Accounting Information Systems (AIS) PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This document is an introduction to accounting information systems (AIS). It discusses the role information plays in modern businesses and the importance of AIS. Furthermore, it explores the different perspectives of AIS design and auditing.
Full Transcript
The Information System: An Accountant’s Perspective We @ Learning Objectives nlike many other accounting subjects, such as inter-...
The Information System: An Accountant’s Perspective We @ Learning Objectives nlike many other accounting subjects, such as inter- mediate accounting, accounting information systems After studying this chapter, you should: (AIS) lacks a well-defined body of knowledge. Recognize the primary information Much controversy exists among college faculty as to what flows within the business should and should not be covered in the AIS course. To Telco) alaatelaien some extent, however, the controversy is being resolved through legislation. The Sarbanes-Oxley Act (SOX) of 2002 Understand the difference between established new corporate governance regulations and stan- accounting information systems and dards for public companies registered with the Securities and management information systems. Exchange Commission (SEC). This wide-sweeping legislation Oyavel-lesiu-Nate ual -Melharsg-lalacml ol-niy-\-19 impacts public companies, their management, and their audi- lilarelaleelmugclalrleulelaceelale tors. Of particular importance to AIS students is the impact of ravelalilarelaleelimag-laleleule) acy SOX on internal control standards and related auditing pro- Know the principal features of the cedures. Although SOX does not define the entire content of general model for information the AIS course, it does identify critical areas of study that systems. need to be included. These topics and more are covered in Understand the organizational the chapters of this text. structure and functional areas ofa The purpose of this chapter is to place the subject of AIS in business. perspective for accountants. Toward this end, the chapter is divided into three major sections, each dealing with a different Be able to distinguish between aspect of information systems. The first section explores the external auditing, internal auditing, information environment of the firm. It identifies the types of and advisory services as they relate to information used in business, describes the flow of informa- accounting information systems. tion through an organization, and presents a framework for viewing AIS in relation to other information systems compo- nents. The section concludes with a review of the key elements of the general model for AIS. The second section of the chapter deals with the impact of organizational structure on AIS. Here we examine the business organization as a system of interrelated functions. Extensive attention is given the IT and accounting segments, which play collaborative roles as the purveyors of financial information for the rest of the IP AIRE Ih Overview of Accounting Information Systems organization. The final section discusses the unique responsibility of accountants as domain experts in the design of AIS and as auditors of AIS. The Information Environment We begin the study of AIS with the recognition that information is a business resource. Like other business resources such as raw materials, capital, and labor, information is vital to the survival of the contemporary business organization. Every business day, vast quantities of information flow to decision makers and other users to meet a variety of internal needs. In addition, information flows out from the organization to external users, such as customers, suppliers, and stakeholders who have an interest in the firm. Figure 1-1 presents an overview of these internal and external information flows. The pyramid in Figure 1-1 shows the business organization divided horizontally into several levels of activity. Business operations form the base of the pyramid. These activities consist of the product-oriented work of the organization, such as manufacturing, sales, distribution, billing, and cash receipts. Above the base level, the organization is divided into three management tiers: opera- tions management, middle management, and top management. Operations management is directly responsible for controlling day-to-day operations. Middle management is accountable for the short-term planning and coordination of activities necessary to accomplish organizational objec- tives. Top management is responsible for longer-term planning and setting organizational objec- tives. Every individual in the organization, from business operations to top management, needs information to accomplish his or her tasks. Notice in Figure 1-1 how information flows in two directions within the organization: horizon- tally and vertically. The horizontal flow supports operations-level tasks with highly detailed infor- mation about the many business transactions affecting the firm. This includes information about events such as the sale and shipment of goods, the use of labor and materials in the production process, and internal transfers of resources from one department to another. The vertical flow FIGURE 1-1 INTERNAL AND EXTERNAL FLows OF INFORMATION Top Stakeholders Management Middle Management Operations Management Operations Personnel ® Day-to-Day Operations Information Learning Cengage © lat IP TP BIR The Information System: An Accountant’s Perspective distributes information downward from senior managers to junior managers and operations per- sonnel in the form of instructions, quotas, and budgets. In addition, summarized information per- taining to operations and other activities flows upward to managers at all levels. Management uses this information to support its various planning and control functions. A third flow of information depicted in Figure 1-1 represents exchanges between the organiza- tion and users in the external environment. External users fall into two groups: trading partners and stakeholders. Exchanges with trading partners include customer sales and billing information, purchase information for suppliers, and inventory receipts information. Stakeholders are external entities with a direct or indirect interest in the firm. Stockholders, financial institutions, and gov- ernment agencies are examples of external stakeholders. Information exchanges with these groups include financial statements, tax returns, and stock transaction information. INFORMATION OBJECTIVES Specific information objectives will differ from firm to firm as specific user needs vary. Three fun- damental objectives are, however, common to all organizations: 1. To support the firm’s day-to-day operations. Operations personnel use information to assist them in the efficient and effective discharge of their daily tasks. 2. To support management decision making. Managers use information to assist them in planning and control decisions related to their areas of responsibility. 3. To support the stewardship function of management. Stewardship refers to managers’ responsi- bility to properly manage the resources of the firm and to report on their activities. External users receive stewardship information through traditional financial statements and other mandated reports. Internally, managers receive stewardship information from various responsibility reports. These objectives call for information sets that are diverse in their level of detail and nature. For example, managers cannot effectively employ the finely detailed information needed to support day-to-day operations. Management decision information tends to be highly summarized and ori- ented toward reporting on overall performance and trends rather than routine tasks. Similarly, accrual-based financial statement information, which is prepared for stakeholders, 1s unsuitable for most internal uses. The information needed to satisfy these diverse needs is the product of the information system. AN INFORMATION SYSTEMS FRAMEWORK The information system is the set of formal procedures by which data are collected, stored, processed into information, and distributed to users. Figure 1-2 shows the information system of a hypothetical manufacturing firm decomposed into its elemental subsystems. Notice that two broad classes of systems emerge from the decompo- sition: the accounting information system (AIS) and the management information system (MIS). We will use this framework to identify the domain of AIS and distinguish it from MIS. Keep in mind that Figure 1-2 is a conceptual view; physical information systems are not typically organized into such discrete packages. More often, MIS and AIS functions are integrated within physical systems to achieve operational efficiency. The distinction between AIS and MIS centers on the concept of a transaction, as illustrated by Figure 1-3. The information system accepts input, called transactions, which are converted through various processes into output information that goes to users. Transactions fall into two classes: financial transactions and nonfinancial transactions. Before exploring this distinction, let’s first define the term ‘ransaction: A transaction is an event that affects or is of interest to the organization and is processed by its information system as a unit of work. 6 PIN IRIE Overview of Accounting Information Systems FIGURE 1.9 A FRAMEWORK FOR INFORMATION SYSTEMS Information System (IS) Accounting Management Information Information System (AIS) System (MIS) General Transaction Management Ledger/Financial Processing Reporting