Escolar Documentos
Profissional Documentos
Cultura Documentos
Accounting
Information
Systems: An
Overview
Learning Objectives
Distinguish between data and information.
Discuss the characteristics of useful information.
Explain how to determine the value of information.
Explain the decisions an organization makes
and the information needed to make them.
Identify the information that passes
between internal and external parties and
an AIS.
Explain what an accounting information
system (AIS) is and describe its basic
functions.
Discuss how an AIS can add value to an
organization.
Explain how an AIS and corporate strategy
affect each other.
What Is a System?
System
◦ A set of two or more
interrelated
components interacting
to achieve a goal
Goal Conflict
◦ Occurs when
components act in their
own interest without
regard for overall goal
Goal Congruence
◦ Occurs when
components acting in
their own interest
contribute toward
overall goal
Data vs. Information
Data are facts that are
recorded and stored.
◦ Insufficient for decision
making.
Information is processed
data used in decision
making.
◦ Too much information
however, will make it
more, not less, difficult to
make decisions. This is
known as Information
Overload.
Benefits Costs
Systems working
toward
organizational
goals
Business Process Cycles
Revenue
Expenditure
Production
Human Resources
Financing
Business Transactions
Give–Getexchanges
Between two entities
Measured in economic terms
Accounting Information
Systems
Collect,process, store, and report
data and information
If Accounting = language of
business
AIS = information providing
vehicle
Accounting = AIS
Components of an AIS
Peopleusing the system
Procedures and Instructions
◦ For collecting, processing, and storing data
Data
Software
Information Technology (IT)
Infrastructure
◦ Computers, peripherals, networks, and so
on
Internal Control and Security
◦ Safeguard the system and its data
AIS and Business
Functions
Collectand store data about
organizational:
◦ Activities, resources, and personnel
Transform data into information
enabling
◦ Management to:
Plan, execute, control, and evaluate
Activities, resources, and personnel
Provide adequate control to safeguard
◦ Assets and data
AIS Value Add
Improve Quality and Reduce
Costs
Improve Efficiency
Improve Sharing Knowledge
Improve Supply Chain
Improve Internal Control
Improve Decision Making
Improve Decision Making
Identify situations that require
action.
Provide alternative choices.
Reduce uncertainty.
Provide feedback on previous
decisions.
Provide accurate and timely
information.
Value Chain
The set of activities a product or
service moves along before as
output it is sold to a customer
◦ At each activity the product or
service gains value
Value Chain—Primary
Activities
Value Chain—Support Activities
Value Chain
AIS AND CORPORATE STRATEGY
Organizations have
limited resources, thus
investments to AIS should
have greatest impact on
ROI.
Organizations need to
understand:
IT developments
Business strategy
Organizational culture
Will effect and be
effected by new AIS
CHAPTER 2
External
AIS Parties
Internal External
Parties AIS Parties
Internal External
Parties AIS Parties
Give Get
Goods Cash
BUSINESS CYCLES
Give Get
Cash Goods
BUSINESS CYCLES
Many business activities are
paired in give-get exchanges
The basic exchanges can be
grouped into five major
transaction cycles.
◦ Revenue cycle
◦ Expenditure cycle
◦ Production cycle
◦ Human resources/payroll cycle
◦ Financing cycle
PRODUCTION CYCLE
In the production cycle, raw materials and
labor are transformed into finished goods.
Give Get
Cash Labor
BUSINESS CYCLES
Many business activities are
paired in give-get exchanges
The basic exchanges can be
grouped into five major
transaction cycles.
◦ Revenue cycle
◦ Expenditure cycle
◦ Production cycle
◦ Human resources/payroll cycle
◦ Financing cycle
FINANCING CYCLE
The financing cycle involves interactions
with investors and creditors.
You raise capital (through stock or debt),
repay the capital, and pay a return on it
(interest or dividends).
Give Get
Cash cash
BUSINESS CYCLES
Thousands of transactions can
occur within any of these cycles.
But there are relatively few
types of transactions in a cycle.
BUSINESS CYCLES
EXAMPLE: In the revenue cycle,
the basic give-get transaction is:
◦ Give goods
◦ Get cash
BUSINESS CYCLES
Other transactions in the revenue cycle include:
Production
Production Financing
Financing
Cycle
Cycle Cycle
Cycle
BUSINESS CYCLES
Every transaction cycle:
◦ Relates to other cycles
◦ Interfaces with the general ledger
and reporting system, which
generates information for
management and external parties.
Finished Goods
Da
ta
Fu
General Ledger
nd
s
Data
nds
Fu
General Ledger
and Reporting The expenditure
System cycle
◦ Gets funds from
the financing
cycle
◦ Provides raw
Human Res./ Financing materials to the
Payroll Cycle production cycle
Cycle
◦ Provides data to
the General
Ledger and
Reporting System
Finished Goods
Raw
Mats.
