Você está na página 1de 17

ACCOUNTING INFORMATION SYSTEMS

INFT6500 Assignment 4
Group 1













Table of Contents


Executive summary ......................................................................................................................... 3
Implementation Strategy ................................................................................................................ 4
Testing Strategy ............................................................................................................................... 6
Testing Range .............................................................................................................................. 7
Testing Data ................................................................................................................................. 7
Testing Examples of Test Data..................................................................................................... 9
Testing Method ......................................................................................................................... 10
Test Evaluation .......................................................................................................................... 10
System Controls ............................................................................................................................. 11
Post Implementation Review ............................................................ Error! Bookmark not defined.
Bibliography ................................................................................................................................... 16












Executive summary

In previous reports the system of Enterprise Resource Planning (ERP) was recommended as it
was suitable for further development and improvement of Marias Aquariums. Following the
theoretical supposition, this report discusses the implementation plan that is needed to check
how well ERP could be used in practice.
The first part describes the possible implementation strategy for the use of ERP. It provides the
manner that the company should have after using this system. Secondly it makes predictions
about the problems that are in risks of happening, and ways to manage these issues.
The following part illustrates the testing strategy for the implementation of the system. The
purpose is to ensure that ERP is able to perform accurately and meet all requirements of
customers. Examples of test data are provided and also take the process to prove that the
testing has worked.
The third part composes of system controls which will be implemented in ERP. It details all
necessary controls for possible issues to discuss the way of minimizing negative effects
generated from these problems.
For the last section post implementation review strategy is given to check whether the new
system functions as expected, and gives the possible outcomes of the review.










Implementation Strategy

Although ERP is expected to be a good way for the high working efficiency as well as a barrier
remover for further development of Marias Aquariums, there are still plenty of things to
consider when it is implemented in practice. A well throughout implementation strategy is
necessary as it will set a well-designed routine for the solutions of possible issues predicted
during the implementation.
It has been concluded that the use of ERP will generally change the way the business is operated
by adopting computerized system in the operation of customer service, stock taking, central
management control as well as the payroll system, etc. However it could only actually take place
when it is well operated by related employees, which comprises the first important factor of
implementation strategy: the training of staffs and a proper supporting system.
Barriers may exist for employees to accept the new system and get familiar with the changed
operation procedure in a limited time, especially for those who are not able to use computers,
and who are reluctant to change the way they work. Different levels of training schedule should
be planned by firstly assuring the new system is well grasped by leaders such as stock managers.
The task of second level is to ensure related staffs to control the knowledge of the new system
whether through general courses or person to person teaching.
In order to gain the confidence of employees in adapting to the new system, a convenient
access for them to seek help once got an operation problem should be constructed. Distance
technical support should be provided through email, telephone or any other ways to be
considered. This will for the most part help accelerate the training process which should be
under a pre-setting plan.
The second factor to be considered is provision of hardware facilities, which are vitally
important for the system to take place. This could include new computers, and before the use
they are supposed to be installed with the new system. Besides, all data necessary needs to be
constructed properly by selected persons before the new system is ready to be promoted.
During the process the limitation of data access should be noticed, but the whole input process
also takes time thus the task needs to be managed and distributed well.


Another implementation strategy is out of the fact that issues could happen when the system
came across error which definitely needs preventive measures. The construction of a
professional technical support team is a possible solution to the problem. Responsibilities of
system maintenance, problem analysis and designing of corresponding correction should be laid
on the team. Furthermore, the company is supposed to backup important data periodically. As a
necessity for all computerized systems, it is vital in keeping the security of database as well as
the smooth maintenance even when serious error is made.
The use of ERP fundamentally change the way of the business, and for certain areas in the
company change of positions for staffs is a measure that has to be taken, which will be followed
by new allocation of responsibilities. A thorough consideration should be taken to make a good
arrangement for newly set positions. Responsibilities are supposed to be clearly laid on
appointed persons. It also worth mentioned that the personnel changes could lead to strong
reaction in the company, especially for small business. The owner has to make professional
judgment about it, and also to handle the situation to minimize dispute. The owner of the
business needs to consider the level of access to database for different level of staffs in the
company, so that it keeps the data from risks of being stolen, changed, and manipulated.














