more responsive to precisely O timed customer delivery requirements Record manufacturing events 7 high automated 0 Shop oor control SFC process 7 devoted to monitoring and recording the status of manufacturing orders as they proceed through the factory Generate managerial information 7 variance information used in monitoring efficiency and adherence to production plans help companies identify strategies for managing cost benefits Variance analysis 7 process of comparing actual information about input costs and usage to standards for costs and usage for manufacturing inputs 0 Record standard costs 0 Compute raw material quantity variance 0 Compute direct labor variances 0 Close manufacturing orders 0 Compute manufacturing overhead variances Inventory management 7 determine appropriate levels of raw materials subassemblies and finished goods inventory to assure that production can be maintained and finished goods delivered in a timely manner 0 Management fraud 7 inventory manipulation problem is massive 0 Inventory process controls 0 Effectiveness of operations 7 to maintain a sufficient level of inventory and minimize the cost of carrying inventory perpetual inventory records JIT materials acquisition internal transfer procedures 0 Efficient employment of resources 7 JIT materials acquisition warehouse bin location 0 Resource security 7 of raw materials work in process and nished goods inventory assets and the information resources stored in the inventory master data periodic physical inventory counts locked staterooms Chapter 16 Functions of The General Ledger and Business Reporting 9 General ledger o accumulating data classifying data by GL accounts recording data in those accounts 0 fueling FR BR and other reporting subsystems 9 Business Reporting 0 preparing generalpurpose external financial statements 0 ensuring that F S conform to GAAP o generating webbased forms 0 generating ad hoc amp predetermined business reports 9 EBusiness Angle 0 Operational stores are financial information stored in databases used to create the chart of accounts GL and financial reports 0 Manual Reports 9 The old method of manually preparing financial reports 9 Financial reports are comprised of text and data from the operational data stores formatted as financial statements 9 Often data had to be rekeyed for each different report created 0 XBRL Enabled Reports 9 Operational store data contains descriptive semantic tags 9 XBRL enabled report reads descriptive tag and merges data into report 9 Data from one data store can be used to generate many different reports including Web reports without rekeying Integrated Systems Perspective Including ERP 9 Events summarized automatically by the system eliminating the need for a separate GL process 0 The GL is simply a report summarizing transactions by account and by date in ascending order 9 Treasurer still enters investment and financing transactions into treasury module 9 Controller still enters adjusting entries 9 Financial reports are generated by the system using ad hoc queries or preestablished reports Responsibility AccountingReporting System 9 Duties of managerial reporting officer 0 Reports to assist internal management decision making 0 Performance reports comparing actual performance with budgeted performance 0 Reports are most detailed at lowest levels of management least detailed at highest levels of management o It ties into the concept of responsibility accounting Summary of Horizontal and Vertical Information Flows 9 Horizontal flows 0 Events are processed in various operational systems 0 Culminates in GL and external business reports 9 Vertical Flows 0 GL and other event information flow upward through responsibility accounting system 0 Culminates in internal performance reports GLBR Process Context Diagram 9 Various feeder processes provide event information 9 Source of internal and external financial reports GL Hierarchical Coding 9 1113 Cash in Bank 0 1xxx assets 0 x1xx current assets 0 xx1x cash accounts 0 xxx3 cash in bank 0 1111 might mean petty cash 1112 might mean change fund 1121 might mean trade accounts receivable 1122 might mean receivables from officers Chart of Accounts 9 Must be flexible to meet the firm s financial and managerial reporting needs 9 For a multientity firm there is need to code for departments geographical regions product lines divisions and special reporting entities 9 Should accommodate llrolling up or consolidating accounts into statements using different forms Technologyenabled Issues in Business Reporting 9 FR modules in ERP systems 9 Balanced Scorecard 9 Business Intelligence 9 Business Reporting via the Internet 9 Public Databases 9 Objectoriented databases ERP Financial Module 9 Many options available for processing business events that affect multiple processes 9 Not all users do not need all these options 9 For security reasons and for ease of use we limit the access to menu items to only those needed a user to perform his or her responsibilities 9 We limit the menu options that appear 9 We allow a user to have different privilege levels