Accounting Information Systems (AIS) PDF

Summary

This document is an introduction to accounting information systems (AIS). It discusses the role information plays in modern businesses and the importance of AIS. Furthermore, it explores the different perspectives of AIS design and auditing.

Full Transcript

The Information
System: An
Accountant’s
Perspective
We
@ Learning Objectives
nlike many other accounting subjects, such as inter-
mediate accounting, accounting information systems After studying this chapter, you should:
(AIS) lacks a well-defined body of knowledge.
Recognize the primary information
Much controversy exists among college faculty as to what
flows within the business
should and should not be covered in the AIS course. To
Telco) alaatelaien
some extent, however, the controversy is being resolved
through legislation. The Sarbanes-Oxley Act (SOX) of 2002 Understand the difference between
established new corporate governance regulations and stan- accounting information systems and
dards for public companies registered with the Securities and management information systems.
Exchange Commission (SEC). This wide-sweeping legislation Oyavel-lesiu-Nate ual -Melharsg-lalacml ol-niy-\-19
impacts public companies, their management, and their audi- lilarelaleelmugclalrleulelaceelale
tors. Of particular importance to AIS students is the impact of ravelalilarelaleelimag-laleleule) acy
SOX on internal control standards and related auditing pro- Know the principal features of the
cedures. Although SOX does not define the entire content of general model for information
the AIS course, it does identify critical areas of study that systems.
need to be included. These topics and more are covered in
Understand the organizational
the chapters of this text.
structure and functional areas ofa
The purpose of this chapter is to place the subject of AIS in
business.
perspective for accountants. Toward this end, the chapter is
divided into three major sections, each dealing with a different Be able to distinguish between
aspect of information systems. The first section explores the external auditing, internal auditing,
information environment of the firm. It identifies the types of and advisory services as they relate to
information used in business, describes the flow of informa- accounting information systems.
tion through an organization, and presents a framework for
viewing AIS in relation to other information systems compo-
nents. The section concludes with a review of the key elements
of the general model for AIS. The second section of the
chapter deals with the impact of organizational structure on
AIS. Here we examine the business organization as a system
of interrelated functions. Extensive attention is given the IT
and accounting segments, which play collaborative roles as
the purveyors of financial information for the rest of the
IP AIRE Ih Overview of Accounting Information Systems

organization. The final section discusses the unique responsibility of accountants as domain experts in
the design of AIS and as auditors of AIS.

The Information Environment
We begin the study of AIS with the recognition that information is a business resource. Like other
business resources such as raw materials, capital, and labor, information is vital to the survival of
the contemporary business organization. Every business day, vast quantities of information flow
to decision makers and other users to meet a variety of internal needs. In addition, information
flows out from the organization to external users, such as customers, suppliers, and stakeholders
who have an interest in the firm. Figure 1-1 presents an overview of these internal and external
information flows.
The pyramid in Figure 1-1 shows the business organization divided horizontally into several
levels of activity. Business operations form the base of the pyramid. These activities consist of the
product-oriented work of the organization, such as manufacturing, sales, distribution, billing, and
cash receipts. Above the base level, the organization is divided into three management tiers: opera-
tions management, middle management, and top management. Operations management is directly
responsible for controlling day-to-day operations. Middle management is accountable for the
short-term planning and coordination of activities necessary to accomplish organizational objec-
tives. Top management is responsible for longer-term planning and setting organizational objec-
tives. Every individual in the organization, from business operations to top management, needs
information to accomplish his or her tasks.
Notice in Figure 1-1 how information flows in two directions within the organization: horizon-
tally and vertically. The horizontal flow supports operations-level tasks with highly detailed infor-
mation about the many business transactions affecting the firm. This includes information about
events such as the sale and shipment of goods, the use of labor and materials in the production
process, and internal transfers of resources from one department to another. The vertical flow

FIGURE
1-1 INTERNAL AND EXTERNAL FLows OF INFORMATION

Top
Stakeholders
Management

Middle
Management

Operations
Management

Operations Personnel ®

Day-to-Day Operations Information

Learning
Cengage
©
 lat IP TP BIR The Information System: An Accountant’s Perspective

distributes information downward from senior managers to junior managers and operations per-
sonnel in the form of instructions, quotas, and budgets. In addition, summarized information per-
taining to operations and other activities flows upward to managers at all levels. Management
uses this information to support its various planning and control functions.
A third flow of information depicted in Figure 1-1 represents exchanges between the organiza-
tion and users in the external environment. External users fall into two groups: trading partners
and stakeholders. Exchanges with trading partners include customer sales and billing information,
purchase information for suppliers, and inventory receipts information. Stakeholders are external
entities with a direct or indirect interest in the firm. Stockholders, financial institutions, and gov-
ernment agencies are examples of external stakeholders. Information exchanges with these groups
include financial statements, tax returns, and stock transaction information.

INFORMATION OBJECTIVES
Specific information objectives will differ from firm to firm as specific user needs vary. Three fun-
damental objectives are, however, common to all organizations:
1. To support the firm’s day-to-day operations. Operations personnel use information to assist
them in the efficient and effective discharge of their daily tasks.
2. To support management decision making. Managers use information to assist them in planning
and control decisions related to their areas of responsibility.
3. To support the stewardship function of management. Stewardship refers to managers’ responsi-
bility to properly manage the resources of the firm and to report on their activities. External
users receive stewardship information through traditional financial statements and other
mandated reports. Internally, managers receive stewardship information from various
responsibility reports.
These objectives call for information sets that are diverse in their level of detail and nature. For
example, managers cannot effectively employ the finely detailed information needed to support
day-to-day operations. Management decision information tends to be highly summarized and ori-
ented toward reporting on overall performance and trends rather than routine tasks. Similarly,
accrual-based financial statement information, which is prepared for stakeholders, 1s unsuitable
for most internal uses. The information needed to satisfy these diverse needs is the product of the
information system.

AN INFORMATION SYSTEMS FRAMEWORK
The information system is the set of formal procedures by which data are collected, stored,
processed into information, and distributed to users.
Figure 1-2 shows the information system of a hypothetical manufacturing firm decomposed
into its elemental subsystems. Notice that two broad classes of systems emerge from the decompo-
sition: the accounting information system (AIS) and the management information system (MIS).
We will use this framework to identify the domain of AIS and distinguish it from MIS. Keep in
mind that Figure 1-2 is a conceptual view; physical information systems are not typically
organized into such discrete packages. More often, MIS and AIS functions are integrated within
physical systems to achieve operational efficiency.
The distinction between AIS and MIS centers on the concept of a transaction, as illustrated by
Figure 1-3. The information system accepts input, called transactions, which are converted
through various processes into output information that goes to users. Transactions fall into two
classes: financial transactions and nonfinancial transactions. Before exploring this distinction, let’s
first define the term ‘ransaction:

A transaction is an event that affects or is of interest to the organization and is processed by its
information system as a unit of work.
6 PIN IRIE Overview of Accounting Information Systems

FIGURE

1.9 A FRAMEWORK FOR INFORMATION SYSTEMS

Information
System (IS)

Accounting Management
Information Information
System (AIS) System (MIS)

General Transaction Management
Ledger/Financial Processing Reporting Vill Marketing Distribution lve
; anagement Resource
Reporting System System System Systems Systems Systems Svcioms
(GL/FRS) (TPS) (MRS) ¥ y
(Chapter 8) (Chapter 2) (Chapter 8)

