Chapter 1—AIS overview (3 Questions = 4.5 points)
Purpose of/value provided by AIS
1. Improving the quality and reducing the costs of products or service 2. Improve efficiency and effectiveness of the value chain and supply chain 3. Share knowledge 4. Improve the internal control structure 5. Improve decision making
Key Role if the AIS
1. Collecting and storing data 2. Providing information for decisions 3. Safeguarding assets
Value Chain Activities
1. Inbound Logistics------ receiving and storage 2. Operations -------------- manufacturing and repackaging 3. Outbound Logistics---- distribution shipping 4. Marketing & Sales------ advertising, selling 5. Service-------------------- repair, maintenance
Characteristic of Useful Information
1. Relevant 2. Reliable 3. Timely 4. Verifiable 5. Understandable 6. Accessible 7. Complete
Chapter 2/SUA
Purpose/use of general ledger, subsidiary ledgers, special journals and cash prelist
General Ledger= contains summary level data for every asset, liability, equity and revenue, and expense account...(accounts receivable)
Subsidiary Ledger= contains detailed data for any general ledger account with many individualized subaccounts.... (Separate account for each accounts receivable)
General Journal= used to record infrequent or non-routine transaction, such as loan payments
Specialized Journal= records large numbers of repetitive transactions such as sales, cash receipts, and cash disbursement
Sequence of events in accounting cycle
1. Collect Data 2. Journalize Transactions (capture in transaction files) 3. Post transactions to accounts in ledger (G/L master file) 4. Prepare unadjusted trial balance 5. Prepare and Post adjusting entries 6. Prepare adjusted trial balance 7. Prepare accounting reports a. Income Statement First (sales – cogs = NI) b. Retained Earnings Second (Beg RE+NI-Div= Ending RE) c. Balance Sheet Last (assets=liab + OE) gets RE from RE statement 8. Close Accounts-----(never close balance sheet accounts)
Transaction Cycles
1. Revenue Cycle—goods and services are sold for cash, receive cash 2. Expenditure Cycle---- companies purchase inventory for resale or raw mat 3. Production/Conversion---raw materials transformed into finished goods 4. Human Resource/Payroll- employees are hired/fired/trained 5. Financing Cycles-----companies sell shares, borrow money
Characteristics of adjusting and closing entries * Never close balance sheet accounts
Characteristics of good forms design 1. Pre-numbering of documents 2. Turnaround documents
Updates to master vs. transaction files * Journals (general and specialized) update ledger * Transaction (detail) files UPDATE master files
Master File= stores cumulative information about an organization
Transaction File= contains records of individualized business transaction that occur during a specific time
Chapter 3---Documentation Techniques
Identify commonly used flowchart symbols and segments * Look at page number 76-77
General Features of context diagrams/DFD’s
Data Flow Diagrams= shows flows of data between processes, files, and destinations * Context level is highest level
Flowchart= graphic representation of sequential processes * Document---shows document flow among areas of responsibility * System---summarizes inputs, processing and outputs of a system * Program--- shows logic of computer program execution
Chapter 4—Databases and Microsoft Access
Purpose of Schemas/subschemas/data dictionary
Data Dictionary= contains information about the structure of the database For each data element stored in the database, there is a record in the Dictionary describing it Schemas= describes the logical structure of a database * Conceptual level---views entire database, data elements, relationships * External Level--- * Internal Level---how data is stored
Sub-Schemas= consists of individual user views of portions of the database. Employees don’t have access to everything
Primary vs. Foreign Key
Primary Key= database attribute, or combination of attributes, that uniquely Identifies a specific row in a table. Cannot be null
Foreign Key= an attribute that is a primary key in another table, is used to link tables....if not null, must have values that correspond to the value of a primary key in another table
Database rules and anomaly
Update Anomaly Insert Anomaly Delete Anomaly
1. Every column is single valued 2. Primary Keys cannot be null 3. Foreign keys, if not null, correspond to a primary key in another table 4. All non-key attributes in table should describe a characteristics about the object identified by the primary key.