Revenue Expenditure Production
Cycle Cycle Cycle
a ta
D
General Ledger
and Reporting The production
r
bo
System cycle:
La
General Ledger
and Reporting The HR/payroll
r
bo
System cycle:
La
Fu
n
ds
Fu
General Ledger
nd
The Financing
s
and Reporting
System cycle:
◦ Gets funds from
the revenue cycle
Data
◦ Provides funds to
the expenditure
and HR/payroll
Human Res./ Funds Financing cycles
Payroll Cycle Cycle ◦ Provides data to
the General
Ledger and
Reporting System
Revenue Expenditure Production
Cycle Cycle Cycle
Data
ta
D
Da
at
a Information for
General Ledger
Internal & External Users
and Reporting
System
ta
Da The General Ledger
Data
and Reporting
System:
Human Res./ Financing ◦ Gets data from all of
Payroll Cycle Cycle the cycles
◦ Provides
information for
internal and
external users
BUSINESS CYCLES
Many accounting software packages
implement the different transaction
cycles as separate modules.
◦ Not every module is needed in every
organization, e.g., retail companies don’t
have a production cycle.
◦ Some companies may need extra
modules.
◦ The implementation of each transaction
cycle can differ significantly across
companies.
BUSINESS CYCLES
EXAMPLE: The stub on your telephone bill that you tear off
and return with your check when you pay the bill.
The customer account number is coded on the document,
usually in machine-readable form, which reduces the
probability of human error in applying the check to the
correct account.
DATA INPUT
A number of actions can be taken
to improve the accuracy and
efficiency of data input:
◦ Turnaround documents
◦ Source data automation
Capture data with minimal human intervention.
EXAMPLES:
ATMs for banking
Point-of-sale (POS) scanners in retail stores
Automated gas pumps that accept your credit card
DATA INPUT
A number of actions can be taken
to improve the accuracy and
efficiency of data input:
◦ Turnaround documents
◦ Source data automation
◦ Well-designed source documents
and data entry screens
How do these improve the accuracy and efficiency
of data input?
DATA INPUT
A number of actions can be taken
to improve the accuracy and
efficiency of data input:
◦ Turnaround documents
◦ Source data automation
◦ Well-designed source documents and
data entry screens
What does it mean if a document number is missing
in the sequence?
◦ Using pre-numbered documents
or having the system
automatically assign sequential
numbers to transactions
DATA INPUT
A number of actions can be taken
to improve the accuracy and
efficiency of data input:
◦ Turnaround documents
◦ Source data automation
◦ Well-designed source documents and
data entry screens
What does it mean if there are duplicate document
numbers?
◦ Using pre-numbered documents
or having the system
automatically assign sequential
numbers to transactions
DATA INPUT
A number of actions can be taken to
improve the accuracy and efficiency of
data input:
◦ Turnaround documents
◦ Source data automation
◦ Well-designed source documents and data entry
screens
◦ Using pre-numbered documents or having the
system automatically assign sequential numbers
EXAMPLE: Check for inventory availability before
to transactions
completing an online sales transaction.
◦ Verify transactions
TRANSACTION PROCESSING:
THE DATA PROCESSING
CYCLE
The data processing cycle
consists of four steps:
◦ Data input
◦ Data storage
◦ Data processing
◦ Information output
DATA STORAGE
Data needs to be organized for
easy and efficient access.
Let’s start with some vocabulary
terms with respect to data
storage.
DATA STORAGE
Ledger
Student Class
File File
Instructor
File
TRANSACTION PROCESSING:
THE DATA PROCESSING
CYCLE
The data processing cycle
consists of four steps:
◦ Data input
◦ Data storage
◦ Data processing
◦ Information output
DATA PROCESSING
Once data about a business activity
has been collected and entered into
a system, it must be processed.
DATA PROCESSING
There are four different types of file
processing:
◦ Updating data to record the occurrence of
an event, the resources affected by the
event, and the agents who participated,
e.g., recording a sale to a customer.
◦ Changing data, e.g., a customer address
◦ Adding data, e.g., a new customer.
◦ Deleting data, e.g., removing an old
customer that has not purchased
anything in 5 years.
DATA PROCESSING
Updating can be done through
several approaches:
◦ Batch processing
DATA PROCESSING
Batch processing:
◦ Source documents are grouped into
batches, and control totals are calculated.
◦ Periodically, the batches are entered into
the computer system, edited, sorted, and
stored in a temporary file.
◦ The temporary transaction file is run
against the master file to update the
master file.
◦ Output is printed or displayed, along with
error reports, transaction reports, and
control totals.
DATA PROCESSING
Updating can be done through
several approaches:
◦ Batch processing
◦ On-line Batch Processing
DATA PROCESSING
On-line batch processing:
◦ Transactions are entered into a computer
system as they occur and stored in a
temporary file.
◦ Periodically, the temporary transaction
file is run against the master file to
update the master file.
◦ The output is printed or displayed.
DATA PROCESSING
Updating can be done through
several approaches:
◦ Batch processing
◦ On-line Batch Processing
◦ On-line, Real-time Processing
DATA PROCESSING
On-line, Real-time Processing
◦ Transactions are entered into a computer
system as they occur.
◦ The master file is immediately updated
with the data from the transaction.
◦ Output is printed or displayed.
DATA PROCESSING
Updating can be done through
several approaches:
◦ Batch processing
◦ On-line Batch Processing
◦ On-line, Real-time Processing
Ifyou’re going through
enrollment, which of these
approaches would you prefer
that your university was using?