Expenditure Conversion Revenue
Cycle Cycle Cycle
(Chapters 5 & 6) (Chapter 7) (Chapter 4)

Cost Sales
Purchase
Accounting Processing
System
System System

Production
Cash
Soul Planning and
Disbursement Receipts
Control
System System
System

Payroll
Processing
System

®

Fixed Asset
System

Cengage
©
Learning

oe Cn Os We
ae TRANSACTIONS PROCESSED BY THE INFORMATION SYSTEM
~~

Financial
Transactions
Information

Nonfinancial
Transactions
Learning®
©Cengage
 CO Val NIP TEER I The Information System: An Accountant’s Perspective

This definition encompasses both financial and nonfinancial events. Because financial transactions
are of particular importance to the accountant’s understanding of information systems, we need a
precise definition for this class of transaction:

A financial transaction is an economic event that affects the assets and equities of the organiza-
tion, Is reflected in its accounts, and is measured in monetary terms.
Sales of products to customers, purchases of inventory from vendors, and cash disbursements and
receipts are examples of financial transactions. Every business organization is legally bound to
correctly process these types of transactions.
Nonfinancial transactions are events that do not meet the narrow definition of a financial trans-
action. For example, adding a new supplier of raw materials to the list of valid suppliers is an
event that may be processed by the enterprise’s information system as a transaction. Important as
this information obviously is, it is not a financial transaction, and the firm has no legal obligation
to process it correctly—or at all.
Financial transactions and nonfinancial transactions are closely related and are often pro-
cessed by the same physical system. For example, consider a financial portfolio management
system that collects and tracks stock prices (nonfinancial transactions). When the stocks reach
a threshold price, the system places an automatic buy or sell order (financial transaction). Buy-
ing high and selling low is bad for business, but it is not against the law. Therefore, no law
requires company management to design optimal buy-and-sell rules into their system. Once the
order is placed, however, the processing of this financial transaction must comply with legal and
professional guidelines.

The Accounting Information System
AIS subsystems process financial transactions and nonfinancial transactions that directly affect the
processing of financial transactions. For example, changes to customers’ names and addresses are
processed by the AIS to keep the customer file current. Although not technically financial transac-
tions, these changes provide vital information for processing future sales to the customer.
The AIS is composed of three major subsystems: (1) the transaction processing system (TPS), which
supports daily business operations with numerous reports, documents, and messages for users through-
out the organization; (2) the general ledger/financial reporting system (GL/FRS), which produces the
traditional financial statements, such as the income statement, balance sheet, statement of cash flows,
tax returns, and other reports required by law; and (3) the management reporting system (MRS), which
provides internal management with special-purpose financial reports and information needed for deci-
sion making such as budgets, variance reports, and responsibility reports. We examine each of these
subsystems in the following sections of this chapter.

The Management Information System
Management often requires information that goes beyond the domain of AIS. As organizations
grow in size and complexity, specialized functional areas emerge, requiring additional information
for production planning and control, sales forecasting, inventory warehouse planning, market
research, and so on. The MIS processes nonfinancial transactions that are not normally processed
by traditional AIS. Table 1-1 gives examples of typical MIS applications related to functional
areas of a firm.

The Need to Distinguish between AIS and MIS
SOX legislation requires that corporate management design and implement internal controls over
the entire financial reporting process. This includes the financial reporting system, the general led-
ger system, and the transaction processing systems that supply the data for financial reporting.
SOX further requires that management certify these controls and that the external auditors express
an opinion on control effectiveness. Because of the highly integrative nature of modern
PAN IR A I Overview of Accounting Information Systems

Examptes OF MIS AppLicaTIONsINFUNCTIONAL AREAS

Function Examples of MIS Applications

Finance Portfolio management systems
Capital budgeting systems

Marketing Market analysis
New product development
Product analysis

Distribution Warehouse organization and scheduling
Delivery scheduling
Vehicle loading and allocation models

Personnel Human resource management systems
g Job skill tracking system
a Employee benefits system
Learning®
©Cengage

information systems, management and auditors need a conceptual view of the information system
that clearly distinguishes key processes and areas of risk and legal responsibility from other (non-
legally binding) aspects of the system. Without such a model, mandated management and audit
responsibilities under SOX may not be efficiently or adequately met.

AIS SUBSYSTEMS
We devote separate chapters to an in-depth study of each AIS subsystem depicted in Figure 1-2.
At this point, we briefly outline the role of each subsystem.

Transaction Processing System
The TPS is central to the overall function of the information system. It converts economic events
into financial transactions, records financial transactions in the accounting records (journals and
ledgers), and distributes essential financial information to operations personnel to support their
daily operations.
The TPS deals with business events that occur frequently. In a given day, a firm may process
thousands of transactions. To deal efficiently with such volume, similar types of transactions are
grouped into transaction cycles. The TPS consists of three transaction cycles: the revenue cycle,
the expenditure cycle, and the conversion cycle. Each cycle captures and processes different types
of financial transactions. Chapter 2 of this text provides an overview of transaction processing.
Chapters 4, 5, 6, and 7 examine in detail the revenue, expenditure, and conversion cycles.

General Ledger/Financial Reporting Systems
The general ledger system (GLS) and the financial reporting system (FRS) are two closely related
subsystems. Because of their operational interdependency, however, they are generally viewed as a
single integrated system—the GL/FRS. The bulk of the input to the GL portion of the system
comes from transaction cycle subsystems. Summaries of transaction activity are processed by the
GLS to update the general ledger control accounts. Other, less common and infrequent, events
such as stock transactions, mergers, and lawsuit settlements, for which there may be no formal
processing cycle in place, enter the GLS through alternate sources. The FRS measures the status
of financial resources and the changes in those resources and communicates this information to
external users. This type of reporting is called nondiscretionary reporting because the organization
has few or no choices in the information it provides. Much of this information consists of tradi-
tional financial statements, tax returns, and other reports demanded by law.
 Che AGee lige Reel The Information System: An Accountant's Perspective

Management Reporting System
Managers must respond rapidly to many day-to-day business problems, as well as plan and con-
trol their operations. The MRS provides the internal financial information needed to manage a
business. Typical reports produced by the MRS include budgets, variance reports, cost-
volume-profit analyses, and reports using current (rather than historical) cost data. This type of
reporting is called discretionary reporting because the organization can choose what information
to report and how to present it.

A GENERAL MODEL FOR AIS
Figure 1-4 presents the general model for AIS. This is a general model because it applies to all
accounting information systems, regardless of their underlying technologies. The model depicts
the relationship between the key elements that constitute an AIS application: end users, data
sources, data collection, data processing, database management, information generation, and feed-
back. Each of these is discussed next.

End Users
End users fall into two general groups: external and internal. External users include creditors, stock-
holders, potential investors, regulatory agencies, tax authorities, suppliers, and customers. Internal
users include management at all levels of the organization, as well as operations personnel. In con-
trast to their more structured external reporting responsibilities, organizations have a great deal of
latitude when it comes to internal reporting, which is driven by what best gets the job done. Internal
reporting is, however, characterized by frequent changes in the information needs of internal users.
This volatility poses a significant challenge to system designers who must balance the information
requests and needs of internal users against legal, economic, internal control, and security issues.
Frequent changes in information requirements necessitate information system changes, which in
turn expose systems to material errors and, as we shall see later in this text, the potential for fraud.