Testing Strategy

ERP is implemented into Marias Aquariums to meet is daily account data recording needs and
keep up to date with its normal business operations. ERP should be tested to ensure whether it
performs to expected requirements. Failure to conduct testing in new implemented software
likely to result with on-going maintenance, loss of normal business activity and credibility and
loss of revenue if have to recall the product or switch to other accounting product. Therefore,
testing strategy including quality, functional coverage, risks, constraints, range of tests and
minimum requirement standard must be performed and evaluated.
Testing strategy begins with different testing stages consists of 4 phases: (Romney and Steinbart,
2012)
1. Unit testing or Module testing: which is the test that divides each part of the tested
software and present that each individual part is accurate before it is correlated with
other software.
2. Integration Testing: which the test that verifies the software interface relationship
between tested unit and other system software and ensure it work accurately that the
data in the unit is process correctly as expected.
3. System testing: which it involves testing the overall system to ensure the system meets
both environmental and technical needs of the client or customer.
4. Acceptance testing: which is the last stage in the test process that ensures software
meets with the business requirements and objectives and works correctly. This process
is done under testings by customers without professionals and works out how the new
system of fitting into their business.
Firstly, unit testing/module testing is performed by system programmers to conduct test against
his or her own software to see if the software designed is working as originally expected. Data
gathered in unit testing stage will get correlated or integrated along with other software as a
complete set of testing data.
Secondly, gathered data set will be tested in the integration testing stage. The first two stages
will focus on testing quality and effectiveness of software compare to originally expected
performance.


Thirdly, system testing is testing stage on all function of implemented software in ensuring the
software is performed as originally expected.
Fourthly, acceptance testing is test on software whether it satisfies the requirements for the
customer business operation on usability, procedures and functionality.
Marias Aquariums has decided to implement ERP into its business to take over current half-
manual system in needs of keeping up to date with normal business operation and data
recording. The testing stage for Marias Aquariums would start in third stage of system testing
and acceptance testing because ERP is complete accounting software that has been
implemented and past first two stages of unit and integration testing.

Testing Range
Software functions needed to be tested in Marias Aquariums are:
Customer card information - on details, buying record, payment amount.
Stock system - on management, ordering new stock, stock level.
Barcode system
Payroll system timesheet procedure, staff wage and weekly working hours.
Price book update of price book, purchase price and selling price.
Accounting/bookkeeping account payable procedure, receivable allocation.
Security and backup backup daily or weekly on recorded accounting data, recovery
availability and logon password system

Testing Data
To determine whether new implemented system is performing accurately, test using a test bank
which will get preloaded with the implemented system and using this data in testing execution
cases. Test data would include employee, stock level, ordering and delivering transaction and
customer payment cycle transaction. With increasing number of data testing, real situation of
the system software will reflects on potential business operation on effectiveness and efficiency.


Sample of 12 employees at different fish store, each employee data record include employee
identification number, name, sex, DOB, bank account detail, role at store, working location and
wages.
ID Name Sex D.O.B.
Bank
Account
Role Location Wage Rate
10001 David Smith M 17/01/1980 111-111 Storeman Wollongong $20.50
10002 Joe Challita M 9/08/1970 222-222 Manager Chatswood $26.00
10003 John Maden M 10/11/1989 333-333 Sales Chatswood $19.50
10004 Erin Kero F 27/09/1990 444-444 Counter Gosford $17.00
10005 Fab Alessi M 13/05/1978 555-555 Storeman Gosford $22.50
10006 Boris Sander M 9/10/1965 666-666 Manger Wollongong $27.00
10007 Keyvan Shiri M 23/05/1976 777-777 Sales Gosford $20.00
10008 Nicole Sun F 30/08/1986 888-888 Counter Chatswood $16.50
10009 Fiona Ibrihim F 10/03/1992 999-999 Counter Wollongong $17.00
10010 Alex Walker M 26/11/1984 000-000 Sales Wollongong $18.00
10011 Tim Chang M 18/07/1988 101-101 Storeman Chatswood $21.00
10012 Matthew Sun M 16/12/1977 102-102 Manager Gosford $26.00