Why?
TRANSACTION PROCESSING:
THE DATA PROCESSING
CYCLE
The data processing cycle
consists of four steps:
◦ Data input
◦ Data storage
◦ Data processing
◦ Information output
INFORMATION OUTPUT
The final step in the information
process is information output.
This output can be in the form of:
◦ Documents
Documents are records of transactions or
other company data.
EXAMPLE: Employee paychecks or
purchase orders for merchandise
Documents generated at the end of the
transaction processing activities are
known as operational documents (as
opposed to source documents).
They can be printed or stored as
electronic images.
INFORMATION OUTPUT
The final step in the information
process is information output.
This output can be
Reports in the
are used form of:
by employees to
control operational activities and
◦ Documentsby managers to make decisions
and design strategies.
◦ Reports They may be produced:
On a regular basis
On an exception basis
On demand
Organizations should periodically
reassess whether each report is
needed.
INFORMATION OUTPUT
The final step in the information
process is information output.
This output can be in the form of:
◦ Documents
Queries are user requests for
◦ Reports specific pieces of information.
They may be requested:
◦ Queries Periodically
One time
They can be displayed:
On the monitor, called soft copy
On the screen, called hard copy
INFORMATION OUTPUT
Output can serve a variety of
purposes:
◦ Financial statements can be provided
to both external and internal parties.
◦ Some outputs are specifically for
internal use:
For planning purposes
Examples of outputs for planning
purposes include:
Budgets
Budgets are an entity’s formal
expression of goals in financial terms
Sales forecasts
INFORMATION OUTPUT
Output can serve a variety of
purposes:
◦ Financial statements can be provided
to both external and internal parties.
◦ Some outputs are specifically for
internal use:
For planning purposes
For management of day-to-day
operations
Example: delivery schedules
INFORMATION OUTPUT
Performance reports are outputs that
are used for control purposes.
Output can
These serve a variety of
reports compare an
purposes:
organization’s standard or expected
performance with its actual outcomes.
◦ Financial statements
Management can beisprovided
by exception an
approach
to both externalto utilizing performance
and internal parties.
reports that focuses on investigating
◦ Someandoutputs
acting onare specifically
only for that
those variances
are significant.
internal use:
For planning purposes
For management of day-to-day
operations
For control purposes
INFORMATION OUTPUT
Output can serve a variety of
purposes:
◦ Financial statements can be provided
to both external and internal parties.
◦ Some outputs are specifically for
internal use:
For planning purposes
For management of day-to-day operations
For control
These purposes
outputs might include:
For evaluation
Surveys purposes
of customer satisfaction
Reports on employee error rates
Introduction to
e-Business
Chapter 3
Learning Objectives
1. Explain what e-business is and
how it affects organizations.
2. Discuss methods for increasing
the likelihood of success and for
minimizing the potential risks
associated with e-business.
3. Describe the networking and
communications technologies
that enable e-business.
Introduction: E-Business
E-business encompasses
an organization’s external
interactions with its:
◦ Suppliers
◦ Customers
◦ Investors
◦ Creditors
◦ The government
◦ Media
E-business includes the use of IT to
redesign its internal processes.
For organizations in many
industries, engaging in e-business
is a necessity.
Engaging in e-business in and of
itself does not provide a
competitive advantage.
However, e-business can be used
to more effectively implement its
basic strategy and enhance the
effectiveness and efficiency of its
value-chain activities.
E-Business Models
Business to Consumers (B2C):
Interactions between individuals
and organizations.
Business to Business (B2B):
Interorganizational e-business.
Categories of E-Business
Type of E- Characteristics
Business
B2C Organization-individual
Smaller dollar value
Relatively simple
B2B Interorganizational
B2G Larger dollar value
customer
More complex
E-Business Effects on
Business Processes
Electronic Data Interchange (EDI):
Standard protocol, available since
the 1970s, for electronically
transferring information between
organizations and across business
processes.
EDI:
◦ Improves accuracy
◦ Cuts costs
Recent EDI Facilitators
Traditional EDI was
expensive.
New developments that have
removed this cost barrier are:
◦ The Internet: Eliminates the
need for special proprietary
third-party networks.
◦ XML: Extensible Markup
Language – Set of standards for
defining the content of data on
Web pages.
Integrated Electronic Data
Interchange (EDI)
Reaping the full benefits of EDI
requires that it be fully integrated
with the company’s AIS.
EDI
Suppliers Company
Purchase orders AIS
EDI
Customers Customer orders
E-Business Effects on Value Chain Activities
Value Chain – E-Business Opportunity
Primary Activities
Inbound logistics Acquisition of digitizable products
Reduced inventory “buffers”
Operations Faster, more accurate production
3. Orders
4. Acknowledgment
5. Billing
6. Remittance data
Explanations:
EDI = Steps 1-6 7. Payments
EFT = Step 7
FEDI = Steps 1-7
Financial Electronic Data
Interchange (FEDI)
The use of EDI to exchange information
is only part of the buyer-seller
relationship in business-to-business
electronic commerce.
Electronic funds transfer (EFT) refers to
making cash payments electronically,
rather than by check.