FIGURE
1-4 GENERAL MopEL FoR ACCOUNTING INFORMATION SYSTEMS

The External Environment

Database
Management

Bee f Data Data Information External
pss : Collection Processing Generation End Users

Feedback
Internal Internal
Sources oA End Users
of Data The Business Organization

Learning”

jage
Feedback Jeng
IPN IR IY I Overview of Accounting Information Systems

DATA VERSUS INFORMATION. Before discussing the data sources portion of Figure 1-4, we
need to make an important distinction between the terms data and information. Data are facts,
which may or may not be processed (edited, summarized, or refined) and have no direct effect on
a user’s actions. By contrast, information causes the user to take an action that he or she otherwise
could not, or would not, have taken. Information is often defined simply as processed data, but
this definition is inadequate. Information is determined by the effect it has on the user, not by its
physical form. For example, a purchasing agent receives a daily report listing raw material inven-
tory items that are at low levels. This report causes the agent to place orders for more inventories.
The facts in this report have information content for the purchasing agent. This same report in the
hands of the personnel manager, however, is a mere collection of facts, or data, causing no action
and having no information content.
In other words, one person’s information is another person’s data. Thus, information is not just
a set of processed facts arranged in a formal report. Information triggers users to take actions that
support their day-to-day business tasks, resolve conflicts, and plan for the future. We should note
that action does not necessarily mean a physical act. For instance, a purchasing agent who
receives a report showing that inventory levels are adequate will respond by ordering nothing.
The agent’s action to do nothing is a conscious decision, triggered by information and different
from doing nothing because of being uninformed. The distinction between data and information
has pervasive implications for the study of information systems. If output from the information
system fails to cause users to act, the system serves no purpose.

Data Sources
Data sources are financial transactions that enter the information system from either internal or
external sources. External financial transactions are the most common source of data. These are
economic exchanges with other business entities and individuals outside the firm. Examples
include the sale of goods and services, the purchase of inventory, the receipt of cash, and the dis-
bursement of cash (including payroll). Internal financial transactions involve the exchange or
movement of resources within the organization. Examples include the movement of raw materials
into work-in-process (WIP), the application of labor and overhead to WIP, the transfer of WIP
into finished goods inventory, and the depreciation of plant and equipment.

Data Collection
Data collection is the first operational stage in the information system. The objective is to ensure
that event data entering the system are valid, complete, and free from material errors. In many
respects, this is the most important stage in the system. Should transaction errors pass through
data collection undetected, the system may process the errors and generate erroneous and unreli-
able output. This, in turn, could lead to incorrect actions and poor decisions by the users.
Two rules govern the design of data collection procedures: relevance and efficiency. The infor-
mation system should capture only relevant data. A fundamental task of the system designer is to
determine what is and what is not relevant. He or she does so by analyzing the user’s needs. Only
data that ultimately contribute to information (as defined previously) are relevant. The data col-
lection stage should be designed to filter irrelevant facts from the system.
Efficient data collection procedures are designed to collect data only once. These data can then
be made available to multiple users. Capturing the same data more than once overloads facilities
and leads to data redundancy, which causes inconsistencies among the redundant elements and
reduces overall system effectiveness.

Data Processing
Once collected, data usually require processing to produce information. Data processing tasks range
from simple to complex. Examples include mathematical algorithms (such as linear programming
models) used for production scheduling applications, statistical techniques for sales forecasting, and
posting and summarizing procedures used for accounting applications.
 Chi At Pe ae aaa The Information System: An Accountant’s Perspective

1-5 THE Data HicRARCHY

Attributes, Records, and Files

Attributes of Accounts Receivable
Accounts
Customer Account Number (Key)
Receivable
Customer Name
Customer Address Record
Current Balance of Account
Customer Credit Limit

All Accounts Receivable Records

Accounts
Receivable
Accounts 1 it
File
Receivable
Record

Learning”
©Cengage

Database Management
The organization’s database is its physical repository for financial and nonfinancial data. We use
the term database in the generic sense. The term could apply to a filing cabinet or a computer
disk. Regardless of the database’s physical form, business data are organized in a logical hierar-
chy. The levels in the data hierarchy—attribute, record, and file—are illustrated in Figure 1-5.

DATA ATTRIBUTE. The data attribute is the most elemental piece of potentially useful data in
the database. An attribute is a logical and relevant characteristic of an entity about which the firm
captures data. The attributes shown in Figure 1-5 are logical because they all relate to a common
entity—accounts receivable (AR). Each attribute is also relevant because it contributes to the
information content of the entire set of attributes. As proof of this, the absence of any single rele-
vant attribute diminishes or destroys the information content of the set. The addition of irrelevant
or illogical attributes would not enhance the information content of the set.

RECORD. A record is a complete set of attributes for a single occurrence within an entity class. For
example, a particular customer’s name, address, and account balance is one occurrence (or record)
within the AR class. To find a particular record within the database, we must be able to identify it
uniquely. Therefore, every record in the database must be unique in at least one attribute.' This
unique identifier attribute is called the primary key. Because no natural attribute (such as customer
name) can guarantee uniqueness, we typically assign artificial keys to records.
The key for the AR records in Figure 1-5 is the customer account number. This is the only
unique identifier in this record class. The other attributes possess values that may also exist in
other records. For instance, multiple customers may have the same name, sales amounts, credit
limits, and balances. Using any one of these as a key to find a specific record would not work effi-
ciently. These nonunique attributes are, however, often used as secondary keys for categorizing

1 When we get into more advanced topics, we will see how a combination of nonunique attributes can be used as a
unique identifier.
PAN TR IE I Overview of Accounting Information Systems

data. For example, the account balance attribute can be used to prepare a list of customers with
balances greater than $10,000.

FILE. A file (or table) is a complete set of records of an identical class. For example, all the AR
records of the organization constitute the AR file. Similarly, files are constructed for other classes
of records such as inventory, accounts payable, and payroll. The organization’s database is the
entire collection of such files.

DATABASE MANAGEMENT TASKS. Database management involves three fundamental tasks:
storage, retrieval, and deletion. The storage task assigns keys to new records and stores them in
their proper location in the database. Retrieval is the task of locating and extracting an existing
record from the database for processing. After processing is complete, the storage task restores
the updated record to its place in the database. Deletion is the task of permanently removing
obsolete or redundant records from the database.

Information Generation
Information generation is the process of compiling, arranging, formatting, and presenting informa-
tion to users. Information can be an operational document such as a sales order, a structured
report, or a message on a computer screen. Regardless of physical form, useful information has
the following characteristics: relevance, timeliness, accuracy, completeness, and summarization.

RELEVANCE. The contents of a report or document must serve a purpose. This could be to sup-
port a manager’s decision or a clerk’s task. We have established that only data relevant to a user’s
action have information content. Therefore, the information system should present only relevant
data in its reports. Reports containing irrelevancies waste resources and may be counterproductive
to the user. Irrelevancies detract attention from the true message of the report and may result in
incorrect decisions or actions.

TIMELINESS. The age of information is a critical factor in determining its usefulness. Informa-
tion must be no older than the time frame of the action it supports. For example, if a manager
makes decisions daily to purchase inventory from a supplier based on an inventory status report,
then the information in the report should be no more than a day old.