Sample of data record for stock level at each fish store branch, include stock ID, stock name,
stock level, branch, cost price and sale price
(Branch: G=Gosford, W=Wollongong, C=Chatswood)
Stock ID Stock Name Stock Level Branch Cost Price Sale Price
100011 Ryukin 70 G,W, C $23.00 $50.00
100012 Lionhead 43 G, W $20.00 $45.00
100013 Fantail 63 G,W, C $7.00 $15.00
100014 Pearl Scale 20 C $10.00 $20.00
100015 Telescope Eye 97 G, C $7.00 $10.00
100016 Oranda 8 C $25.00 $50.00
100017 Black Moore 32 G,W, C $10.00 $15.00
100018 Comet 73 G,W, C $3.00 $5.00
100019 Shubukin 27 G, C $13.00 $20.00



Ordering and Delivering Transaction, include order ID, order branch, date, staff, status, payment
and receipt number.
Order ID Order Branch Date Staff Status Payment Receipt
100011 Gosford 15/08/2013 10012 Complete EFT 10000111001
100012 Wollongong 20/08/2013 10006 Complete Cash 10000111002
100013 Gosford 17/09/2013 10012 Complete Cheque 10000111003
100011 Chatswood 20/09/2013 10002 Complete EFT 10000111004
100013 Gosford 20/10/2013 10012 Pending - -
100018 Wollongong 20/10/2013 10006 Complete Cheque 10000111005
100014 Chatswood 21/10/2013 10002 Pending - -
100014 Chatswood 21/10/2013 10002 Complete EFT 10000111006

Customer Payment Transaction, include customer ID, stock, quantity, sale price, payment type
and amount paid.
Customer
ID
Stock Quantity Sale Price Payment Type Amount
10110 Ryukin 5 $50.00 Cash $250.00
10111 Comet 10 $5.00 EFT $50.00
10112 Lionhead 3 $45.00 Cash $135.00
10113 Ryukin 2 $50.00 EFT $100.00
10114 Fantail 7 $15.00 EFT $105.00
10115 Fantail 5 $15.00 Cash $75.00
10116 Telescope Eye 13 $10.00 EFT $130.00
10117 Black More 5 $15.00 Cash $75.00
10118 Oranda 2 $50.00 Cash $100.00
10119 Shubukin 9 $20.00 Cash $180.00


Testing Examples of Test Data
It is necessary to test system responds to given tasks such as automatic invoice generating by
inserting stock ID and quantity, accurate amount is given to show customer for payment.
Hereby, customer purchase and payment example is taken:


Case:
100111
Version: 1.01.1 Date
Test
Outcome
Operating Steps Expected Output
1: Open ERP system System open smoothly without lag Y
2: Open sale column System correspond Y
3: Create new invoice Right sale recording page is opened up Y
4: Insert stock ID and quantity Total price is calculated correctly Y
5: Total amount shown with correlated stock ID and quantity
purchased
6: Payment option Allocate customer payment amount Y
and payment type to close off open
invoice to complete purchase

Testing Method
The testing aims at the performance of systems functionality, by grouping different data bank
and set up test cases, testing will likely to eliminate any possible bug or errors.
Other testing method such as manual test can also be used to compare result of the tests, as
well as buying automatic testing softwares which is more time efficient compare to manual
testing but is more costly to obtain.
Bugs and errors found during system testing stage have to be reported to ERP system
development team to fix and ensure it unlikely to happen again in real daily business operations.
Test Evaluation
The test evaluation follow up after completion of all test data bank and cases in order to assess
the new system is working effective as originally expected. After all test performed and errors
solved, evaluation report will focus on appropriateness, accuracy and performance of new
implemented system in fitting into Marias Aquariums and conclude with an agreement that it is
able to implement ERP into Marias Aquariums if the system tested meets with the originally
expected requirements.