EFT is usually accomplished through the
banking system’s Automated Clearing
House (ACH) network.
◦ An ACH credit is an instruction to your bank to
transfer funds from your account to another account.
◦ An ACH debit is an instruction to your bank to
transfer funds from another account into yours.
Financial Electronic Data
Interchange (FEDI)
Company A Company B
Remittance data
and payment
instruction
Company A’s Company B’s
bank bank
Remittance data and funds
E-Business Success
Factors
The degree to which e-business
activities fit and support the
organization’s overall business
strategy.
The ability to guarantee that e-
business processes satisfy the
three key characteristics of any
business transaction
◦ Validity
◦ Integrity
◦ Privacy
Digital Signatures and
Digests
Digitalsignature: An electronic
message that uniquely identifies
the sender of that message.
Digest: The message that is used to
create a digital signature or digital
summary.
◦ If any individual character in the
original document changes, the value
of the digest also changes. This
ensures that the contents of a
business document have not been
altered or garbled during transmission
Digital Certificates & Certificate
Authorities
Digital Certificate: Used to verify the identity of
the public key’s owner.
◦ A digital certificate identifies the owner of a
particular private key and the corresponding
public key, and the time period during which
the certificate is valid.
Digital certificates are issued by a reliable third
party, called a Certificate Authority, such as:
◦ Verisign
◦ Entrust
◦ Digital Signature Trust
The certificate authority’s digital signature is
also included on the digital certificate so that
the validity of the certificate can also be
verified.
Types of Networks
The global networks used by many
companies to conduct electronic
commerce and to manage internal
operations consist of two components:
1 Private portion owned or leased by the
company
2 The Internet
The private portion can be further divided into two
subsets:
1 Local area network (LAN) — a system of computers
and other devices, such as printers, that are located
in close proximity to each other.
2 Wide area network (WAN) — covers a wide
geographic area.
Types of Networks
Companies typically own all the
equipment that makes up their local
area network (LAN).
They usually do not own the long-
distance data communications
connections of their wide area
network (WAN).
They either contract to use a value-
added network (VAN) or use the
Internet.
Types of Networks
The Internet is an international
network of computers (and smaller
networks) all linked together.
What is the Internet’s backbone?
– the connections that link those computers
together
Portionsof the backbone are owned by
the major Internet service providers
(ISPs).
Types of Networks
What is an Intranet?
The term Intranet refers to
internal networks that connect to
the main Internet.
They can be navigated with the
same browser software, but are
closed off from the general
public.
What are Extranets?
Types of Networks
Extranets link the intranets of
two or more companies.
Either the Internet or a VAN can
be used to connect the
companies forming the extranet.
Value-added networks (VAN) are
more reliable and secure than the
Internet, but they are also
expensive.
Types of Networks
Companies build a virtual private
network (VPN) to improve
reliability and security, while still
taking advantage of the Internet.
Company A
AIS VPN ISP
equipment
Internet
Data Communications
System Components
There are five basic components in any
data communication network (whether
it is the Internet, a LAN, a WAN, or a
VAN):
1 The sending device
2 The communications interface device
3 The communications channel
4 The receiving device
5 Communication software
Data Communications
System Components
The following are
components of the data
communications model:
– interface devices
– communications software
– communications channel
Interface Devices
There are six basic communication
interface devices that are used in
most networks:
1 Network interface cards
2 Modems
3 Remote access devices
4 Hubs
5 Switches
6 Routers
Interface Devices
Company A
Internet service
PC-1 PC-2 PC-3 provider
NIC NIC NIC
Remote access
device
Satellite
Microwave stations
Satellite Communications
Network Configuration
Options
Local area networks (LANs) can
be configured in one of three
basic ways:
1 Star configuration
2 Ring configuration
3 Bus configuration
Network Configuration
Options
A star configuration is a LAN
configured as a star; each device
is directly connected to the
central server.
All communications between
devices are controlled by and
routed through the central server.
Typically, the server polls each
device to see if it wants to send a
message.
Network Configuration
Options
The star configuration is the most
expensive way to set up a LAN, because
it requires the greatest amount of
wiring.
A B C
H Host computer D
or server
G F E
Network Configuration Options
In a LAN configured as a ring, each
node is directly linked to two other
nodes
B
A C
H D
G E
F
Network Configuration
Options
In a LAN configured as a bus, each device
is connected to the main channel, or bus.
Communication control is decentralized on
bus networks.
Bus channel
A B C D
Host computer
or server
E F G H
Network Configuration
Options
Wide area networks (WANs) can
be configured in one of three
basic ways:
1 Centralized system
2 Decentralized system
3 Distributed data processing
Network Configuration
Options
In a centralized WAN, all
terminals and other devices are
connected to a central corporate
computer.
Network Configuration
Options
Ina decentralized WAN, each
departmental unit has its own computer
and LAN.
Decentralized systems usually are better
able to meet individual department and
user needs than are centralized systems .
Network Configuration Options
Relational
Databases
Types of Files
Two basic types of files are used
to store data.
1 The master file, which is
conceptually similar to a ledger in
a manual system.
2 The transaction file, which is
conceptually similar to a journal
in a manual system.