for different information that is view access write access entry access andor change access 9 Carefully set up the system limitations for that specific user 9 Each user has their own ID and password Balanced Scorecard 9 Methodology for assessing organization s business performance via 0 Financial 0 Internal business processes 0 Customers 0 Innovation and improvement activities 9 Functionality included in applications by all major ERP vendors Business Intelligence 9 Integration of statistical and analytical tools with decision support technologies 9 Facilitates complex analyses of data warehouses by managers and decision makers 9 Typical module in ERP systems Extensible Business Reporting Language XBRL 9 XBRL is a form of XMLbased language consisting of a set of tags used to unify presentation of business reporting information into a single format 9 Easily read by many software packages 9 Can be easily searched by web browsers 9 Enables easy uploading and downloading of information to other software packages for update analysis etc Public Databases 9 Aid to financial reporting officers in determining BR treatments 9 National Automated Accounting Research System NAARS 9 The Internet may be viewed as one huge public database IT Control Processes for WorkstationtoWorkstation Networks 9 Typical Controls 0 Passwords and access controls 0 Access logs kept and reviewed 0 Call back procedures for remote log on 0 Controls on databasefile access 0 Controls on level of accessprivileges eg readonly file access 0 Diskless workstations 0 Data encryption and digital signatures o Removable drives 0 Backup facilities for extended network failures 0 File lockingcontention controls Workstations Connected to Servers 9 Typical Controls 0 Server logs kept and reviewed Standardized file transfer formats Readonly access to database Frontend workstations process data relieving server 0 O O 0 Data entry to event data store and subsequent batch update to database SarbanesOxley Act of 2002 9 Section 302 o Requires CEO and CFO to certify that financial statements contain neither material untrue facts nor omit material facts 0 Penalty for violation of section 302 up to 20 years prison and 5 million in fines 9 Section 401 o Requires financial statements that clearly reflect the economic reality of business events 9 Section 404 o Defines report on internal control that must be provided with annual report 0 Requires management assertion and auditor attestation on internal control effectiveness 9 Section 409 o Requires rapid and current disclosure of information regarding material changes in financial conditions Current Environment of Financial Reporting 9 Today s environment demands rapid access to information o lnvestors want information sooner SarbanesOxley demands quotrapid and current disclosures SEC has shortened the time companies have for reporting certain events Realtime reporting of events summarized in the GL is just over horizon OOO Chapter 17 Accountant s Roles in System Development 9 System user 9 Business process owner 9 Member of development team 9 Implementation project manager 9 Systems analyst Systems Development Life Cycle Analysis 9 Develop Specs for a new or revised system 9 Systems Development Life Cycle Design 9 Develop an appropriate system manifestation 9 Systems Development Life Cycle Implementation 9 Begin using the new system 9 Systems Development Life Cycle Operations 9 Use the new system Why Systems Fail 9 Lack of senior management support and involvement 9 Shifting user needs 9 Development of strategic systems 9 New technologies 9 Lack of standard systems development methodology 9 Overworked or undertrained development staff 9 Resistance to change 9 Lack of user participation 9 Inadequate testing and user training Conducting the Systems Survey 9 Determine the nature and the extent of each reported problem 9 Determine the scope of the problem 9 Propose a course of action that might solve the problem 9 Determine the feasibility of any proposed development 9 Devise a detailed plan for conducting the analysis step 9 Develop a summary plan for the entire development project Structured Systems Analysis 9 Define the problem precisely 9 Devise alternative designs solutions 9 Choose and justify one of these alternative design solutions 9 Develop logical specifications for the selected design 9 Develop the physical requirements for the selected design 9 Develop the budget for the next two systems development phases systems design and systems implementation Structured Systems Analysis Deliverables 9 Current logical data flow diagram 9 User requirements 9 Proposed system logical data flow diagram 9 Proposed system physical data flow diagrams 9 Costeffectiveness study 9 Proposed system recommendation 9 Approved systems analysis document Approved Systems Analysis Document EXHIBIT 112 Typical Conlean oi an Approved Systems AnalySIs Document 1 Executive summary a New sySQsm censnainrs ZI FFDiECf summier 3 Hardware and soltware constraints to Summary or proposed Svstern b nterface mnsnaims c Summary of lmpacl or new system c Conlraclual