ACCURACY. Information must be free from material errors. Materiality is, however, a difficult
concept to quantify. It has no absolute value; it is a problem-specific concept. This means that, in
some cases, information must be perfectly accurate. In other instances, the level of accuracy may
be lower. A material error exists when the amount of inaccuracy in information causes the user to
make poor decisions or to fail to make necessary decisions. We sometimes must sacrifice absolute
accuracy to obtain timely information. Often, perfect information is not available within the user’s
decision time frame. Therefore, in providing information, system designers seek a balance between
information that is as accurate as possible, yet timely enough to be useful.

COMPLETENESS. No piece of information essential to a decision or task should be missing.
For example, a report should provide all necessary calculations and present its message clearly
and unambiguously.

SUMMARIZATION. Information should be aggregated in accordance with the user’s needs.
Lower-level managers tend to need information that is highly detailed. As information flows
upward through the organization to top management, it becomes more summarized.

Feedback
Feedback is a form of output that is sent back to the system as a source of data. Feedback may be
internal or external and is used to initiate or alter a process. For example, an inventory status
 GGA. Pal IB Rawal The Information System: An Accountant’s Perspective

report signals the inventory control clerk that items of inventory have fallen to, or below, their
minimum allowable levels. Internal feedback from this information will initiate the inventory
ordering process to replenish the inventories. Similarly, external feedback about the level of uncol-
lected customer accounts can be used to adjust the organization’s credit-granting policies.

Organizational Structure and AIS
In later chapters we see how the design and/or audit of accounting information systems require an
understanding of the functional segments and activities that constitute an organization’s structure.
Physical accounting information systems are comprised of technologies of various types and configura-
tions, as well as people and tasks from across the organization. Indeed, the so-called accounting infor-
mation system actually involves diverse accounting and nonaccounting activities and personnel. For
example, the sales processing system, which is a subsystem of the revenue cycle (refer to Figure 1-2),
includes the following organization functions: sales, credit, inventory control, warehousing, shipping,
billing, accounts receivable, general ledger, and data processing. Figure 1-6 depicts these and other
typical business functions for a hypothetical manufacturing firm. The shaded functions in Figure 1-6
(those associated with processing sales orders) emphasize the entity-wide impact of AIS.

FUNCTIONAL SEGMENTATION
Segmentation by business function is a common method of organizing a business entity. Func-
tional segments derive from the flow of resources through the firm. For example, assume a
manufacturing firm that employs the following resources: materials, labor, financial capital, and
information. Table 1-2 shows the relationship between these resources and the functional segments
that manage them.
The segments and the functions within them will vary among organizations, depending on their size
and lines of business. A public water company, for example, does not need to market its product and
probably will have little in the way of advertising or market research functions. Also, a service organi-
zation with no inventories to manage will not need an inventory control function. The remainder of
this section outlines the functional areas for the hypothetical firm represented in Figure 1-6.

Materials Management
The objective of materials management is to plan and control the materials inventory of the com-
pany. A manufacturing firm must have sufficient inventories on hand to meet its production needs
and yet avoid excessive inventory levels. Every dollar invested in inventory is a dollar that is not
earning a return. Furthermore, idle inventory can become obsolete, lost, or stolen. Ideally, a firm
would coordinate inventory arrivals from suppliers such that they move directly into the produc-
tion process. As a practical matter, however, most organizations maintain safety stocks to carry
them through the lead time between placing the order for inventory and its arrival. We see from
Figure 1-6 that materials management has three sub-functions:
1. Purchasing is responsible for ordering inventory from vendors when inventory levels
fall to their reorder points. The nature of this task varies among organizations. In some
cases, purchasing requires no more than sending a purchase order to a designated vendor.
In other cases, this task involves soliciting bids from a number of competing vendors. The
nature of the business and the type of inventory determine the extent of the purchasing
function.
NW Receiving is the task of accepting the inventory previously ordered by purchasing. Receiving
activities include counting and checking the physical condition of these items. This is an
organization’s first, and perhaps only, opportunity to detect incomplete deliveries and dam-
aged merchandise before they move into the production process.
3. Stores takes physical custody of the inventory received and releases these resources into the
production process as needed.
14 PAA Rees Overview of Accounting Information Systems

uoleuSIUILUpY

UO|PEIISIUILUPY
juawdojaneq
aoueuaule/\
qbuluea] abeiuag @

ABojouyoe|

aseqeeq
swelshS

yIOMION
pue
UOITEWOJU|

Ouyunosoy
Bununosoy

syunosoOWy
ajqehed
Ne
SOD,

oike
pexi4
sjessy

juawesungsiq
juawebeuey\

s}diao0y
Aunseady
O1|OJOd
goueul4

Yseg
syyeueg

BuninioayBuluresy Huljasunog
uoleziueHhic
sseuisng

uonnquisiq
J@UUOSI8g

joey
Wul4

Buneaweyy Old
UOHOW Buisieapyyoreasey
uoHONpold
40 V
SVAYW

Huunjoerjynuey\
IWNOILINN

yoddns
sjeuayey\

Burseyoind
BHulAisoey

Salols
oF juowaebeuel\

aunola
 GILIVAG Pale rE Ram The Information System: An Accountant’s Perspective

-2 | Functions From Resources —
Resource Functional Seqment

Materials Materials Management
Production
Marketing
Distribution

Labor Personnel
®
Financial Capital Finance

Information Accounting
Information technology
Cengage
©
Learning

Production
Production activities occur in the conversion cycle in which raw materials, labor, and plant assets
are used to create finished products. The specific activities are determined by the nature of the
products being manufactured. In general they fall into two broad classes: (1) primary manufactur-
ing activities and (2) production support activities. Primary manufacturing activities shape and
assemble raw materials into finished products. Production support activities ensure that primary
manufacturing activities operate efficiently and effectively. These include, but are not limited to,
the following types of activities:

Production planning involves scheduling the flow of materials, labor, and machinery to efficiently
meet production needs. This requires information about the status of sales orders, raw materials
inventory, finished goods inventory, and machine and labor availability.

Quality control monitors the manufacturing process at various points to ensure that the finished
products meet the firm’s quality standards. Effective quality control detects problems early to facili-
tate corrective action. Failure to do so may result in excessive waste of materials and labor.
Maintenance keeps the firm’s machinery and other manufacturing facilities in running order.
The manufacturing process relies on its plant and equipment and cannot tolerate breakdowns
during peak production periods. Therefore, the key to maintenance is prevention—the scheduled
removal of equipment from operations for cleaning, servicing, and repairs. Many manufacturers
have elaborate preventive maintenance programs. To plan and coordinate these activities, mainte-
nance engineers need extensive information about the history of equipment usage and future
scheduled production.

Marketing
The marketplace needs to know about, and have access to, a firm’s products. The marketing func-
tion deals with the strategic problems of product promotion, advertising, and market research. On
an operational level, marketing performs such daily activities as sales order entry.

Distribution
Distribution is the activity of getting the product to the customer after the sale. This is a critical
step since much can go wrong before the customer takes possession of the product. Incorrect ship-
ments, damaged merchandise, or excessive lags between taking and filling of orders can result in
customer dissatisfaction and lost sales. Ultimately, success depends on filling orders accurately in
the warehouse, packaging goods correctly, and shipping them quickly to the customer.
PAN IR WE Ih Overview of Accounting Information Systems

Personnel
Competent and reliable employees are a valuable resource to a business. The objective of the per-
sonnel function is to effectively manage this resource. A well-developed personnel function
includes recruiting, training, continuing education, counseling, evaluating, labor relations, and
compensation administration.