File Approach
For many years, companies created
new files and programs each time an
information need arose.
This proliferation of master files
created problems:
1 Often the same data was stored in two
or more separate files.
2 The specific data values stored in the
different files were not always
consistent.
File-Oriented Approach
File 1
Fact A Sales
Fact B Program
Fact C
File 2
Fact B Shipping
Fact D Program
Fact E
File 3
Fact A Billing
Fact G Program
Fact E
Databases
The database approach views data as an
organizational resource that should be
used by, and managed for, the entire
organization, not just the originating
department or function.
Its focus is data integration and data
sharing.
Integration is achieved by combining
master files into larger pools of data that
can be accessed by many application
programs.
Databases
Database management system
(DBMS) is the program that
manages and controls access to the
database.
Database system is the combination
of the database, the DBMS, and the
application program that uses the
database.
Database administrator (DBA) is the
person responsible for the
database.
Database Approach
Database Sales Program
Fact A
Database
Fact B Shipping
management
Program
Fact C system
Fact D
Fact E Billing
Program
Relational Databases
Databases differ in the type of data
model they are designed with
A data model is an abstract
representation of the contents of a
database.
The relational data model represents
everything in the database as being
stored in the form of tables.
Technically, these tables are called
relations.
Relational Databases
Each row in a relation, called a
tuple, contains data about a
specific occurrence of the type of
entity represented by that table.
Logical and Physical
Views of Data
A major advantage of database
systems over file-oriented
systems is that the database
systems separate the logical and
physical view of data.
What is the logical view?
◦ It is how the user or programmer
conceptually organizes and
understands the data.
Logical and Physical
Views of Data
What is the physical view?
◦ It refers to how and where the data
are physically arranged and stored on
disk, tape, CD-ROM, or other media.
The DBMS controls the database
so that users can access, query,
or update it without reference to
how or where the data are
physically stored.
Logical and Physical
Views of Data
Database
Operating
DBMS system
Logical and Physical
Views of Data
Program-data independence
is the separation of the logical
and physical views of data.
Schemas
A schema describes the logical
structure of a database.
There are three levels of
schemas:
1Conceptual-level schema
2External-level schema
3Internal-level schema
Schemas
The conceptual-level schema is
an organization-wide view of the
entire database.
The external-level schema
consists of a set of individual user
views of portions of the database,
also referred to as a subschema.
The internal-level schema
provides a low-level view of the
database.
Schemas
Cash receipt
Schemas
Cash receipt
Mapping conceptual level facts to internal level descriptions
Inventory Record
Item number – integer (5), non-null, index =
itemx Description – character (15)
The Data Dictionary
The data dictionary contains
information about the structure of
the database.
For each data element stored in
the database, such as the
customer number, there is a
corresponding record in the data
dictionary describing it.
The Data Dictionary
The data dictionary is often one
of the first applications of a newly
implemented database system.
What are some inputs to the data
dictionary?
– records of any new or deleted data
elements
– changes in names, descriptions, or
uses of existing data elements
The Data Dictionary
What are some outputs of the
data dictionary?
– reports useful to programmers,
database designers, and users of
the information system
What are some sample reports?
– lists of programs in which a data
item is used
– lists of all synonyms for the data
elements in a particular file
DBMS Languages
Every DBMS must provide a means of
performing the three basic functions:
1Creating the database
2Changing the database
3Querying the database
The sets of commands used to perform
these functions are referred to as the
data definition, data manipulation, and
data query languages.
DDL Language
The data definition language
(DDL) is used to...
– build the data dictionary.
– initialize or create the database.
– describe the logical views for each
individual user or programmer.
– specify any limitations or constraints
on security imposed on database
record or fields.
DML Language
The data manipulation language
(DML) is used for data
maintenance.
What does it include?
– updating portions of the database
– inserting portions of the database
– deleting portions of the database
DQL Language
The data query language (DQL) is
used to interrogate the database.
The DQL retrieves, sorts, orders,
and presents subsets of the
database in response to user
queries.
Basic Requirements of the
Relational Data Model
1. Each column in a row must be single
valued.
2. Primary keys cannot be null.
3. Foreign keys, if not null, must have
values that correspond to the value
of a primary key in an other relation.
4. All non-key attributes in a table
should describe a characteristic
about the object identified by the
primary key.
Approaches to Database
Design
Normalization
◦ Starts with the assumption that all data is
initially stored in a large non-normalized
table.
◦ This table is then decomposed using a set
of normalization rules to create a set of
tables in the Third Normal Form.
Semantic Data Modeling
◦ The database designer uses his/her
knowledge about the business structure to
create a set of relational tables.
Database Systems and the
Future of Accounting
Database systems have the
potential to significantly alter the
nature of external reporting.
Perhaps the most significant
effect of database systems will be
in the way that accounting
information is used in decision
making.
Designing and Implementing
a Database System
Six basic steps in designing and
implementing a database system:
1. Initial planning to determine the
need for and feasibility of
developing a new system (planning
stage).
2. Identifying user needs (requirements
analysis stage).
3. Developing the contextual-,
external-and internal- level schemas
(design stage).
Designing and Implementing
a Database System
4. Translating the internal-level
schema into the actual database
structures that will be
implemented in the new system
(coding stage).