Use of DDL, DQl, DML
Data Definition Language (DDL)= 1. Builds data dictionary 2. Creates database 3. Set access + security 4. Describes logical view 5. Adding a new field
Data Manipulation Language (DML)= 1. Add/Change delete records in database 2. Adding new record 3. Changes database content
Data Query Language 1. Users means of pulling inform from database 2. Creating queries 3. Retrieve, sort, order, display data
Concept of database file design/normalization
Normalization= assumes that everything is initially stored in one large table
Similar to exam #3 problems regarding database file design.
Chapter 7—Internal Control
Purpose of Internal Control
1. Safeguarding of assets 2. Maintenance of adequate records 3. Reliable financial information 4. Financial statements in accordance with standards 5. Operational efficiency 6. Employee compliance with policies 7. Compliance with laws and regulations 8. Accountants are control consultants
General Categories of controls
1. Preventive Controls= deter problems before they arise 2. Detective Controls= discover problems that are not prevented 3. Corrective Controls= identify and correct problems as well as correct and recover from the resulting error
Components of internal control environment
1. Managements philosophy, operating style, risk appetite 2. Human resource policies and practices and methods of assigning authority & responsibility 3. Influence of audit committee of board of directors 4. Organizational reporting/structure (regulations & requirements) 5. External Influence imposed by FASB, SEC, etc
Purpose of control totals/pre-numbered documents 1. Prevent/minimize errors 2. Reduce possibility of fraud 3. All documents accounted for 4. Help ensure accuracy of all relevant transaction data
Sarbanes-Oxley provisions 1. New rules for auditors—report to audit committee, audit partners rotate 2. New rules for audit committees--- 3. New rules for management---CEO, CFO must certify documents 4. New internal control requirements—
Segregation of Duties concepts 1. Authorization---approving transactions and decisions 2. Recording----preparing source documents, maintaining journals, ledgers 3. Custody----handling cash, inventory, receiving incoming customer checks, writing checks
THESE DUTIES MUST BE SEPERATED!!! * Separate physical custody, authorization and recording of assets
Purpose/composition of audit committee 1. Outside, independent directors, must be on board of directors, and be independent of the company 2. Responsible for financial reporting, regulatory compliance, internal control, and hiring and overseeing internal and external auditors, who report all critical accounting policies and practices to them
Chapter 10-Computeried Controls
Components of backup and recovery plan 1. Insurance for equipment and business loss 2. Appointed disaster team 3. Hot site= facility that is pre-wired, and contains all resources a business needs 4. Cold Site= pre-wired, and a contract with a company that will provide all needed resources within a period of time 5. Files backed up and stored offsite physically or through electronic 6. Recovery plan is fully documented, up-to-date and tested every so often
Computer software program change control 1. Change requests documented and approved 2. Limit access to programs 3. Test the plan 4. Adequate documentation 5. Changes to program reviewed 6. Provide audit trails of changes, authorizations and reviews
Input edits checks/batch controls 1. Good forms design a. Pre-numbering of documents b. Turnaround documents 2. Electronic Cancellation
3. Data entry controls c. Field check—determines whether the characteristics in a field are of the proper type.....numeric in zip code field d. Sign check--- checks for correct arithmetic sign e. Limit check---amount cannot exceed 40 f. Range check—amount is between a range..0-100 g. Size check—6 digit field cannot except a 10 digit input h. Completeness check---checks if all required fields are filled out i. Validity check---checks number to master file to make sure j. Reasonable test—makes sure input in reasonable no overtime hours for someone who hasn’t worked 40 hours k. Batch totals---summarizes important values for a batch of input records l. Financial Total—sums a field that contains monetary values m. Hash total—sums a non-financial numeric field such as inventory n. Record Count—number of records in a batch o. Sequence checks—makes sure that batch of input records is in the proper sequence p. Closed loop verification—checks the accuracy of input data by using it to retrieve and display other related information
Source data automation 1. Data matching 2. File labels a. Header record=located at beginning of each file b. Trailer record= located at the end, contains batch total
EDI, EFT, FEDI 1. Electronic Data Interchange (EDI)= the use of computerized communications to submit business documents electronically in format that can be automatically processed by the recipients information system
2. Electronic Funds Transfer EFT= transfer of monetary funds between 2 or more organizations using computers and other automated technology.