Finance
The finance function manages the financial resources of the firm through banking and treasury
activities, portfolio management, credit evaluation, cash disbursements, and cash receipts. Because
of the cyclical nature of business, many firms swing between positions of excess funds and cash
deficits. In response to these cash flow patterns, financial planners seek lucrative investments in
stocks and other assets, and low-cost lines of credit from banks. The finance function also admin-
isters the daily flow of cash in and out of the firm.

THE ACCOUNTING FUNCTION
Accounting manages the financial information resource of the firm. In this regard, it plays two
important roles in transaction processing. First, accounting captures and records the financial
effects of the economic events that constitute the firm’s transactions. These include events such as
the movement of raw materials from the warehouse into production, shipments of the finished
products to customers, cash flows into the firm and deposits in the bank, the acquisition of inven-
tory, and the discharge of financial obligations. Second, accounting distributes transaction infor-
mation to operations personnel to coordinate many of their key tasks. The following accounting
functions contribute directly to business operations: inventory control, cost accounting, payroll,
accounts payable, accounts receivable, billing, fixed asset accounting, and the general ledger. We
deal with each of these specifically in later chapters. For the moment, however, we need to main-
tain a broad view of accounting to understand its functional role in the organization.

The Value of Information
The value of information to a user is determined by its reliability. We saw earlier that the purpose
of information is to lead the user to a desired action. For this to happen, information must possess
certain attributes—relevance, accuracy, completeness, summarization, and timeliness. When these
attributes are consistently present, information has reliability and provides value to the user. Unre-
liable information has no value. At best, it is a waste of resources; at worst, it can lead to dysfunc-
tional decisions. Consider the following example:

A marketing manager signed a contract with a customer to supply a large quantity of product by a
certain deadline. He made this decision based on information about finished goods inventory levels.
Because of faulty record keeping, however, the information was incorrect. The actual inventory levels
of the product were insufficient to meet the order, and the necessary quantities could not be manu-
factured by the deadline. Failure to comply with the terms of the contract resulted in litigation.
This poor sales decision was a result of flawed information. Effective decisions require informa-
tion that has a high degree of reliability.

Accounting Independence
Information reliability rests heavily on the concept of accounting independence. Simply stated,
accounting activities must be separate and independent of the functional areas that manage and main-
tain custody of physical resources. For example, accounting monitors and records the movement of
raw materials into production and the sale of finished goods to customers. Accounting authorizes pur-
chases of raw materials and the disbursement of cash payments to vendors and employees. Accounting
supports these functions with information, but does not participate in the physical activities.
 GAL AS Pile Raat The Information System: An Accountant’s Perspective

INFORMATION TECHNOLOGY
Figure 1-6 depicts four information technology (IT) functions: (1) data processing, (2) systems
development and maintenance, (3) database administration, and (4) network administration.
Although an organization may have many additional IT functions, these four are included in this
discussion because they hold specific internal control concerns for management and auditors that
we will investigate in detail in later chapters. Below, we outline the key features of each of them.

Data Processing
The data processing function brings to bear IT personnel, computer hardware, application pro-
grams (software), and corporate data to support user information needs through transaction pro-
cessing and information reporting. Data processing configurations vary among different types of
business entities. At one end of a continuum of options is the centralized data processing model,
and at the other end 1s the distributed data processing model. Many organizations employ a com-
bination of centralized and distributed processing.

CENTRALIZED DATA PROCESSING. Under the centralized data processing model, all data
processing is performed by one or more large computers housed in a common data center that
serves users throughout the organization. Figure 1-7 illustrates the centralized approach. End
users process transactions from terminals in their respective departments, which are connected to
the central computer and database. Because the computing resources (IT personnel, hardware,
software, and data) are centrally located and accessible by all authorized users, the centralized
data processing configuration lends itself to intra-organization communication and data sharing
between user departments.

DISTRIBUTED DATA PROCESSING. Figure 1-8 depicts the distributed data processing (DDP)
model, in which users process their transactions locally. Under this configuration each user seg-
ment possesses the IT personnel, facilities, hardware, software, and data they need to support

FIGURE
1-7 Coltig).40m DYWy WlodKolel11 ei [e)
>)18

Data
User Departments Processing Center User Departments

Transactions Transactions
User #1 User #2
Terminal Terminal

Centralized
Computer

Transactions Central Transactions
User #3 User #4
TIM Corporate Terminal
Terminal
data

Learning”
©Cengage
PeAGR Sele Overview of Accounting Information Systems

FIGURE
1-8 DisTRIBUTED Data PROCESSING MODEL

User Segment 1 User Segment 2
Network
Transactions Connection Transactions
User #1 User #2
Computer Computer

Local Local
User User
Network Database Database Network
Connection Connection

User Segment 3 User Segment 4

Transactions Transactions
User #3
Network
Computer
Connection

Local Local
User User
Database Database

Learning”
©Cengage

their operations. Unlike in the centralized approach, users in a DDP environment function
independently and tend not to share data and information. Any necessary sharing, however, is
accomplished through network connections between the users.
Both the centralized and distributed data processing models have their respective benefits, risks,
and internal control implications. We will examine these issues in detail in subsequent chapters.

Systems Development and Maintenance
The information system needs of organizations are met by two related functions: systems develop-
ment and systems maintenance. The systems development function is the process by which organi-
zations acquire information systems. The systems maintenance function is responsible for making
changes to existing systems to accommodate changes in user needs. We examine each of these
functions separately below.

SYSTEMS DEVELOPMENT. Organizations acquire information systems in two ways: they pur-
chase commercial software and/or they build custom systems in-house from scratch. Commercial
software is available for both general accounting use and for industry-specific applications, such
as medical billing. Commercial software packages are sometimes called turnkey systems because
they can often be implemented by the user with little or no modification.
The business community has recognized the many advantages of buying commercial systems.
Software vendors such as Microsoft, Oracle, and SAP design their products to appeal to a large
community of users, which keeps down the unit cost to the customer. Also, by purchasing com-
mercial packages, client companies can acquire effective business solutions that are thoroughly
tested, free from errors, and are current with professional standards and technological innovations
designed by domain experts. Both small and large firms that have standardized information needs
are potential customers for commercial software. Larger organizations with unique information
 CAHE ASE elt Rasa The Information System: An Accountant’s Perspective

needs often develop custom software through a formal process called the systems development life
cycle. Creating custom software requires the organization to have an in-house team of qualified
and experienced IT professionals consisting of systems analysts, programmers, and database
designers. The IT team works with corporate users to assess their information needs, design com-
puter solutions, and physically implement them.
Custom systems are more expensive than commercial packages because the organization must
absorb all the development costs, which commercial vendors are able to spread across the entire
user population. For example, companies in competitive, fast-moving industries such as telecom-
munications, pharmaceuticals, and financial services invest hundreds of millions of dollars in cus-
tom software. When information needs are unique, however, and no commercial package
adequately meets them, custom software is often the only option.
To fill this void some commercial software vendors design their systems in modules that allow
flexibility through numerous processing options. Large scale enterprise resource planning (ERP) sys-
tems are an example of this approach. The base ERP system is comprised of thousands of small
program modules. From this vast array of options the IT team selects those modules that support
the organization’s specific information and data-processing needs. Configuring the system in this
way often takes many months, but the result is a customized system with the advantages of a com-
mercial system. ERP key features, benefits, risks, and control issues are discussed in Chapter 11.