Vill Marketing Distribution lve ; anagement Resource Reporting System System System Systems Systems Systems Svcioms (GL/FRS) (TPS) (MRS) ¥ y (Chapter 8) (Chapter 2) (Chapter 8) Expenditure Conversion Revenue Cycle Cycle Cycle (Chapters 5 & 6) (Chapter 7) (Chapter 4) Cost Sales Purchase Accounting Processing System System System Production Cash Soul Planning and Disbursement Receipts Control System System System Payroll Processing System ® Fixed Asset System Cengage © Learning oe Cn Os We ae TRANSACTIONS PROCESSED BY THE INFORMATION SYSTEM ~~ Financial Transactions Information Nonfinancial Transactions Learning® ©Cengage CO Val NIP TEER I The Information System: An Accountant’s Perspective This definition encompasses both financial and nonfinancial events. Because financial transactions are of particular importance to the accountant’s understanding of information systems, we need a precise definition for this class of transaction: A financial transaction is an economic event that affects the assets and equities of the organiza- tion, Is reflected in its accounts, and is measured in monetary terms. Sales of products to customers, purchases of inventory from vendors, and cash disbursements and receipts are examples of financial transactions. Every business organization is legally bound to correctly process these types of transactions. Nonfinancial transactions are events that do not meet the narrow definition of a financial trans- action. For example, adding a new supplier of raw materials to the list of valid suppliers is an event that may be processed by the enterprise’s information system as a transaction. Important as this information obviously is, it is not a financial transaction, and the firm has no legal obligation to process it correctly—or at all. Financial transactions and nonfinancial transactions are closely related and are often pro- cessed by the same physical system. For example, consider a financial portfolio management system that collects and tracks stock prices (nonfinancial transactions). When the stocks reach a threshold price, the system places an automatic buy or sell order (financial transaction). Buy- ing high and selling low is bad for business, but it is not against the law. Therefore, no law requires company management to design optimal buy-and-sell rules into their system. Once the order is placed, however, the processing of this financial transaction must comply with legal and professional guidelines. The Accounting Information System AIS subsystems process financial transactions and nonfinancial transactions that directly affect the processing of financial transactions. For example, changes to customers’ names and addresses are processed by the AIS to keep the customer file current. Although not technically financial transac- tions, these changes provide vital information for processing future sales to the customer. The AIS is composed of three major subsystems: (1) the transaction processing system (TPS), which supports daily business operations with numerous reports, documents, and messages for users through- out the organization; (2) the general ledger/financial reporting system (GL/FRS), which produces the traditional financial statements, such as the income statement, balance sheet, statement of cash flows, tax returns, and other reports required by law; and (3) the management reporting system (MRS), which provides internal management with special-purpose financial reports and information needed for deci- sion making such as budgets, variance reports, and responsibility reports. We examine each of these subsystems in the following sections of this chapter. The Management Information System Management often requires information that goes beyond the domain of AIS. As organizations grow in size and complexity, specialized functional areas emerge, requiring additional information for production planning and control, sales forecasting, inventory warehouse planning, market research, and so on. The MIS processes nonfinancial transactions that are not normally processed by traditional AIS. Table 1-1 gives examples of typical MIS applications related to functional areas of a firm. The Need to Distinguish between AIS and MIS SOX legislation requires that corporate management design and implement internal controls over the entire financial reporting process. This includes the financial reporting system, the general led- ger system, and the transaction processing systems that supply the data for financial reporting. SOX further requires that management certify these controls and that the external auditors express an opinion on control effectiveness. Because of the highly integrative nature of modern PAN IR A I Overview of Accounting Information Systems Examptes OF MIS AppLicaTIONsINFUNCTIONAL AREAS Function Examples of MIS Applications Finance Portfolio management systems Capital budgeting systems Marketing Market analysis New product development Product analysis Distribution Warehouse organization and scheduling Delivery scheduling Vehicle loading and allocation models Personnel Human resource management systems g Job skill tracking system a Employee benefits system Learning® ©Cengage information systems, management and auditors need a conceptual view of the information system that clearly distinguishes key processes and areas of risk and legal responsibility from other (non- legally binding) aspects of the system. Without such a model, mandated management and audit responsibilities under SOX may not be efficiently or adequately met. AIS SUBSYSTEMS We devote separate chapters to an in-depth study of each AIS subsystem depicted in Figure 1-2. At this point, we briefly outline the role of each subsystem. Transaction Processing System The TPS is central to the overall function of the information system. It converts economic events into financial transactions, records financial transactions in the accounting records (journals and ledgers), and distributes essential financial information to operations personnel to support their daily operations. The TPS deals with business events that occur frequently. In a given day, a firm may process thousands of transactions. To deal efficiently with such volume, similar types of transactions are grouped into transaction cycles. The TPS consists of three transaction cycles: the revenue cycle, the expenditure cycle, and the conversion cycle. Each cycle captures and processes different types of financial transactions. Chapter 2 of this text provides an overview of transaction processing. Chapters 4, 5, 6, and 7 examine in detail the revenue, expenditure, and conversion cycles. General Ledger/Financial Reporting Systems The general ledger system (GLS) and the financial reporting system (FRS) are two closely related subsystems. Because of their operational interdependency, however, they are generally viewed as a single integrated system—the GL/FRS. The bulk of the input to the GL portion of the system comes from transaction cycle subsystems. Summaries of transaction activity are processed by the GLS to update the general ledger control accounts. Other, less common and infrequent, events such as stock transactions, mergers, and lawsuit settlements, for which there may be no formal processing cycle in place, enter the GLS through alternate sources. The FRS measures the status of financial resources and the changes in those resources and communicates this information to external users. This type of reporting is called nondiscretionary reporting because the organization has few or no choices in the information it provides. Much of this information consists of tradi- tional financial statements, tax returns, and other reports demanded by law. Che AGee lige Reel The Information System: An Accountant's Perspective Management Reporting System Managers must respond rapidly to many day-to-day business problems, as well as plan and con- trol their operations. The MRS provides the internal financial information needed to manage a business. Typical reports produced by the MRS include budgets, variance reports, cost- volume-profit analyses, and reports using current (rather than historical) cost data. This type of reporting is called discretionary reporting because the organization can choose what information to report and how to present it. A GENERAL MODEL FOR AIS Figure 1-4 presents the general model for AIS. This is a general model because it applies to all accounting information systems, regardless of their underlying technologies. The model depicts the relationship between the key elements that constitute an AIS application: end users, data sources, data collection, data processing, database management, information generation, and feed- back. Each of these is discussed next. End Users End users fall into two general groups: external and internal. External users include creditors, stock- holders, potential investors, regulatory agencies, tax authorities, suppliers, and customers. Internal users include management at all levels of the organization, as well as operations personnel. In con- trast to their more structured external reporting responsibilities, organizations have a great deal of latitude when it comes to internal reporting, which is driven by what best gets the job done. Internal reporting is, however, characterized by frequent changes in the information needs of internal users. This volatility poses a significant challenge to system designers who must balance the information requests and needs of internal users against legal, economic, internal control, and security issues. Frequent changes in information requirements necessitate information system