3. Financial electronic data interchange (FEDI)= combination of EDI and EFT that enables both remittance data and funds transfer instructions to be included in one electronic package
Physical and logical access controls 1. Physical control= physical, custody to using something 2. Logical control = the ability to use computer equipment to access company data, dialing into the network
Chapter 12—Revenue Cycle
Segregation of Duties concept 1. Sales (order entry) and Credit authorization 2. Shipping and billing (AR) 3. Cash Receipts and Accounts Receivable 4. Cash Receipts and Credit Memo Authorization 5. Cash Receipts and Reconciling bank statement 6. Accounts receivable and general ledger
Parties/Departments involved in the revenue cycle 1. Receive Sales Order 2. Enter sales order into the system 3. System verifies credit, checks inventory and notifies warehouse and shipping department about the approved sale 4. Warehouse and Shipping, pack goods, ship the goods 5. Invoice generates, and gets send to customer 6. Receive checks—cashier updates Company’s cash balance---AR clerk updated customer accounts. 7. Sales Department---Warehouse---Shipping---Accounts Receivable
Documents used in the revenue cycle, including their purpose 1. Purchase Order/Sales Order 2. Picking Ticket= identifies which items to pick and how many 3. Packing Slip= lists the quantity and description of each item shipped 4. Bill Of Lading= legal contract that defines responsibility of goods in transit
Sequence of Procedures 1. Take Customers Order a. Credit Approval b. Checking Inventory c. Respond to customer inquiries 2. Shipping d. Pick and Pack the order e. Ship the order 3. Billing f. Generate invoice 4. Maintain A/R 5. Cash collection
Revenue Cycle threats and applicable control procedures 1. Look at pg 356-357 in the book
Opportunities for IT 1. EDI for order entry 2. Bar codes 3. Input edit checks 4. Automated warehouse/bar codes/RFID 5. Smart Forklifts 6. Electronic packing slips 7. Image Processing 8. Segregation of duties 9. Lockbox or electronic lockbox 10. EFT/FEDI 11. Credit or Procurement cards
Chapter 13—Expenditure Cycle
Documents used in the expenditure cycle 1. Purchase Requisition--- identifies what is needed 2. Purchase order---document that formally requests a supplier to sell and deliver specified products at a certain price 3. Receiving Report—document details about each delivery, including the date received, shipper, supplier and purchase order number 4. Debit Memo-records the adjustment being requested 5. Disbursement Voucher and Voucher Package---Receiving report, sales invoice, purchase order
Segregation of Duties 1. Purchasing and Accounts Payable 2. Inventory Records and Warehouse 3. Receiving and Warehouse 4. Accounts Payable and Cash disbursement 5. Cash Disbursements and General ledger
Opportunities for IT 1. On-line data requisition 2. EDI or internet 3. Vendor-managed inventory program 4. Reverse auctions 5. Procurements cards for non inventory items 6. Bar-code update of inventory records 7. RFID tags 8. Satellite location tracking
Sequence of Procedures 1. Order materials, supplies, service 2. Receiving materials, supplies, service 3. Approving Supplier Invoices a. Voucher package 4. Cash Disbursement
Parties/Departments involved 1. Various Departments 2. Purchase department 3. Receiving and Warehouse, Inventory 4. Accounts Payable and Cashier
Chapter 14—Production Cycle
Documentation used in the production cycle
1. Bill Of materials= specifies the part number, description, and quantity of each component used in a finished product
2. Operations List= specifies the sequence of steps to follow in making a product, which equipment to use, and how long each step should take.
3. Master Production Schedule= specifies what, when and how much to produce based on customer order, sales forecast, and FG inventory level
4. Production Order= authorizes the start of production. Identifies quantity to be produced, production department required and final destination
5. Materials Requisition= authorizes release of raw materials into production. Serves as a source document for journal entry transferring raw materials to WIP.
6. Move ticket= document transfers of production between departments
Segregation of duties concept 1. Inventory and Warehouse 2. Factory and Production Control 3. Cost Accounting and General Accounting
Activities in the production cycle 1. Product Design 2. Planning and Scheduling 3. Production Operation 4. Cost Accounting
Chapter 15—Payroll Cycle
Use of Payroll impress and general ledger clearing account 1. Payroll Clearing Account= is a general ledger account that is used in a two-step process to check the accuracy and completeness of recording payroll costs and their subsequent allocation to appropriate cost centers.