5. Transferring all data from the
existing system to the new
database (implementation stage).
6. Using and maintaining the new
system (operation and
maintenance stage).
The REA Data Model
Data Modeling in the database Design Process
Operation and
Planning
maintenance
Data Requirements
Implementation
modelin analysis
g occurs
here
Design Coding
The REA Data Model
Economic
Duality
GIVE
Resource B Outflow Participant Internal Agent
Resource B
Sample REA diagram
Participant
Economic
Customer
Duality
Participant
Cash
Cash Stock-flow Participant Cashier
Receipts
REA Diagram, Step 1:
Identify Economic Exchange Events
In drawing an REA diagram for an
individual cycle, it is useful to divide
the paper into three columns, one for
each type of entity.
◦ Left column should be used for resources.
◦ Middle column should be used for events.
◦ Right column should be used for agents.
REA Diagram, Step 1:
Identify Economic Exchange Events
The basic economic exchange in the
revenue cycle involves the sale of
goods or services and the subsequent
receipt of cash in payment for those
sales.
The REA diagram for S&S’s revenue
cycle shows the drawing of sales and
cash receipts events entities as
rectangles and the relationship
between them as a diamond.
REA Diagram, Step 2:
Identify Resources and Agents
Once the events of interest have
been specified, the resources that
are affected by those events
need to be identified.
The sales event involves the
disposal of inventory.
The cash receipts event involves
the acquisition of cash.
REA Diagram, Step 2:
Identify Resources and Agents
After specifying the resources
affected by each event, the next
step is to identify the agents who
participate in those events.
There will always be at least one
internal agent (employee) and, in
most cases, an external agent
(customer).
REA Diagram, Step 3:
Include Commitment Events
The third step in drawing an REA
diagram is analyzing each economic
exchange event to determine whether
it can be decomposed into a
combination of one or more
commitment exchange events.
Example: The sales event may be
decomposed into the “take order”
commitment event and the “deliver
order” economic exchange event
Decomposing Sales into
Orders and Sales
Customer
Inventory- (1,N) (1,1) Participant (0,N) Customer
Orders
Orders
(0,N) (1,1)
(0,1) Participant
(0,N)
Inventory- Leads to
Inventory (0,N) Salesperson
Sales (0,N)
(0,1)
(1,N)
Participant
(1,1)
Sales
Cash
Sales (0,1) (1,1)
Receipts
Different types of
relationships
Cash
Sales (0,N) (1,1)
Receipts
Different types of
relationships
Cash
Sales (0,1) (1,N)
Receipts
Different types of
relationships
Cash
Sales (0,N) (1,N)
Receipts
Implementing an REA
Diagram in a Relational
Database
An REA diagram can be used
to design a well-structured
relational database.
A well-structured relational
database is one that is not
subject to update, insert, and
delete anomaly problems.
Implementing an REA Diagram in
a Relational Database
Implementing an REA diagram in
a relational database is a three-
step process:
1. Create a table for each distinct entity
and for each many-to many relationship
2. Assign attributes to appropriate tables
3. Use foreign keys to implement one-to-
one and one-to-many relationships
Create Tables
From the previously discussed REA diagram, nine
tables would be created: one for each of the seven
entities and one for each of the many-to-many
relationships.
1. Inventory 6. Cash
disbursements
2. Purchases
7. Cash
3. Employees 8. Purchases-
4. Vendors inventory
5. Cashier 9. Purchases-cash
disbursements
Assign Attributes for Each
Table
Primary keys: Usually, the
primary key of a table
representing an entity is a single
attribute.
Other Attributes: Additional
attributes are included in each
table to satisfy transaction
processing requirements.
Implement One-to-One and
One-to-Many Relationships
One-to-One Relationships: In a
relational database, one-to-one
relationships between entities
can be implemented by including
the primary key of one entity as a
foreign key in the table
representing the other entity.
No examples of 1:1 relationships
in the sample diagram
Implement One-to-One and
One-to-Many Relationships
One-to-Many Relationships: In a relational
database, one-to-many relationships can
be also implemented in relation to
databases by means of foreign keys.
The primary key of the entity with the
maximum cardinality of N becomes a
foreign key in the entity with a maximum
cardinality of 1
Examples: Employee number and vendor
number are foreign keys in the purchases
event and in the cash disbursement event
Chapter 5
Data Flows
Transformation Processes
Data Stores
Data Flow Diagram
Symbols
A data source or data destination symbol on
the DFD represents an organization or
individual that sends or receives data that
they system uses or produces.
A data flow represents the flow of data
between processes, data stores and data
sources and destinations.
A transformation process represents the
transformations of data.
A data store is a temporary or permanent
repository of data.
A data dictionary contains description of all
the elements, stores, and flows in a system.
Data Flow Diagrams
Data Process
source Data flow (B) Data flow (D)
(A) (C)
Bank
(J)
Data Flow Diagrams
Accounts
receivable
(H)
(G)
Remittance Receivables
data Update information Credit
(D) receivables (I) manager
(F) (K)
Data Flow Diagrams
Data flow diagrams are subdivided into
successively lower levels in order to
provide increasing amounts of detail.