changes, which in turn expose systems to material errors and, as we shall see later in this text, the potential for fraud. FIGURE 1-4 GENERAL MopEL FoR ACCOUNTING INFORMATION SYSTEMS The External Environment Database Management Bee f Data Data Information External pss : Collection Processing Generation End Users Feedback Internal Internal Sources oA End Users of Data The Business Organization Learning” jage Feedback Jeng IPN IR IY I Overview of Accounting Information Systems DATA VERSUS INFORMATION. Before discussing the data sources portion of Figure 1-4, we need to make an important distinction between the terms data and information. Data are facts, which may or may not be processed (edited, summarized, or refined) and have no direct effect on a user’s actions. By contrast, information causes the user to take an action that he or she otherwise could not, or would not, have taken. Information is often defined simply as processed data, but this definition is inadequate. Information is determined by the effect it has on the user, not by its physical form. For example, a purchasing agent receives a daily report listing raw material inven- tory items that are at low levels. This report causes the agent to place orders for more inventories. The facts in this report have information content for the purchasing agent. This same report in the hands of the personnel manager, however, is a mere collection of facts, or data, causing no action and having no information content. In other words, one person’s information is another person’s data. Thus, information is not just a set of processed facts arranged in a formal report. Information triggers users to take actions that support their day-to-day business tasks, resolve conflicts, and plan for the future. We should note that action does not necessarily mean a physical act. For instance, a purchasing agent who receives a report showing that inventory levels are adequate will respond by ordering nothing. The agent’s action to do nothing is a conscious decision, triggered by information and different from doing nothing because of being uninformed. The distinction between data and information has pervasive implications for the study of information systems. If output from the information system fails to cause users to act, the system serves no purpose. Data Sources Data sources are financial transactions that enter the information system from either internal or external sources. External financial transactions are the most common source of data. These are economic exchanges with other business entities and individuals outside the firm. Examples include the sale of goods and services, the purchase of inventory, the receipt of cash, and the dis- bursement of cash (including payroll). Internal financial transactions involve the exchange or movement of resources within the organization. Examples include the movement of raw materials into work-in-process (WIP), the application of labor and overhead to WIP, the transfer of WIP into finished goods inventory, and the depreciation of plant and equipment. Data Collection Data collection is the first operational stage in the information system. The objective is to ensure that event data entering the system are valid, complete, and free from material errors. In many respects, this is the most important stage in the system. Should transaction errors pass through data collection undetected, the system may process the errors and generate erroneous and unreli- able output. This, in turn, could lead to incorrect actions and poor decisions by the users. Two rules govern the design of data collection procedures: relevance and efficiency. The infor- mation system should capture only relevant data. A fundamental task of the system designer is to determine what is and what is not relevant. He or she does so by analyzing the user’s needs. Only data that ultimately contribute to information (as defined previously) are relevant. The data col- lection stage should be designed to filter irrelevant facts from the system. Efficient data collection procedures are designed to collect data only once. These data can then be made available to multiple users. Capturing the same data more than once overloads facilities and leads to data redundancy, which causes inconsistencies among the redundant elements and reduces overall system effectiveness. Data Processing Once collected, data usually require processing to produce information. Data processing tasks range from simple to complex. Examples include mathematical algorithms (such as linear programming models) used for production scheduling applications, statistical techniques for sales forecasting, and posting and summarizing procedures used for accounting applications. Chi At Pe ae aaa The Information System: An Accountant’s Perspective 1-5 THE Data HicRARCHY Attributes, Records, and Files Attributes of Accounts Receivable Accounts Customer Account Number (Key) Receivable Customer Name Customer Address Record Current Balance of Account Customer Credit Limit All Accounts Receivable Records Accounts Receivable Accounts 1 it File Receivable Record Learning” ©Cengage Database Management The organization’s database is its physical repository for financial and nonfinancial data. We use the term database in the generic sense. The term could apply to a filing cabinet or a computer disk. Regardless of the database’s physical form, business data are organized in a logical hierar- chy. The levels in the data hierarchy—attribute, record, and file—are illustrated in Figure 1-5. DATA ATTRIBUTE. The data attribute is the most elemental piece of potentially useful data in the database. An attribute is a logical and relevant characteristic of an entity about which the firm captures data. The attributes shown in Figure 1-5 are logical because they all relate to a common entity—accounts receivable (AR). Each attribute is also relevant because it contributes to the information content of the entire set of attributes. As proof of this, the absence of any single rele- vant attribute diminishes or destroys the information content of the set. The addition of irrelevant or illogical attributes would not enhance the information content of the set. RECORD. A record is a complete set of attributes for a single occurrence within an entity class. For example, a particular customer’s name, address, and account balance is one occurrence (or record) within the AR class. To find a particular record within the database, we must be able to identify it uniquely. Therefore, every record in the database must be unique in at least one attribute.' This unique identifier attribute is called the primary key. Because no natural attribute (such as customer name) can guarantee uniqueness, we typically assign artificial keys to records. The key for the AR records in Figure 1-5 is the customer account number. This is the only unique identifier in this record class. The other attributes possess values that may also exist in other records. For instance, multiple customers may have the same name, sales amounts, credit limits, and balances. Using any one of these as a key to find a specific record would not work effi- ciently. These nonunique attributes are, however, often used as secondary keys for categorizing 1 When we get into more advanced topics, we will see how a combination of nonunique attributes can be used as a unique identifier. PAN TR IE I Overview of Accounting Information Systems data. For example, the account balance attribute can be used to prepare a list of customers with balances greater than $10,000. FILE. A file (or table) is a complete set of records of an identical class. For example, all the AR records of the organization constitute the AR file. Similarly, files are constructed for other classes of records such as inventory, accounts payable, and payroll. The organization’s database is the entire collection of such files. DATABASE MANAGEMENT TASKS. Database management involves three fundamental tasks: storage, retrieval, and deletion. The storage task assigns keys to new records and stores them in their proper location in the database. Retrieval is the task of locating and extracting an existing record from the database for processing. After processing is complete, the storage task restores the updated record to its place in the database. Deletion is the task of permanently removing obsolete or redundant records from the database. Information Generation Information generation is the process of compiling, arranging, formatting, and presenting informa- tion to users. Information can be an operational document such as a sales order, a structured report, or a message on a computer screen. Regardless of physical form, useful information has the following characteristics: relevance, timeliness, accuracy, completeness, and summarization. RELEVANCE. The contents of a report or document must serve a purpose. This could be to sup- port a manager’s decision or a clerk’s task. We have established that only data relevant to a user’s action have information content. Therefore, the information system should present only relevant data in its reports. Reports containing irrelevancies waste resources and may be counterproductive to the user. Irrelevancies detract attention from the true message of the report and may result in incorrect decisions or actions. TIMELINESS. The age of information is a critical factor in determining its usefulness. Informa- tion must be no older than the time frame of the action it supports. For example, if a manager makes decisions daily to purchase inventory from a supplier based on an inventory status report, then the information