2. Imprest fund= a cash account with two characteristics (1)- set at a fixed amount such as 100, and (2) vouchers are required for every disbursement. At all times, the sum of cash plus vouchers should equal the present fund balance
Parties/Departments involved in the payroll cycle 1. Human Resource 2. All the business departments 3. Government 4. Bank 5. Accounts Payable
Payroll Cycle Threats and applicable control procedures 1. Imprest payroll account 2. Unclaimed paycheck sent to I/A 3. Reconciliation of check signing machine 4. Control of time cards/blank checks 5. Segregate payroll distribution 6. Payroll file access controls 7. File backups
Sequence of documents and procedures in the payroll cycle 1. Updating payroll master database 2. Validate employee time cards and attendance dates 3. Prepare Payroll 4. Disbursements of Paychecks to employees 5. Reconciling the payroll bank account
Transaction and master file data and access controls 1. Segregate duties to eliminate un-authorized changes to payroll master data 2. HRM department updates master file for hiring, firing, pay changes while cashier should process pay and disbursement
Segregation of Duties concept 1. Timekeeping and Payroll 2. Payroll and Cash Disbursement 3. Payroll and Human Resource 4. Time keeping and Payroll 5. Payroll and Cash Disbursement
Payroll Taxes 1. FICA payable 2. State Unemployed Tax 3. Federal Unemployed Tax
Chapter 17—REA model
Purpose of the E-R diagrams 1. An entity-relationship (E-R) diagram is graphical technique for portraying a database schema 2. Entities are anything about which we collect information 3. Shows the various entities being modeled and the important relationship among them
Components/rules of REA Diagrams 1. Each event linked to at least one resource 2. Each event linked to at least one other event 3. Each even linked to at least two agents
Interpreting an REA Diagram 1. Look at PowerPoint
Chapter 20—Systems Analysis
Sequence and phase of SDLC and specific activities included there in 1. Systems Analysis---initial investigation 2. Conceptual Design---how design will meet users needs 3. Physical Design---translates conceptual into actual design 4. Implementation and Conversion 5. Operation and Maintenance
Types of feasibility analysis 1. Determine feasibility as to: a. Technological implementation b. Operational objectives c. Time constraints d. Legal requirements e. Economic cost vs benefits 2. Report Findings to ISSC f. Determine whether to proceed 3. Capital Budgeting g. Payback i. How long to recoup investment ii. Considers return of investment vs return on investment 4. Economics, Technical, Legal, Scheduling and Operational Feasibility
Responsibilities of parties involved in phases of systems development 1. ISSC Information Systems Steering Committee a. Initiate analysis, review progress 2. Management b. Provide support and direction 3. Accountants c. Users, evaluators, control consultants 4. Project Development team d. System analysts, management, accountants, users, programmers
Information Gathering methods 1. Initial Investigation= conducted to screen the requests for system development 2. Systems survey= extensive study of the current AIS a. Interviews-gathers answers to why questions b. Questionnaire= c. Observation—how system actually works d. Systems documentation= describes how AIS is intended to work
Chapter 8—Controls for System Reliability
Network Architecture and access controls 1. Firewall 2. Boarder Router=connects an organizations information system to the internet
Preventive security controls 1. Authentication a. Passwords b. Biometrics c. Physical devices (badges and cards) d. MULTI-FACTOR AUTHENTICATION IS BEST 2. Authorization e. Access control matrix f. Compatibility test 3. Physical Access g. To computers, LAN wiring, lap-tops, other technology products 4. Remote Access 5. Encryption h. Digital Signature i. Digital Certificate j. Hash
Detective Security Controls 1. Log Analysis a. Labor Intensive b. Prone to human error 2. Intrusion Detection Systems c. IDS unusual behavior of traffic that has passed firewall 3. Security Testing d. Vulnerability Scans e. Penetration Test
Corrective security controls 1. Have a computer emergency response team CIRT a. IT and senior management b. Respond to security incidents 2. Employ a chief security officer CSO 3. Use patch management c. Regularly apply patches and updates to software 