SYSTEMS MAINTENANCE. Over the course of the system’s life (often several years), a system
may be modified many times as user needs change and evolve. Maintenance changes may be triv-
ial, such as modifying the system to produce an additional report, or significant, such as modify-
ing it to execute new accounting rules that impact many different system modules. Between 80 and
90 percent of a system’s total cost may be incurred because of maintenance activities.
Systems development and maintenance activities constitute material financial investments in
hardware, software, and personnel for many organizations. These activities also represent signifi-
cant risks that need to be controlled and, consequently, are of concern to management and
accountants. We deal with these issues in detail in Chapters 13, 14, and 17.

Database Administration
Centrally organized companies maintain their data resources in a central location that is shared by
all authorized end users (refer to Figure 1-7). In this shared-data arrangement, a special indepen-
dent group—database administration—headed by the database administrator is responsible for the
security and integrity of the database. We explore the database concept and the role of the data-
base administrator in Chapter 9.

Network Administration
A network is a collection of interconnected computers and communications devices that allows
users to communicate, access data and applications, and share information and resources.
Network administration is responsible for the effective functioning of the software and hardware
that constitute the organization’s network. This involves configuring, implementing, and maintain-
ing network equipment. In addition, network administration is responsible for monitoring network
activity to ensure that the network is being used in accordance with company policies and that it is
secure from attack by hackers from outside the organization as well as unauthorized individuals
within the organization. Network technologies, security issues, and control techniques are the
topics of Chapters 12 and 16.

Outsourcing the IT Function
From this brief discussion we see that the IT segment of an organization comprises highly techni-
cal, dynamically changing, and expensive activities. Corporate management has long complained
about the administrative burden and high cost associated with managing and maintaining the IT
function. In an effort to bring costs under control and to escape their IT headaches, many
20 PEAS Re Tael Overview of Accounting Information Systems

corporate executives look to IT outsourcing. Under this practice the organization sells its IT
resources (hardware, software, and facilities) to a third-party outsourcing vendor such as HP
Enterprise Services (formally EDS). The outsourcing organization then leases back IT services
from the vendor for a contract period of typically between five and ten years. The company’s IT
employees are often transferred in such deals and become employees of the outsourcing vendor.
Of course, when the vendor takes the IT function off shore, employee transfers are not possible.
A variant of IT outsourcing, called cloud computing, is location-independent computing, where
shared data centers deliver hosted IT services over the Internet. These services fall into three catego-
ries: software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS).
The concept can be equated to the way in which electricity is delivered to a private home. The home-
owner enters into a contract with the local public utility company to deliver electricity as needed. The
public utility company may generate some of this electricity, but during high demand periods it will go
to the national electric grid to tap into the production of other electricity generators across the coun-
try. Similarly, an organization pursuing cloud computing signs a contract with an IT service provider
to provide computing resources. When demand exceeds the provider’s IT capacity, it acquires addi-
tional capacity from data centers in the “cloud” that are connected via the Internet. A potential risk
to the chent firm is that it does not necessarily know where its data are actually being processed, just
as the homeowner does not know where his or her electricity is being generated. The advantage to the
client organization is access to whatever computing power it needs, while it pays only for what it uses.
Also, cloud computing contracts are flexible and relatively short term. In contrast, traditional outsour-
cing contracts tend to be fixed price, inflexible, and much longer term.
IT outsourcing is a rapidly growing phenomenon. The departure from tradition that it
represents carries both advantages and risks that management and auditors need to recognize. In
Chapter 15 we explore these issues in detail.

The Role of Accountants in AIS
Accountants are involved in both the design and the audit of accounting information systems. The
final section of this chapter briefly outlines key areas of responsibility; these issues are expanded
upon in subsequent chapters.

ACCOUNTANTS AS SYSTEM DESIGNERS
Accountants play a prominent role on systems development teams as domain experts. In that
capacity they are responsible for many aspects of the conceptual system. This involves specifying
certain operational rules, reporting requirements, and framing internal control objectives that the
system must achieve. The IT professionals on the team are responsible for the physical system
including system architecture, programming, and database design. To illustrate the distinction
between conceptual and physical systems, consider the following example:

The credit department of a retail business requires information about delinquent accounts from the
AR department. This information is used to support decisions made by the credit manager regarding
the credit-worthiness of customers.

The design of the conceptual system involves specifying the criteria for identifying delinquent
customers and the information that needs to be reported. As the domain expert, the accountant
determines the nature of the information required, its sources, its destination, and the accounting
rules that need to be applied. The physical system includes the data storage medium to be used and
the method for capturing and presenting the information. IT professionals determine the most
economical and effective technologies for accomplishing the task. Hence, systems design is a
collaborative effort. Because of the specificity of accounting rules, the implications of material
error, and the potential for fraud, the accountant’s involvement in systems design is essential and
pervasive throughout the development process.
 (Cel ANI ys IR Al The Information System: An Accountant’s Perspective 21

ACCOUNTANTS AS SYSTEM AUDITORS
Accountant’s perform audits of business organizations for various reasons, which typically involve
the accounting information system. The most common audits are external (attestation) audits,
internal (operational) audits, and fraud audits. Each type of audit requires that the auditor have a
thorough understanding of AIS functions and internal controls.
An external audit is an independent attestation performed by an expert—the auditor—who
expresses an opinion in the form of a formal audit report regarding the presentation of financial
statements. This task, known as the attest function, is performed by Certified Public Accountants
(CPAs) who work for public accounting firms that are independent of the client organization
being audited. The audit objective is to assure the fair presentation of corporate financial state-
ments. This requires auditors to perform tests of the information system’s internal controls as
well as substantive tests of data that reside in the system’s databases. External audits are often
referred to as financial audits and the SEC requires all publicly traded companies to undergo a
financial audit annually. CPAs conducting such audits are acting on behalf of outsiders such as
stockholders, creditors, government agencies, and the general public.
A critical element in the relationship between auditors and their constituents is the concept of
auditor independence. Within the context of an audit, independence means that the auditor is free
from factors that might influence the auditors’ report regarding the financial position of the client
firm. Such factors include, but are not limited to, financial interests in the client firm including
stock holding or employment outside of the attest service, family ties or other personal relation-
ships with the client, or provision of nonaudit (advisory) services to audit clients. In the absence
of independence, the auditor’s report would be of little value to its users.