in the report should be no more than a day old. ACCURACY. Information must be free from material errors. Materiality is, however, a difficult concept to quantify. It has no absolute value; it is a problem-specific concept. This means that, in some cases, information must be perfectly accurate. In other instances, the level of accuracy may be lower. A material error exists when the amount of inaccuracy in information causes the user to make poor decisions or to fail to make necessary decisions. We sometimes must sacrifice absolute accuracy to obtain timely information. Often, perfect information is not available within the user’s decision time frame. Therefore, in providing information, system designers seek a balance between information that is as accurate as possible, yet timely enough to be useful. COMPLETENESS. No piece of information essential to a decision or task should be missing. For example, a report should provide all necessary calculations and present its message clearly and unambiguously. SUMMARIZATION. Information should be aggregated in accordance with the user’s needs. Lower-level managers tend to need information that is highly detailed. As information flows upward through the organization to top management, it becomes more summarized. Feedback Feedback is a form of output that is sent back to the system as a source of data. Feedback may be internal or external and is used to initiate or alter a process. For example, an inventory status GGA. Pal IB Rawal The Information System: An Accountant’s Perspective report signals the inventory control clerk that items of inventory have fallen to, or below, their minimum allowable levels. Internal feedback from this information will initiate the inventory ordering process to replenish the inventories. Similarly, external feedback about the level of uncol- lected customer accounts can be used to adjust the organization’s credit-granting policies. Organizational Structure and AIS In later chapters we see how the design and/or audit of accounting information systems require an understanding of the functional segments and activities that constitute an organization’s structure. Physical accounting information systems are comprised of technologies of various types and configura- tions, as well as people and tasks from across the organization. Indeed, the so-called accounting infor- mation system actually involves diverse accounting and nonaccounting activities and personnel. For example, the sales processing system, which is a subsystem of the revenue cycle (refer to Figure 1-2), includes the following organization functions: sales, credit, inventory control, warehousing, shipping, billing, accounts receivable, general ledger, and data processing. Figure 1-6 depicts these and other typical business functions for a hypothetical manufacturing firm. The shaded functions in Figure 1-6 (those associated with processing sales orders) emphasize the entity-wide impact of AIS. FUNCTIONAL SEGMENTATION Segmentation by business function is a common method of organizing a business entity. Func- tional segments derive from the flow of resources through the firm. For example, assume a manufacturing firm that employs the following resources: materials, labor, financial capital, and information. Table 1-2 shows the relationship between these resources and the functional segments that manage them. The segments and the functions within them will vary among organizations, depending on their size and lines of business. A public water company, for example, does not need to market its product and probably will have little in the way of advertising or market research functions. Also, a service organi- zation with no inventories to manage will not need an inventory control function. The remainder of this section outlines the functional areas for the hypothetical firm represented in Figure 1-6. Materials Management The objective of materials management is to plan and control the materials inventory of the com- pany. A manufacturing firm must have sufficient inventories on hand to meet its production needs and yet avoid excessive inventory levels. Every dollar invested in inventory is a dollar that is not earning a return. Furthermore, idle inventory can become obsolete, lost, or stolen. Ideally, a firm would coordinate inventory arrivals from suppliers such that they move directly into the produc- tion process. As a practical matter, however, most organizations maintain safety stocks to carry them through the lead time between placing the order for inventory and its arrival. We see from Figure 1-6 that materials management has three sub-functions: 1. Purchasing is responsible for ordering inventory from vendors when inventory levels fall to their reorder points. The nature of this task varies among organizations. In some cases, purchasing requires no more than sending a purchase order to a designated vendor. In other cases, this task involves soliciting bids from a number of competing vendors. The nature of the business and the type of inventory determine the extent of the purchasing function. NW Receiving is the task of accepting the inventory previously ordered by purchasing. Receiving activities include counting and checking the physical condition of these items. This is an organization’s first, and perhaps only, opportunity to detect incomplete deliveries and dam- aged merchandise before they move into the production process. 3. Stores takes physical custody of the inventory received and releases these resources into the production process as needed. 14 PAA Rees Overview of Accounting Information Systems uoleuSIUILUpY UO|PEIISIUILUPY juawdojaneq aoueuaule/\ qbuluea] abeiuag @ ABojouyoe| aseqeeq swelshS yIOMION pue UOITEWOJU| Ouyunosoy Bununosoy syunosoOWy ajqehed Ne SOD, oike pexi4 sjessy juawesungsiq juawebeuey\ s}diao0y Aunseady O1|OJOd goueul4 Yseg syyeueg BuninioayBuluresy Huljasunog uoleziueHhic sseuisng uonnquisiq J@UUOSI8g joey Wul4 Buneaweyy Old UOHOW Buisieapyyoreasey uoHONpold 40 V SVAYW Huunjoerjynuey\ IWNOILINN yoddns sjeuayey\ Burseyoind BHulAisoey Salols oF juowaebeuel\ aunola GILIVAG Pale rE Ram The Information System: An Accountant’s Perspective -2 | Functions From Resources — Resource Functional Seqment Materials Materials Management Production Marketing Distribution Labor Personnel ® Financial Capital Finance Information Accounting Information technology Cengage © Learning Production Production activities occur in the conversion cycle in which raw materials, labor, and plant assets are used to create finished products. The specific activities are determined by the nature of the products being manufactured. In general they fall into two broad classes: (1) primary manufactur- ing activities and (2) production support activities. Primary manufacturing activities shape and assemble raw materials into finished products. Production support activities ensure that primary manufacturing activities operate efficiently and effectively. These include, but are not limited to, the following types of activities: Production planning involves scheduling the flow of materials, labor, and machinery to efficiently meet production needs. This requires information about the status of sales orders, raw materials inventory, finished goods inventory, and machine and labor availability. Quality control monitors the manufacturing process at various points to ensure that the finished products meet the firm’s quality standards. Effective quality control detects problems early to facili- tate corrective action. Failure to do so may result in excessive waste of materials and labor. Maintenance keeps the firm’s machinery and other manufacturing facilities in running order. The manufacturing process relies on its plant and equipment and cannot tolerate breakdowns during peak production periods. Therefore, the key to maintenance is prevention—the scheduled removal of equipment from operations for cleaning, servicing, and repairs. Many manufacturers have elaborate preventive maintenance programs. To plan and coordinate these activities, mainte- nance engineers need extensive information about the history of equipment usage and future scheduled production. Marketing The marketplace needs to know about, and have access to, a firm’s products. The marketing func- tion deals with the strategic problems of product promotion, advertising, and market research. On an operational level, marketing performs such daily activities as sales order entry. Distribution Distribution is the activity of getting the product to the customer after the sale. This is a critical step since much can go wrong before the customer takes possession of the product. Incorrect ship- ments, damaged merchandise, or excessive lags between taking and filling of orders can result in customer dissatisfaction and lost sales. Ultimately, success depends on filling orders accurately in the warehouse, packaging goods correctly, and shipping them quickly to the customer. PAN IR WE Ih Overview of Accounting Information Systems Personnel Competent and reliable employees are a valuable resource to a business. The objective of the per- sonnel function is to effectively manage this resource. A well-developed personnel function includes recruiting, training, continuing education, counseling, evaluating, labor relations, and compensation administration. Finance The finance function manages the financial resources of the firm through banking and treasury activities, portfolio management, credit evaluation, cash disbursements, and cash receipts. Because of the cyclical nature of business, many firms swing between positions of excess funds and cash