System Controls
Accounting information system (AIS) has grown very fast, thus the business world has been
faced with more complexity and risk. According to Romney et al. (2013), 67% of companies face
on security breach, more than 45% face on organization crime and 60% reported financial losses.
In accordance Romney and Steinbart (2009) , they divided accounting information system (AIS)
treats to four groups; First one is, natural and political disasters such as earthquakes, cyclones,
tornadoes and etc., Second one is, software errors and equipment malfunctions for instance;
operating system crash, hardware failures and etc., Third one is unintentional acts for example
accident or innocent errors and omissions, that is the greatest risk for information systems and
the greatest dollar losses and finally, intentional acts such as a computer crime, a fraud or
sabotage, which is a deliberate or harm to a system . According to Romney and Steinbart (2009),
function of internal control could be divided to preventive, corrective, detective and inherent
limitation. It should not be missed that a simple error able to effect on business decision making,
fairly judgment and etc., and finally could destroy and abrogate a company.
In accordance to the previous assignment it is recommended Marias Aquariums to chose
enterprise resource planning (ERP) for improving their current system thus Marias Aquariums
for running the new system have to use new technology such as internet, computer and etc.
Current control system of Marias Aquarium is very time consuming , risky and based on the
feasibility study we could understand that, the control system has lots of weaknesses. Definitely
Marias Aquariums new system will be faced on natural and political disaster, software errors,
fraud, abuse technique and etc., same as another advanced business. Therefore, hereby it
should design an internal control for new system based on two categories; general controls and
application controls.
At first, based on the general control it is investigate the organizations control environments
which mean that they manage their security, software, IT texture and etc. On the other hand,
they can design a system for internal controlling that is including the structure, function and
administration information of Marias Aquariums. Moreover we should provide the standard
operating procedure and responsibilities for each position. For example, for Marias Aquariums
all responsibilities and duties about the fish hatchery and breeding should be related to the
professional employees. Based on the general control each employee in different parts of


organization know their responsibility clearly, and know how should be performed in their
section. General control has two other important factors which are texture and environmental
controls. Marias Aquariums should be checked and controlled their central data and
information processing facility and also some other areas as below:
Isolated Breeding facility for protecting from disease
Air conditioning for controlling the level of temperature
Protection from natural disaster such as fire, flood and etc.
Fire detector and fire suppression systems
Power supply such as generators, uninterruptible power supplies and etc.
Arranged and identifiable electrical and network cabling

The other important part of the general control is the level of authority for accessing to the
organizations information. Controlling the physical access and omit existing data are the very
important part of each organization control .The entry to the companys information should be
restricted and just during the normal office hours. On the other hand, each employee based on
position and requirement should be had access to the companys information by authorizing
from management in head office. Each employee should be logged in by her or his security code
thus, based on this system when each employee will entry a new data or omit exist information
that will be recorded by his or her name in new system so management can control their
employee's duties too. Also computer section should have swipe card for each employee that
will be worked with computer. In accordance to Romney and Steinbart (2009) managements
should be sure about the value and accurate of all information so based on this valuable
information they can protect their assets. For accessing to the safety information systems for
Marias Aquariums, the physical access control should be followed the below contents:
Used security cards for entering
providing secure areas by limiting entry permits
Design username and password for each employee has access to the computer
Using dial-back modems
Recording entry and exit of each employee