Attest Service versus Advisory Services
An important distinction needs to be made regarding the external auditor’s attestation function and the
rapidly growing field of advisory services, which many public accounting firms offer. Advisory services
are professional services offered by public accounting firms to improve their client organizations’ opera-
tional efficiency and effectiveness. The domain of advisory services is intentionally unbounded so that it
does not inhibit the growth of future services that are currently unforeseen. As examples, advisory ser-
vices include actuarial advice, business advice, fraud investigation services, information system design
and implementation, and internal control assessments for compliance with SOX.
Prior to the passage of SOX, accounting firms were permitted to provide advisory services and attest
services concurrently to clients. SOX legislation, however, greatly restricts the types of nonaudit services
that auditors may render audit clients. It is now unlawful for a registered public accounting firm that is
currently providing attest services for a client to provide the following services:
* bookkeeping or other services related to the accounting records or financial statements of the
audit client
* financial information systems design and implementation
* appraisal or valuation services, fairness opinions, or contribution-in-kind reports
* actuarial services
* internal audit outsourcing services
* management functions or human resources
* broker or dealer, investment adviser, or investment banking services
* legal services and expert services unrelated to the audit
* any other service that the Board determines, by regulation, is impermissible.
The IT advisory services units of public accounting firms have different names in different firms,
but they all engage in tasks generally known as risk management. These groups often play a dual
role within their respective firms; they provide nonaudit clients with IT advisory services and also
work with their firm’s financial audit staff to perform IT-related tests of controls (often called IT
auditing) as part of the attestation function. Keep in mind that in many cases the purpose of the
22 PAN IR IP II Overview of Accounting Information Systems

task, rather than the task itself, defines the service being rendered. For example, a risk management
professional may perform a test of IT controls as an advisory service for a nonaudit client who is
preparing for a financial audit by a different public accounting firm. The same professional may
perform the same test for an audit client as part of the attest function.

Internal Audits
Internal auditing is an independent appraisal function established within an organization to exam-
ine and evaluate its activities. Internal auditors perform a wide range of activities including con-
ducting financial audits, performing IT audits examining an operation’s compliance with
organizational policies and legal obligations, evaluating operational efficiency, and detecting and
pursuing fraud within the firm.
An internal audit is typically conducted by auditors who work for the organization, but this
task may be outsourced to other organizations. Internal auditors are often certified as a Certified
Internal Auditor (CIA) or a Certified Information Systems Auditor (CISA). While internal audi-
tors self-impose independence to perform their duties effectively, they are employed by the organi-
zation and represent its interests. These auditors generally answer to executive management of the
organization or the audit committee of the board of directors. The standards, guidance, and certi-
fication of internal audits are governed mainly by the Institute of Internal Auditors (IIA) and, to a
lesser degree, by the Information Systems Audit and Control Association (ISACA).

External versus Internal Auditors
The characteristic that conceptually distinguishes external auditors from internal auditors is their
respective constituencies: while external auditors represent outsiders, internal auditors represent
the interests of the organization. Nevertheless, in this capacity, internal auditors often cooperate
with and assist external auditors in performing aspects of financial audits. This cooperation 1s
done to achieve audit efficiency and reduce audit fees. For example, a team of internal auditors
can perform tests of computer controls under the supervision of a single external auditor.
The independence and competence of the internal audit staff determine the extent to which
external auditors may cooperate with and rely on work performed by internal auditors. Some
internal audit departments report directly to the controller. Under this arrangement, the internal
auditor’s independence is compromised, and the external auditor is prohibited by professional
standards from relying on evidence provided by them. In contrast, external auditors can rely in
part on evidence gathered by internal audit departments that are organizationally independent
and report to the board of directors’ audit committee (discussed later). A truly independent inter-
nal audit staff adds value to the audit process. For example, internal auditors can gather audit evi-
dence throughout a fiscal period, which external auditors may then use at year end to conduct
more efficient, less disruptive, and less costly audits of the organization’s financial statements.

Fraud Audits
In recent years fraud audits have, unfortunately, increased in popularity as a corporate governance
tool. They have been thrust into prominence by a corporate environment in which both employee
theft of assets and major financial frauds by management (e.g., Enron, WorldCom) have become ram-
pant. The objective of a fraud audit is to investigate anomalies and gather evidence of fraud that may
lead to criminal conviction. Sometimes fraud audits are initiated when corporate management suspects
employee fraud. Alternatively, boards of directors may hire fraud auditors to investigate their own
executives if theft of assets or financial fraud is suspected. Organizations victimized by fraud usually
contract with specialized fraud units of public accounting firms or with companies that specialize in
forensic accounting. Typically, fraud auditors have earned the Certified Fraud Examiner (CFE) certi-
fication, which is governed by the Association of Certified Fraud Examiners (ACFE).

The Role of the Audit Committee
The boards of directors of publicly traded companies form a subcommittee known as the audit
committee that has special responsibilities regarding audits. This committee is usually composed
 CISUAN IE WIR Al The Information System: An Accountant’s Perspective 23

of three people who should be outsiders (not associated with the families of executive management
nor former officers, etc.). With the advent of the SOX, at least one member of the audit commit-
tee must be a “financial expert.” The audit committee serves as an independent “check and bal-
ance” for the internat audit function and liaison with external auditors. One of the most
significant changes imposed by SOX has been to the relationship between management and the
external auditors. Prior to SOX, external auditors were hired and fired by management. Many
believe, with some justification, that this relationship erodes auditor independence when disputes
over audit practices arise. SOX mandates that external auditors now report to the audit commit-
tee, which hires and fires auditors and resolves disputes.
To be effective, the audit committee must be willing to challenge the internal auditors (or the
entity performing that function) as well as management when necessary. Part of the role of com-
mittee members is to look for ways to identify risk. For instance, they might serve as a sounding
board for employees who observe suspicious behavior or spot fraudulent activities. In general,
they become an independent guardian of the entity’s assets by whatever means is appropriate.
Corporate frauds often have some relationship to audit committee failures. These include lack of
independence of audit committee members, lack of experienced members on the audit committee,
inactive audit committees, and the total absence of an audit committee.

Designer/Auditor Duality
The accountant’s dual roles of designer and auditor draw upon a common skill set. An accoun-
tant cannot effectively conduct an audit if he or she does not understand the principles of sys-
tems design. The functions involved in a system, the tasks performed by it, and the internal
controls that are, or should be, in place are design issues about which auditors routinely gather
evidence. Similarly, an accountant cannot properly design a system without a thorough under-
standing of audit issues and concerns. For example, the designer must understand the nature of
a particular audit risk before he or she can plan the design of internal control techniques needed
to mitigate the risk. Also, the designer must understand audit objectives regarding evidence
gathering so he or she may create a system that facilitates the subsequent extraction of audit
evidence.
The accountant’s dual responsibility for systems design and auditing has greatly influenced the
organization and approach taken in this text. Although primarily an AIS design text, chapter
topics are presented from the auditor’s perspective. Human activities, manual procedures, and
information technologies such as networks, databases, and computer applications that constitute
the AIS are presented and discussed within the context of the audit risks they pose and how
those risks can be mitigated through internal controls. This approach is followed throughout the
remaining chapters of the book.