deficits. In response to these cash flow patterns, financial planners seek lucrative investments in stocks and other assets, and low-cost lines of credit from banks. The finance function also admin- isters the daily flow of cash in and out of the firm. THE ACCOUNTING FUNCTION Accounting manages the financial information resource of the firm. In this regard, it plays two important roles in transaction processing. First, accounting captures and records the financial effects of the economic events that constitute the firm’s transactions. These include events such as the movement of raw materials from the warehouse into production, shipments of the finished products to customers, cash flows into the firm and deposits in the bank, the acquisition of inven- tory, and the discharge of financial obligations. Second, accounting distributes transaction infor- mation to operations personnel to coordinate many of their key tasks. The following accounting functions contribute directly to business operations: inventory control, cost accounting, payroll, accounts payable, accounts receivable, billing, fixed asset accounting, and the general ledger. We deal with each of these specifically in later chapters. For the moment, however, we need to main- tain a broad view of accounting to understand its functional role in the organization. The Value of Information The value of information to a user is determined by its reliability. We saw earlier that the purpose of information is to lead the user to a desired action. For this to happen, information must possess certain attributes—relevance, accuracy, completeness, summarization, and timeliness. When these attributes are consistently present, information has reliability and provides value to the user. Unre- liable information has no value. At best, it is a waste of resources; at worst, it can lead to dysfunc- tional decisions. Consider the following example: A marketing manager signed a contract with a customer to supply a large quantity of product by a certain deadline. He made this decision based on information about finished goods inventory levels. Because of faulty record keeping, however, the information was incorrect. The actual inventory levels of the product were insufficient to meet the order, and the necessary quantities could not be manu- factured by the deadline. Failure to comply with the terms of the contract resulted in litigation. This poor sales decision was a result of flawed information. Effective decisions require informa- tion that has a high degree of reliability. Accounting Independence Information reliability rests heavily on the concept of accounting independence. Simply stated, accounting activities must be separate and independent of the functional areas that manage and main- tain custody of physical resources. For example, accounting monitors and records the movement of raw materials into production and the sale of finished goods to customers. Accounting authorizes pur- chases of raw materials and the disbursement of cash payments to vendors and employees. Accounting supports these functions with information, but does not participate in the physical activities. GAL AS Pile Raat The Information System: An Accountant’s Perspective INFORMATION TECHNOLOGY Figure 1-6 depicts four information technology (IT) functions: (1) data processing, (2) systems development and maintenance, (3) database administration, and (4) network administration. Although an organization may have many additional IT functions, these four are included in this discussion because they hold specific internal control concerns for management and auditors that we will investigate in detail in later chapters. Below, we outline the key features of each of them. Data Processing The data processing function brings to bear IT personnel, computer hardware, application pro- grams (software), and corporate data to support user information needs through transaction pro- cessing and information reporting. Data processing configurations vary among different types of business entities. At one end of a continuum of options is the centralized data processing model, and at the other end 1s the distributed data processing model. Many organizations employ a com- bination of centralized and distributed processing. CENTRALIZED DATA PROCESSING. Under the centralized data processing model, all data processing is performed by one or more large computers housed in a common data center that serves users throughout the organization. Figure 1-7 illustrates the centralized approach. End users process transactions from terminals in their respective departments, which are connected to the central computer and database. Because the computing resources (IT personnel, hardware, software, and data) are centrally located and accessible by all authorized users, the centralized data processing configuration lends itself to intra-organization communication and data sharing between user departments. DISTRIBUTED DATA PROCESSING. Figure 1-8 depicts the distributed data processing (DDP) model, in which users process their transactions locally. Under this configuration each user seg- ment possesses the IT personnel, facilities, hardware, software, and data they need to support FIGURE 1-7 Coltig).40m DYWy WlodKolel11 ei [e) >)18 Data User Departments Processing Center User Departments Transactions Transactions User #1 User #2 Terminal Terminal Centralized Computer Transactions Central Transactions User #3 User #4 TIM Corporate Terminal Terminal data Learning” ©Cengage PeAGR Sele Overview of Accounting Information Systems FIGURE 1-8 DisTRIBUTED Data PROCESSING MODEL User Segment 1 User Segment 2 Network Transactions Connection Transactions User #1 User #2 Computer Computer Local Local User User Network Database Database Network Connection Connection User Segment 3 User Segment 4 Transactions Transactions User #3 Network Computer Connection Local Local User User Database Database Learning” ©Cengage their operations. Unlike in the centralized approach, users in a DDP environment function independently and tend not to share data and information. Any necessary sharing, however, is accomplished through network connections between the users. Both the centralized and distributed data processing models have their respective benefits, risks, and internal control implications. We will examine these issues in detail in subsequent chapters. Systems Development and Maintenance The information system needs of organizations are met by two related functions: systems develop- ment and systems maintenance. The systems development function is the process by which organi- zations acquire information systems. The systems maintenance function is responsible for making changes to existing systems to accommodate changes in user needs. We examine each of these functions separately below. SYSTEMS DEVELOPMENT. Organizations acquire information systems in two ways: they pur- chase commercial software and/or they build custom systems in-house from scratch. Commercial software is available for both general accounting use and for industry-specific applications, such as medical billing. Commercial software packages are sometimes called turnkey systems because they can often be implemented by the user with little or no modification. The business community has recognized the many advantages of buying commercial systems. Software vendors such as Microsoft, Oracle, and SAP design their products to appeal to a large community of users, which keeps down the unit cost to the customer. Also, by purchasing com- mercial packages, client companies can acquire effective business solutions that are thoroughly tested, free from errors, and are current with professional standards and technological innovations designed by domain experts. Both small and large firms that have standardized information needs are potential customers for commercial software. Larger organizations with unique information CAHE ASE elt Rasa The Information System: An Accountant’s Perspective needs often develop custom software through a formal process called the systems development life cycle. Creating custom software requires the organization to have an in-house team of qualified and experienced IT professionals consisting of systems analysts, programmers, and database designers. The IT team works with corporate users to assess their information needs, design com- puter solutions, and physically implement them. Custom systems are more expensive than commercial packages because the organization must absorb all the development costs, which commercial vendors are able to spread across the entire user population. For example, companies in competitive, fast-moving industries such as telecom- munications, pharmaceuticals, and financial services invest hundreds of millions of dollars in cus- tom software. When information needs are unique, however, and no commercial package adequately meets them, custom software is often the only option. To fill this void some commercial software vendors design their systems in modules that allow flexibility through numerous processing options. Large scale enterprise resource planning (ERP) sys- tems are an example of this approach. The base ERP system is comprised of thousands of small program modules. From this vast array of options the IT team selects those modules that support the organization’s specific information and data-processing needs. Configuring the system in this way often takes many months, but the result is a customized system with the advantages of a com- mercial system. ERP key features, benefits, risks, and control issues are discussed in Chapter 11. SYSTEMS