The highest-level DFD is referred to as
a context diagram.
What is the context diagram for S&S
payroll processing?
Data Flow Diagrams
Time
Departments cards
Payroll
processing
system
Human
resources Employee
data
Data Flow Diagrams
Document
Online keying
Display
Input/output;
Journal/ledger
Flowchart Symbols:
Some Processing Symbols
Symbol Name
Manual operations
Computer processing
Auxiliary operation
Flowchart Symbols:
Some Storage Symbols
Symbol Name
Magnetic disk
Magnetic tape
Flowchart Symbols: Some Flow
and Miscellaneous Symbols
Symbol Name
Document or processing flow
On-page connector
Off-page connector
Terminal
Decision
What are Document
Flowcharts?
A document flowchart illustrates the
flow of documents and information
between areas of responsibility within
an organization.
A document flowchart is particularly
useful in analyzing the adequacy of
control procedures.
Flowcharts that describe and evaluate
internal controls are often referred to
as internal control flowcharts.
What are System
Flowcharts?
System flowcharts depict the
relationship among the input,
processing, and output of an AIS.
A system flowchart begins by
identifying both the inputs that
enter the system and their origins.
The input is followed by the
processing portion of the
flowchart.
What are Computer System Flowcharts?
The resulting new information is the
output component.
System flowcharts are an important tool
of system analysis, design, and
evaluation.
Input
Storage Process
Output
What are Program
Flowcharts?
A program flowchart describes the
specific logic to perform a process
shown on a systems flowchart.
A flow line connects the symbols
and indicates the sequence of
operations.
The processing symbol represents
a data movement or arithmetic
calculation.
What are Program
Flowcharts?
Input data
No
If a condition is met
Yes
Perform calculation
Update record
What are Program
Flowcharts?
The input/output symbol represents
either reading of input or writing of
output.
The decision symbol represents a
comparison of one or more variables
and the transfer of flow to alternative
logic paths.
All points where the flow begins or
ends are represented by the terminal
symbol.
Flowchart for Processing
Credit Orders
Enter
Start sales
order
Approved No Reject
for credit? order
Yes
Inventory No Back-
available? order
Yes
Prepare
Evaluate Prepare
conceptual
design design
systems
alternatives specifications
design report
Conceptual Systems
Design
Evaluate design alternatives:
The design team should identify
and evaluate design alternatives
using the following criteria:
1. How well it meets organizational and
system objectives
2. How well it meets users’ needs
3. Whether it is economically feasible
4. Its advantages and disadvantages
Conceptual Systems
Design
Prepare design specifications:
Once a design alternative has been
selected, the team develops the
conceptual design specifications for
the following elements:
1. Output
2. Data storage
3. Input
4. Processing procedures and operations
Conceptual Systems
Design
Prepare conceptual systems design
report:
At the end of the conceptual design a
conceptual systems design report is
developed and submitted.
1. To guide physical systems design activities
2. To communicate how management and
user information needs will be met
3. To help assess systems’ feasibility
Physical Systems Design
Physical design translates the
broad, user-oriented AIS
requirements of conceptual
design into detailed specifications
that are used to code and test
the computer program.
Conceptual Physical
systems design systems design
Physical Systems Design
Output Program
design design
Input Controls
design design
Physical Systems Design:
Output Design
The objective of output design is
to determine the characteristics
of reports, documents, and
screen displays.
Output fits into one of four
categories:
1. Scheduled reports
2. Special-purpose analysis
3. Triggered exception reports
4. Demand reports
Physical Systems Design: File
and Database Design
What are some file and database
design considerations?
– medium of storage
– organization and access
– processing mode
– maintenance
– size and activity level
Physical Systems Design:
Input Design
When evaluating input design,
the design team must identify
the different types of data input
and optimal input method.
What are the two principal
types of data input?
1. Forms
2. Computer screens
Physical Systems Design:
Program Design
Program design is one of the most
time-consuming activities in the entire
SDLC.
Programs should be subdivided into
small, well-defined modules to reduce
complexity.
What is this referred to as?
– structured programming
Modules should interact with a control
module rather than with each other.
Physical Systems Design: Procedures
Design
Procedures design should answer the
who, what, where, and how questions
related to all AIS activities.
What should procedures cover?
input preparation
transaction processing
error detection and corrections
controls
reconciliation of balances
database access
output preparation and distribution
computer operator instructions
Physical Systems Design: Control
Design
What are some control design considerations?
Validity Authorization
Accuracy Security
Numerical Control Availability
Maintainability Integrity
Audit Control
Physical Systems Design Report
Conversion
Systems Implementation:
Implementation Planning
An implementation plan consists of
implementation tasks, expected
completion dates, cost estimates,
and the person or persons
responsible for each task.
Planning should include
adjustments to the company’s
organizational structure.
Systems Implementation: Develop
and test software programs
Seven steps are followed when
developing and testing software
programs.
1. Determine user needs.
2. Develop a plan.
3. Write program instructions (code).
4. Test the program.
5. Document the program.
6. Train program users.
7. Install and use the system.
Systems Implementation:
Site Preparation
A PC requires little site
preparation.