Summary
The first section of this chapter introduced basic systems con- method of structuring a business and examined the functions
cepts and presented a framework for distinguishing between of a typical manufacturing firm. The section presented two
accounting information systems and management information general methods of organizing the IT function: the centralized
systems. This distinction is related to the types of transactions approach and the distributed approach.
these systems process. AIS applications process financial trans- The final section of this chapter examined the dual roles of
actions, and MIS applications process nonfinancial transactions. accountants as (1) designers of AIS and (2) auditors of AIS.
The section then presented a general model for accounting The IT function is responsible for designing the physical sys-
information systems. The model is composed of four major tem, and the accounting function is responsible for specifying
tasks that exist in all AIS applications: data collection, data pro- the conceptual system. An audit is an independent attestation
cessing, database management, and information generation. performed by the auditor, who expresses an opinion about
The second section examined the relationship between the fairness of a company’s financial statements. A distinction
organizational structure and the information system. It was drawn between attestation and financial services. Both
focused on functional segmentation as the predominant external and internal auditors conduct IT audits.
24 PAN
IR TE JI Overview of Accounting Information Systems

Key Terms
accounting information systems (AIS) (3) information flows (4)
attest function (21) information generation (12)
auditor (21) information system (5)
centralized data processing (17) infrastructure as a service (laaS) (20)
cloud computing (20) internal auditing (22)
commercial software (18) IT auditing (21)
conceptual system (20) IT outsourcing (20)
custom software (19) management information system (MIS) (5)
data (10) management reporting system (MRS) (7)
data collection (10) network (19)
data processing (10) network administration (19)
data sources (10) nondiscretionary reporting (8)
data storage (20) nonfinancial transactions (7)
database (11) physical system (20)
database management (|2) platform as a service (PaaS) (20)
discretionary reporting (9) reliability (16)
distributed data processing (DDP) (17) segments (13)
end users (9) software as a service (SaaS) (20)
enterprise resource planning (ERP) (19) stakeholders (5)
feedback (12) substantive tests (21)
financial transaction (7) systems development life cycle (19)
general ledger/financial reporting system (GL/FRS) tests of controls (21)
(7) trading partners (5)
general model for AIS (9) transaction (5)
independence (16) transaction processing system (TPS) (7)
information (10) turnkey systems (18)

Review Questions
|. What are the four levels of activity in the pyramid 11. What are the fundamental objectives of all infor-
representing the business organization? Distinguish mation systems?
between horizontal and vertical flows of information. 12. What does stewardship mean, and what is its role
2. What is the relationship among data, information, in an information system?
and an information system? 13. List five functional areas and their sub-functions.
3. Distinguish between AIS and MIS. 14. Distinguish the roles of internal and external
What are the three cycles of transaction proces- auditors.
sing systems? 15. What is the role of a database administrator?
5. What is discretionary reporting? 16. What is the role of the accounting function in an
What are the characteristics of good or useful organization?
information? 17. Distinguish between the centralized and distrib-
7. What rules govern data collection? uted approaches to organizing the IT function.
8. What are the levels of data hierarchy? 18. What is distributed data processing?
9. What are the three fundamental tasks of database 19. What is an ERP system?
management? 20. What two roles are played by accountants with
10. What is feedback, and how is it useful in an respect to the information system?
information system?
 Cal
ANIP WEBI Al The Information System: An Accountant's Perspective 25

21. Define the term attest function. 29. What characteristic conceptually distinguishes
22. Define the term financial services. internal and external auditing?
23. What is IT auditing? 30. What is the role of network administration?

24. Distinguish between conceptual and physical 31. What is cloud computing?
systems. 32. Name the two ways in which organizations
25. What is the role of the audit committee of the acquire information systems.
board of directors? 33. Why are custom systems more expensive than
26. Who initiates a fraud audit within the commercial systems?
organization? 34. What types of companies are potential customers
Pap When can external auditors rely on the work for commercial software?
performed by internal auditors? 35. Briefly explain accounting independence.
28. Name the tests that auditors perform to gather 36. Why do systems designers need to know anything
evidence. about auditing?

Discussion Questions
Discuss the differences between internal and Discuss the importance of accounting indepen-
external users of information and their needs dence in accounting information systems. Give an
and demands on an information system. Histor- example of where this concept is important (use
ically, which type of user has the firm catered to an example other than inventory control).
most? Discuss why it is crucial that internal auditors
Comment on the level of detail necessary for report solely to the audit committee of the
operations management, middle management, and board of directors and answer to no other
stockholders. group.
Distinguish between financial and nonfinancial 12: Contrast centralized data processing with
transactions. Give three examples of each. distributed data processing. How do the roles of
An information system must meet three funda- end users differ between the two approaches?
mental objectives. Discuss why these objectives 13. Discuss how conceptual and physical systems dif-
cannot effectively be met by a common set of fer and which functions are responsible for each
information. of these systems.
Do you think transaction processing systems dif- 14. Why is an active board of directors audit com-
fer significantly between service and manufactur- mittee important to an organization?
ing industries? Are they equally important to both 15. Do you agree with the statement, “The term /T
sectors? auditor should be considered obsolete because it
Discuss the difference between the financial implies a distinction between regular auditors and
reporting system and general ledger system. auditors who examine computerized AIS”? Why
Examine Figure |-4 and discuss where and how or why not?
problems can arise that can cause the resulting 16. Describe cloud computing and explain how it is
information to be bad or ineffective. similar to obtaining a commodity product.
Discuss how the elements of efficiency, effective- 17. Why is it important to organizationally separate
ness, and flexibility are crucial to the design of an the accounting function from other functions of
information system. the organization?
Discuss what is meant by the statement, “The 18. What is an external financial audit, and what are
accounting system is a conceptual flow of infor- the sources of audit evidence?
mation that represents physical personnel, 19. Why do firms outsource their IT functions?
machinery, and flows of raw materials and cash Explain the options of traditional IT outsourcing
through the organization.” and cloud computing, and how they differ.
26 PAIR
IE II Overview of Accounting Information Systems

Multiple-Choice Questions
Which of the following is NOT a financial 7. When viewed from the highest to most elemental
transaction? level, the data hierarchy is
a. purchase of products a. attribute, record, file.
b. cash receipts b. record, attribute, key.
c. update valid vendor file io file, record, attribute.
d. sale of inventory d. file, record, key.
The following are subsystems of the accounting e. key, record, file.
information system, EXCEPT the Which is NOT a source of evidence for an
a. transaction processing system. external auditor?
b. human resources system. a. work performed by internal auditors
c. general ledger/financial reporting system. who organizationally report to the controller
d. management reporting system. b. tests of controls

Which of the following is NOT a purpose of the substantive tests
transaction processing system? d. work performed by internal auditors who
a. managing and reporting on the status of finan- report to the audit committee of the BOD
cial investments Which of the following is NOT an objective of all
b. converting economic events into financial information systems?
transactions a. support for the stewardship function of
c. distributing essential information to management
operations personnel to support their b. support for management decision making
daily operations c. support for the day-to-day operations of the
d. recording financial transactions in the firm
accounting records d. all of the above are objectives
The objectives of the data collection activity of the 10. Which of the following best describes the activi-
general model for accounting information systems ties of the materials management function?
are to collect data that are
purchasing, receiving, and inventory control
a. relevant and redundant.
b. receiving, sales, distribution, and purchasing
b. efficient and objective.
c. receiving, storage, purchasing, and accounts
c. efficient and redundant. payable
d. efficient and relevant. d. purchasing, receiving, and storage
Which of the following is NOT a characteristic of e. purchasing, storage, and distribution
effective information?
Which of the following best describes the activi-
a. relevance ties of the production function?
b. accuracy a. maintenance, inventory control, and produc-
c. summarization tion planning
d. precision b. production planning, quality control,
Which of the following is NOT a database man- manufacturing, and cost accounting
agement task? c. quality control, production planning,
a. retrieval manufacturing, and payroll
b. storage d. maintenance, production planning, storage, and
quality control
c. summarization
e. manufacturing, quality control, and
d. deletion