MAINTENANCE. Over the course of the system’s life (often several years), a system may be modified many times as user needs change and evolve. Maintenance changes may be triv- ial, such as modifying the system to produce an additional report, or significant, such as modify- ing it to execute new accounting rules that impact many different system modules. Between 80 and 90 percent of a system’s total cost may be incurred because of maintenance activities. Systems development and maintenance activities constitute material financial investments in hardware, software, and personnel for many organizations. These activities also represent signifi- cant risks that need to be controlled and, consequently, are of concern to management and accountants. We deal with these issues in detail in Chapters 13, 14, and 17. Database Administration Centrally organized companies maintain their data resources in a central location that is shared by all authorized end users (refer to Figure 1-7). In this shared-data arrangement, a special indepen- dent group—database administration—headed by the database administrator is responsible for the security and integrity of the database. We explore the database concept and the role of the data- base administrator in Chapter 9. Network Administration A network is a collection of interconnected computers and communications devices that allows users to communicate, access data and applications, and share information and resources. Network administration is responsible for the effective functioning of the software and hardware that constitute the organization’s network. This involves configuring, implementing, and maintain- ing network equipment. In addition, network administration is responsible for monitoring network activity to ensure that the network is being used in accordance with company policies and that it is secure from attack by hackers from outside the organization as well as unauthorized individuals within the organization. Network technologies, security issues, and control techniques are the topics of Chapters 12 and 16. Outsourcing the IT Function From this brief discussion we see that the IT segment of an organization comprises highly techni- cal, dynamically changing, and expensive activities. Corporate management has long complained about the administrative burden and high cost associated with managing and maintaining the IT function. In an effort to bring costs under control and to escape their IT headaches, many 20 PEAS Re Tael Overview of Accounting Information Systems corporate executives look to IT outsourcing. Under this practice the organization sells its IT resources (hardware, software, and facilities) to a third-party outsourcing vendor such as HP Enterprise Services (formally EDS). The outsourcing organization then leases back IT services from the vendor for a contract period of typically between five and ten years. The company’s IT employees are often transferred in such deals and become employees of the outsourcing vendor. Of course, when the vendor takes the IT function off shore, employee transfers are not possible. A variant of IT outsourcing, called cloud computing, is location-independent computing, where shared data centers deliver hosted IT services over the Internet. These services fall into three catego- ries: software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS). The concept can be equated to the way in which electricity is delivered to a private home. The home- owner enters into a contract with the local public utility company to deliver electricity as needed. The public utility company may generate some of this electricity, but during high demand periods it will go to the national electric grid to tap into the production of other electricity generators across the coun- try. Similarly, an organization pursuing cloud computing signs a contract with an IT service provider to provide computing resources. When demand exceeds the provider’s IT capacity, it acquires addi- tional capacity from data centers in the “cloud” that are connected via the Internet. A potential risk to the chent firm is that it does not necessarily know where its data are actually being processed, just as the homeowner does not know where his or her electricity is being generated. The advantage to the client organization is access to whatever computing power it needs, while it pays only for what it uses. Also, cloud computing contracts are flexible and relatively short term. In contrast, traditional outsour- cing contracts tend to be fixed price, inflexible, and much longer term. IT outsourcing is a rapidly growing phenomenon. The departure from tradition that it represents carries both advantages and risks that management and auditors need to recognize. In Chapter 15 we explore these issues in detail. The Role of Accountants in AIS Accountants are involved in both the design and the audit of accounting information systems. The final section of this chapter briefly outlines key areas of responsibility; these issues are expanded upon in subsequent chapters. ACCOUNTANTS AS SYSTEM DESIGNERS Accountants play a prominent role on systems development teams as domain experts. In that capacity they are responsible for many aspects of the conceptual system. This involves specifying certain operational rules, reporting requirements, and framing internal control objectives that the system must achieve. The IT professionals on the team are responsible for the physical system including system architecture, programming, and database design. To illustrate the distinction between conceptual and physical systems, consider the following example: The credit department of a retail business requires information about delinquent accounts from the AR department. This information is used to support decisions made by the credit manager regarding the credit-worthiness of customers. The design of the conceptual system involves specifying the criteria for identifying delinquent customers and the information that needs to be reported. As the domain expert, the accountant determines the nature of the information required, its sources, its destination, and the accounting rules that need to be applied. The physical system includes the data storage medium to be used and the method for capturing and presenting the information. IT professionals determine the most economical and effective technologies for accomplishing the task. Hence, systems design is a collaborative effort. Because of the specificity of accounting rules, the implications of material error, and the potential for fraud, the accountant’s involvement in systems design is essential and pervasive throughout the development process. (Cel ANI ys IR Al The Information System: An Accountant’s Perspective 21 ACCOUNTANTS AS SYSTEM AUDITORS Accountant’s perform audits of business organizations for various reasons, which typically involve the accounting information system. The most common audits are external (attestation) audits, internal (operational) audits, and fraud audits. Each type of audit requires that the auditor have a thorough understanding of AIS functions and internal controls. An external audit is an independent attestation performed by an expert—the auditor—who expresses an opinion in the form of a formal audit report regarding the presentation of financial statements. This task, known as the attest function, is performed by Certified Public Accountants (CPAs) who work for public accounting firms that are independent of the client organization being audited. The audit objective is to assure the fair presentation of corporate financial state- ments. This requires auditors to perform tests of the information system’s internal controls as well as substantive tests of data that reside in the system’s databases. External audits are often referred to as financial audits and the SEC requires all publicly traded companies to undergo a financial audit annually. CPAs conducting such audits are acting on behalf of outsiders such as stockholders, creditors, government agencies, and the general public. A critical element in the relationship between auditors and their constituents is the concept of auditor independence. Within the context of an audit, independence means that the auditor is free from factors that might influence the auditors’ report regarding the financial position of the client firm. Such factors include, but are not limited to, financial interests in the client firm including stock holding or employment outside of the attest service, family ties or other personal relation- ships with the client, or provision of nonaudit (advisory) services to audit clients. In the absence of independence, the auditor’s report would be of little value to its users. Attest Service versus Advisory Services An important distinction needs to be made regarding the external auditor’s attestation function and the rapidly growing field of advisory services, which many public accounting firms offer. Advisory services are professional services offered by public accounting firms to improve their client organizations’ opera- tional efficiency and effectiveness. The domain of advisory services is intentionally unbounded so that it does not inhibit the growth of future services that are currently unforeseen. As examples, advisory ser- vices include actuarial advice, business advice, fraud investigation services, information system design and implementation, and internal control assessments for compliance with SOX. Prior to the passage of SOX, accounting firms were permitted to provide advisory services and attest services concurrently to clients. SOX