and legal reqluremenls n Summary or costeffectlveness and 77 Design phase budget and schedme reconunendations a Design phase personnel and campuIcr 2 Systems analysis summery reqwemems Summary nr rlw rams gainarnd and analyels I Developmem name nerrormed a Fnysisel requiremenrs 3 User requirements Iar me new sysrem a Workload and volume a o erann re ulrcmcnls 9 a b Respunse times r lnfnrmauon rEqulrements e Functional layouts or compurer lnqulry screens c Carmel requirements nu reports 4 Lugrsal speeinearions rur rne new sysxem a syslem growlh a Dara now dlagrams and nerrarrye descrlblng me 9 Recommendations quotSW 39 9395339 SVS E39quot Pro39ecz leader39s recommendations s mmar ill39nar vem s a I39l a u vo l o en b ug l Dculby 10Appmvals e ea less I 39 l d 39 l rr new name eslgn lvcrl 1L Armaments 539 Desc39mmquot me PhVS39Ca39 5 3 a Approved reasinlmy documenl a Data flow diagrams rlowcnarls and narralwe h Analysis memos summaries tables uranhs harts aescnulng the new physical system r ly 4 I about by the new physical System Systems Selection Determine what computer software design will implement the logical specification developed in structured systems analysis Determine what computer hardware will satisfy the physical requirements established in structured systems analysis Choose acquisition financing methods that are in the best interest ofthe organization Determine appropriate acquisition ancillaries Approved Configuration Plan Chosen software configuration and expected performance specifications Chosen hardware type manufacturer and mo el Items to be included in the hardware contracts Results of testing alternative software design and hardware resources Assessment of financing and outsourcing alternatives Hardware Acquisition Alternatives Internalacquis ion Externalacquisition o Servicebureau o Outsourcing 0 ASP Structured Systems Design Convert the structured specification into a reliable maintainable design 9 Develop a plan and budget that will ensure an orderly and controlled implementation of the new system 9 Develop an implementation test plan that ensures that the system is reliable complete and accurate 9 Develop a user manual that facilitates efficient and effective use of the new system by operations and management personnel 9 Develop a program that ensures that users and support personnel are adequately trained Systems Implementation Goals 9 Complete as necessary the design contained in the approved systems design document 9 Write test and document the programs and procedures required by the approved systems design document 9 Ensure by completing the preparation of user manuals and other documentation and by educating and training personnel that the new system can be operated by the organization39s personnel 9 Determine by thoroughly testing the system that the system satisfies the users39 requirements 9 Ensure a correct conversion by planning controlling and conducting an orderly installation of the new system Systems Implementation Steps 9 Complete or update the system design 9 Acquire hardware 9 Test system 9 Configure system 9 Train operators and users 9 Conduct conversion 9 Postimplementation review Post Implementation Review Goals 9 Determine if the user is satisfied with the new system 9 Identify how well the system s achieved performance corresponds to the performance requirements recommending improvements if necessary 9 Evaluate the quality of the new system s documentation training programs and data conversions 9 Ascertain that the organization s project management framework and SDLC were followed during development 9 Recommend improvements to the systems developmentacquisition standards manual if necessary 9 Improve the costeffectiveness analysis process by reviewing cost projections and benefit estimations and determining the degree to which these were achieved 9 Improve projectplanning procedures by examining total project costs and the project team s ability to adhere to project cost estimates and schedules 9 Make any other recommendations that might improve the operation of the system or the development of other information systems Systems Maintenance Goals 9 Accomplish system changes quickly and efficiently 9 Prevent system changes from causing other system problems O O 9 System 99 9 Make system changes that are in the organization39s overall best interest Perfect systems development and systems maintenance procedures by collecting and using information about system changes Supplant systems maintenance with the systems survey if requested changes are significant or if they would destroy the system Minimize control exposure and organizational disruption that can be caused by systems maintenance Maintenance Types Corrective Maintenance performed to correct errors 17 of maintenance costs Perfective Maintenance conducted to improve the performance of an application 60 of maintenance costs Adaptive Maintenance that adjusts applications so that they reflect changing business needs and environmental changes 18 of maintenance costs
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'