The third part of general control is the possibility backup measure which means disaster
recovery, the differentiation of systems (separation employees from payroll), the quality
guarantee control and the adequate testing on software revisions. The first one is, backup
measures from the disaster recovery is a very important and relievable parts of general controls
when one or more files of information destroy by the natural disaster or human errors or frauds.
Thus , If by natural disasters Marias Aquariums information destroy, the organization will have
this ability to bring back their data by the backup that have been collected from the information
during the time that organization in normal position. According to the below table we designed
a disaster recovery plane for Marias Aquariums:

Task

Team Support

Evaluating the change

Disaster Management and Facilities
and Operations
Recognized the interested applications

Disaster Management and Operations
Take suitable backups

Operations

Running the appropriate applications at the Standby
Facility

Operations


Informing and training users for using the new
systems

Communications



Ordering the new equipments for replacing the
damaged computer

Operations


Running the new equipments and their programs

Operations

Informing and training employee for using appropriate
from applications
Communication

Request for appropriating recourses at the Standby
Facility
Disaster Management


The last factor of the genera control that is surveyed here is personnel control which means
dividing the duties between the different levels of organization that is including hiring, training,
responsibilities allocation, promotion and termination, also the relevant personnel control
procedures are the rotation duties, the forced vacations and the personal termination policies.
The best internal control happens when a single employee does not have responsibilities in a
business in both, business transaction or process, which means management in company should
not give too much power just into one employee. Therefore, Marias Aquariums should be used
the segregation of duties control plan which means segregation of accounting duties and
segregation of system duties. For achieving a useful segregation of accounting duties, they
should divide the duties between the different groups of employees. Moreover, they should
divided responsibilities for each position because of providing standard operating methods. This
is a security management issue not a technology issue, but when each management decide
about the level of authority of each employee for accessing to the companys information,
based on this part IT should help manager for controlling the authority level of each employee.
When one person has unlimited authority and access to the companys information, thus this
company has high level of risk for facing to fraud. We review in below some divided functions
about the authority and responsibility between the different levels of a company:


System administration: should be operated smoothly and efficiently
Network management: operate correctly in both internal and external network
Security management: safety themselves from internal and external threats
Change management: make smoothly and efficiently , do not negatively affect systems
reliability, security, confidentiality, integrity and availability
Users: they should be recorded transactions, authorize data, use system output
Systems analysis: Determining and designing information needs
Programming: have this ability for designing and creating a system by writing the
computer programs
Computer operations: input data properly and correctly
Information system liability: maintain custody of corporation databases and files
Data control: approve properly data, reconcile output and input, maintain a record of
input errors and resubmit and distribute system output

In the second part of the internal control system it is investigated an application control which is
a very important kind of system controls that is made sure the transaction related to each store
progressed correctly, entered processed, completeness and etc. Application controls based on
computer application systems, include input controls that is related to edit checks, processing
controls which is related to record counts, and output controls which is related to error listings.
In according to the below Marias Aquariums should control their applications:
Input controls: they should ensure that all of the transaction is recording with accurate
and only by authorized users, They should have the ability for identifying rejected,
suspended, and duplicate items and also have ability for ensuring resubmission of
rejected and suspended items such as error listings, key verification
Processing: they should grantee the complete and accurate processing of authorized
transaction, for example: posting checks , end-of-file procedures
Output controls: they should have this ability for ensuring that a complete and accurate
audit trail of the results of processing is reported to appropriate individuals for review,
for instance; example error listings, distribution of registers and reviews of output.


System controls is a very widespread part for each organization and we can find another kinds of
control systems and based on these it can protect the data of company efficiently such as;
integrity controls, the control of trade-off, the control goals of the operation process. Marias
Aquariums should be use internal control for protecting their information from natural disasters
and other negative factors which will have damages on their information systems and the
operation of the company.
















Bibliography

Romney, M, and Steinbart, P 2009, Accounting information Systems: Global Edition, 11th edn,
Pearson Prentice Hall, United States of America.


Marshall B Romney, P. J. (12/E). Accounting Informaiton Systems: Global Edition. Courier
Kendallvilee.

Você também pode gostar