legislation, however, greatly restricts the types of nonaudit services that auditors may render audit clients. It is now unlawful for a registered public accounting firm that is currently providing attest services for a client to provide the following services: * bookkeeping or other services related to the accounting records or financial statements of the audit client * financial information systems design and implementation * appraisal or valuation services, fairness opinions, or contribution-in-kind reports * actuarial services * internal audit outsourcing services * management functions or human resources * broker or dealer, investment adviser, or investment banking services * legal services and expert services unrelated to the audit * any other service that the Board determines, by regulation, is impermissible. The IT advisory services units of public accounting firms have different names in different firms, but they all engage in tasks generally known as risk management. These groups often play a dual role within their respective firms; they provide nonaudit clients with IT advisory services and also work with their firm’s financial audit staff to perform IT-related tests of controls (often called IT auditing) as part of the attestation function. Keep in mind that in many cases the purpose of the 22 PAN IR IP II Overview of Accounting Information Systems task, rather than the task itself, defines the service being rendered. For example, a risk management professional may perform a test of IT controls as an advisory service for a nonaudit client who is preparing for a financial audit by a different public accounting firm. The same professional may perform the same test for an audit client as part of the attest function. Internal Audits Internal auditing is an independent appraisal function established within an organization to exam- ine and evaluate its activities. Internal auditors perform a wide range of activities including con- ducting financial audits, performing IT audits examining an operation’s compliance with organizational policies and legal obligations, evaluating operational efficiency, and detecting and pursuing fraud within the firm. An internal audit is typically conducted by auditors who work for the organization, but this task may be outsourced to other organizations. Internal auditors are often certified as a Certified Internal Auditor (CIA) or a Certified Information Systems Auditor (CISA). While internal audi- tors self-impose independence to perform their duties effectively, they are employed by the organi- zation and represent its interests. These auditors generally answer to executive management of the organization or the audit committee of the board of directors. The standards, guidance, and certi- fication of internal audits are governed mainly by the Institute of Internal Auditors (IIA) and, to a lesser degree, by the Information Systems Audit and Control Association (ISACA). External versus Internal Auditors The characteristic that conceptually distinguishes external auditors from internal auditors is their respective constituencies: while external auditors represent outsiders, internal auditors represent the interests of the organization. Nevertheless, in this capacity, internal auditors often cooperate with and assist external auditors in performing aspects of financial audits. This cooperation 1s done to achieve audit efficiency and reduce audit fees. For example, a team of internal auditors can perform tests of computer controls under the supervision of a single external auditor. The independence and competence of the internal audit staff determine the extent to which external auditors may cooperate with and rely on work performed by internal auditors. Some internal audit departments report directly to the controller. Under this arrangement, the internal auditor’s independence is compromised, and the external auditor is prohibited by professional standards from relying on evidence provided by them. In contrast, external auditors can rely in part on evidence gathered by internal audit departments that are organizationally independent and report to the board of directors’ audit committee (discussed later). A truly independent inter- nal audit staff adds value to the audit process. For example, internal auditors can gather audit evi- dence throughout a fiscal period, which external auditors may then use at year end to conduct more efficient, less disruptive, and less costly audits of the organization’s financial statements. Fraud Audits In recent years fraud audits have, unfortunately, increased in popularity as a corporate governance tool. They have been thrust into prominence by a corporate environment in which both employee theft of assets and major financial frauds by management (e.g., Enron, WorldCom) have become ram- pant. The objective of a fraud audit is to investigate anomalies and gather evidence of fraud that may lead to criminal conviction. Sometimes fraud audits are initiated when corporate management suspects employee fraud. Alternatively, boards of directors may hire fraud auditors to investigate their own executives if theft of assets or financial fraud is suspected. Organizations victimized by fraud usually contract with specialized fraud units of public accounting firms or with companies that specialize in forensic accounting. Typically, fraud auditors have earned the Certified Fraud Examiner (CFE) certi- fication, which is governed by the Association of Certified Fraud Examiners (ACFE). The Role of the Audit Committee The boards of directors of publicly traded companies form a subcommittee known as the audit committee that has special responsibilities regarding audits. This committee is usually composed CISUAN IE WIR Al The Information System: An Accountant’s Perspective 23 of three people who should be outsiders (not associated with the families of executive management nor former officers, etc.). With the advent of the SOX, at least one member of the audit commit- tee must be a “financial expert.” The audit committee serves as an independent “check and bal- ance” for the internat audit function and liaison with external auditors. One of the most significant changes imposed by SOX has been to the relationship between management and the external auditors. Prior to SOX, external auditors were hired and fired by management. Many believe, with some justification, that this relationship erodes auditor independence when disputes over audit practices arise. SOX mandates that external auditors now report to the audit commit- tee, which hires and fires auditors and resolves disputes. To be effective, the audit committee must be willing to challenge the internal auditors (or the entity performing that function) as well as management when necessary. Part of the role of com- mittee members is to look for ways to identify risk. For instance, they might serve as a sounding board for employees who observe suspicious behavior or spot fraudulent activities. In general, they become an independent guardian of the entity’s assets by whatever means is appropriate. Corporate frauds often have some relationship to audit committee failures. These include lack of independence of audit committee members, lack of experienced members on the audit committee, inactive audit committees, and the total absence of an audit committee. Designer/Auditor Duality The accountant’s dual roles of designer and auditor draw upon a common skill set. An accoun- tant cannot effectively conduct an audit if he or she does not understand the principles of sys- tems design. The functions involved in a system, the tasks performed by it, and the internal controls that are, or should be, in place are design issues about which auditors routinely gather evidence. Similarly, an accountant cannot properly design a system without a thorough under- standing of audit issues and concerns. For example, the designer must understand the nature of a particular audit risk before he or she can plan the design of internal control techniques needed to mitigate the risk. Also, the designer must understand audit objectives regarding evidence gathering so he or she may create a system that facilitates the subsequent extraction of audit evidence. The accountant’s dual responsibility for systems design and auditing has greatly influenced the organization and approach taken in this text. Although primarily an AIS design text, chapter topics are presented from the auditor’s perspective. Human activities, manual procedures, and information technologies such as networks, databases, and computer applications that constitute the AIS are presented and discussed within the context of the audit risks they pose and how those risks can be mitigated through internal controls. This approach is followed throughout the remaining chapters of the book. Summary The first section of this chapter introduced basic systems con- method of structuring a business and examined the functions cepts and presented a framework for distinguishing between of a typical manufacturing firm. The section presented two accounting information systems and management information general methods of organizing the IT function: the centralized systems. This distinction is related to the types of transactions approach and the distributed approach. these systems process. AIS applications process financial trans- The final section of this chapter examined the dual roles of actions, and MIS applications process nonfinancial transactions. accountants as (1) designers of AIS and (2) auditors of AIS. The section then presented a general model for accounting The IT function is responsible for designing the physical sys- information systems. The model is composed of four major tem, and the accounting function is responsible for specifying tasks that exist in all AIS applications: data collection, data pro- the conceptual system. An audit is an independent attestation cessing, database management, and information generation. performed by the auditor, who expresses an opinion about The second section examined the relationship between the fairness of a company’s financial statements. A distinction organizational structure and the information system. It was drawn between attestation and financial services. Both focused on functional segmentation as the predominant external and internal auditors conduct IT audits. 24 PAN IR TE JI Overview of Accounting Information Systems Key Terms accounting information systems (AIS) (3) information flows (4) attest function (21) information generation (12) auditor (21) information system (5) centralized data processing (17) infrastructure as a service (laaS) (20) cloud computing (20) internal auditing (22) commercial software (18) IT auditing (21) conceptual system (20) IT outsourcing (20) custom software (19) management information system (MIS) (5) data (10) management reporting system (MRS) (7) data collection (10) network (19) data processing (10) network administration (19) data sources (10) nondiscretionary reporting (8) data storage (20) nonfinancial transactions (7) database (11) physical system (20) database management (|2) platform as a service (PaaS) (20) discretionary reporting (9) reliability (16) distributed data processing (DDP) (17) segments (13) end users (9) software as a service (SaaS) (20) enterprise resource planning (ERP) (19) stakeholders (5) feedback (12) substantive tests (21) financial transaction (7) systems development life cycle (19) general ledger/financial reporting system (GL/FRS) tests of controls (21) (7) trading partners (5) general model for AIS (9) transaction (5) independence (16) transaction processing system (TPS) (7) information (10) turnkey systems (18) Review Questions |. What are the four levels of activity in the pyramid 11. What are the fundamental objectives of all infor- representing the business organization? Distinguish mation systems? between horizontal and vertical flows of information. 12. What does stewardship mean, and what is its role 2. What is the relationship among data, information, in an information system? and an information system? 13. List five functional areas and their sub-functions. 3. Distinguish between AIS and MIS. 14. Distinguish the roles of internal and external What are the three cycles of transaction proces- auditors. sing systems? 15. What is the role of a database administrator? 5. What is discretionary reporting? 16. What is the role of the accounting function in an What are the characteristics of good or useful organization? information? 17. Distinguish between the centralized and distrib- 7. What rules govern data collection? uted approaches to organizing the IT function. 8. What are the levels of data hierarchy? 18. What is distributed data processing? 9. What are the three fundamental tasks of database 19. What is an ERP system? management? 20. What two roles are played by accountants with 10. What is feedback, and how is it useful in an respect to the information system? information system? Cal ANIP WEBI Al The Information System: An Accountant's Perspective 25 21. Define the term attest function. 29. What characteristic conceptually distinguishes 22. Define the term financial services. internal and external auditing? 23. What is IT auditing? 30. What is the role of network administration? 24. Distinguish between conceptual and physical 31. What is cloud computing? systems. 32. Name the two ways in which organizations 25. What is the role of the audit committee of the acquire information systems. board of directors? 33. Why are custom systems more expensive than 26. Who initiates a fraud audit within the commercial systems? organization? 34. What types of companies are potential customers Pap When can external auditors rely on the work for commercial software? performed by internal auditors? 35. Briefly explain accounting independence. 28. Name the tests that auditors perform to gather 36. Why do systems designers need to know anything evidence. about auditing? Discussion Questions Discuss the differences between internal and Discuss the importance of accounting indepen- external users of information and their needs dence in accounting information systems. Give an and demands on an information system. Histor- example of where this concept is important (use ically, which type of user has the firm catered to an example other than inventory control). most? Discuss why it is crucial that internal auditors Comment on the level of detail necessary for report solely to the audit committee of the operations management, middle management, and board of directors and answer to no other stockholders. group. Distinguish between financial and nonfinancial 12: Contrast centralized data processing with transactions. Give three examples of each. distributed data processing. How do the roles of An information system must meet three funda- end users differ between the two approaches? mental objectives. Discuss why these objectives 13. Discuss how conceptual and physical systems dif- cannot effectively be met by a common set of fer and which functions are responsible for each information. of these systems. Do you think transaction processing systems dif- 14. Why is an active board of directors audit com- fer significantly between service and manufactur- mittee important to an organization? ing industries? Are they equally important to both 15. Do you agree with the statement, “The term /T sectors? auditor should be considered obsolete because it Discuss the difference between the financial implies a distinction between regular auditors and reporting system and general ledger system. auditors who examine computerized AIS”? Why Examine Figure |-4 and discuss where and how or why not? problems can arise that can cause the resulting 16. Describe cloud computing and explain how it is information to be bad or ineffective. similar to obtaining a commodity product. Discuss how the elements of efficiency, effective- 17. Why is it important to organizationally separate ness, and flexibility are crucial to the design of an the accounting function from other functions of information system. the organization? Discuss what is meant by the statement, “The 18. What is an external financial audit, and what are accounting system is a conceptual flow of infor- the sources of audit evidence? mation that represents physical personnel, 19. Why do firms outsource their IT functions? machinery, and flows of raw materials and cash Explain the options of traditional IT outsourcing through the organization.” and cloud computing, and how they differ. 26 PAIR IE II Overview of Accounting Information Systems Multiple-Choice Questions Which of the following is NOT a financial 7. When viewed from the highest to most elemental transaction? level, the data hierarchy is a. purchase of products a. attribute, record, file. b. cash receipts b. record, attribute, key. c. update valid vendor file io file, record, attribute. d. sale of inventory d. file, record, key. The following are subsystems of the accounting e. key, record, file. information system, EXCEPT the Which is NOT a source of evidence for an a. transaction processing system. external auditor? b. human resources system. a. work performed by internal auditors c. general ledger/financial reporting system. who organizationally report to the controller d. management reporting system. b. tests of controls Which of the following is NOT a purpose of the substantive tests transaction processing system? d. work performed by internal auditors who a. managing and reporting on the status of finan- report to the audit committee of the BOD cial investments Which of the following is NOT an objective of all b. converting economic events into financial information systems? transactions a. support for the stewardship function of c. distributing essential information to management operations personnel to support their b. support for management decision making daily operations c. support for the day-to-day operations of the d. recording financial transactions in the firm accounting records d. all of the above are objectives The objectives of the data collection activity of the 10. Which of the following best describes the activi- general model for accounting information systems ties of the materials management function? are to collect data that are purchasing, receiving, and inventory control a. relevant and redundant. b. receiving, sales, distribution, and purchasing b. efficient and objective. c. receiving, storage, purchasing, and accounts c. efficient and redundant. payable d. efficient and relevant. d. purchasing, receiving, and storage Which of the following is NOT a characteristic of e. purchasing, storage, and distribution effective information? Which of the following best describes the activi- a. relevance ties of the production function? b. accuracy a. maintenance, inventory control, and produc- c. summarization tion planning d. precision b. production planning, quality control, Which of the following is NOT a database man- manufacturing, and cost accounting agement task? c. quality control, production planning, a. retrieval manufacturing, and payroll b. storage d. maintenance, production planning, storage, and quality control c. summarization e. manufacturing, quality control, and d. deletion