A large system may require
extensive changes, such as
additional electrical outlets.
Site preparation should begin
well in advance of the
installation date.
Systems Implementation:
Select and train personnel
Employees can be hired from
outside the company or
transferred internally.
Effective AIS training should
include employees’ orientation to
new policies and operations.
Training should occur before
systems testing and
conversion.
Systems Implementation:
Complete Documentation
Three types of documentation
must be prepared for new
systems.
1. Development documentation
2. Operations documentation
3. User documentation
Systems Implementation:
Test the System
There are three common forms
of testing.
1. Walk-through
2. Processing of test transactions
3. Acceptance tests
Systems Implementation:
Conversion
There are four conversion
approaches.
1. Direct conversion
2. Parallel conversion
3. Phase-in conversion
4. Pilot conversion
Systems Implementation
Direct Conversion Method
Old system
New system
Old system
New system
Systems Implementation
Pilot Conversion Method
1 2 3 1 2 3
1 2 3 1 2 3
Satisfaction Errors
Benefits Training
Costs Communications
Documentation Accuracy
Timeliness Compatibility
5.3 Approaches to System
Development
Purchase Software
Investigate
software
packages
Benefits of Outsourcing
A business and information solution
Asset utilization
Access to greater expertise and
more advanced technology
Lower costs
Improved development time
Elimination of peaks and valleys usage
Facilitation of downsizing
Outsource the System
Risks of Outsourcing
Inflexibility
Loss of control of system and/or data
Reduced competitive advantage
Locked-in system
Unfulfilled goals
Possibility of poor service
Business Processes
Reengineering
What is business process reengineering
(BPR)?
It is the thorough analysis and complete
redesign of business process and
information systems to achieve
performance improvements.
It is a process that challenges traditional
organizational values and cultures
associated with underperformance.
Business Processes
Reengineering
BPR reduces a company to its
essential business processes and
focuses on why they are done
rather than on the details of how
they are done.
It completely reshapes
organizational work practices and
information flows to take
advantage of technological
advancements.
Challenges Faced by Reengineering
Efforts
What are some of the obstacles to
reengineering efforts?
Tradition Resistance
Retraining Controls
Prototyping
What is prototyping?
– an approach to systems design in
which a simplified working model of
a system is developed.
A prototype, or “first draft,” is
quickly and inexpensively built
and provided to users for testing.
Prototyping
What four steps are involved in
developing a prototype?
1. Identify basic systems requirements.
2. Develop an initial prototype that meets the
agreed-on requirements.
3. Users identify changes, developers make
changes, and the system is turned over to
the user.
4. Use the system approved by the users.
Benefits of Prototyping
Advantages of Prototyping
Better definition of user needs
Higher user involvement and satisfaction
Faster development time
Fewer errors
More opportunity for changes
Less costly
Disadvantages of
Prototyping
Disadvantages of Prototyping
Significant user time
Less efficient use of system resources
Incomplete systems development
Inadequately tested and
documented systems
Negative behavioral reactions
Unending development
Computer-Aided Software
Engineering (CASE)
CASE is an integrated package of
computer-based tools that automate
important aspects of the software
development process.
CASE tools are used to plan, analyze,
design, program, and maintain an
information system.
They are also used to enhance the
efforts of managers, users, and
programmers in understanding
information needs.
Computer-Aided Software
Engineering (CASE)
CASE tools do not replace skilled
designers; instead they provide a host
of self-integrated tools that give
developers effective support for all
SDLC phases.
CASE software typically has tools for
strategic planning, project and system
management, database design, screen
and report layout, and automatic code
generation.
Computer-Aided Software Engineering
(CASE)
Chapter 7
Introduction
This chapter discusses the five interrelated
components of the Committee of Sponsoring
Organizations (COSO’s) internal control
model.
What is the traditional definition of internal
control?
Internal control is the plan of organization
and the methods a business uses to
safeguard assets, provide accurate and
reliable information, promote and improve
operational efficiency, and encourage
adherence to prescribed managerial policies.
Overview of Control
Concepts
What is management control?
Management control encompasses the
following three features:
1 It is an integral part of management
responsibilities.
2 It is designed to reduce errors,
irregularities, and achieve
organizational goals.
3 It is personnel-oriented and seeks to
help employees attain company goals.
Internal Control
Classifications
The specific control procedures
used in the internal control and
management control systems may
be classified using the following four
internal control classifications:
1Preventive, detective, and corrective controls
2General and application controls
3Administrative and accounting controls
4Input, processing, and output controls
Committee of Sponsoring
Organizations
The Committee of Sponsoring
Organizations (COSO) is a private
sector group consisting of five
organizations:
1American Accounting Association
2American Institute of Certified Public
Accountants
3Institute of Internal Auditors
4Institute of Management Accountants
5Financial Executives Institute
Committee of Sponsoring
Organizations
The COSO study defines internal
control as the process implemented
by the board of directors,
management, and those under
their direction to provide
reasonable assurance that control
objectives are achieved with regard
to:
– effectiveness and efficiency of operations
– reliability of financial reporting
– compliance with applicable laws and
regulations
COSO’sinternal control
model has five crucial
components:
1Control environment
2Control activities
3Risk assessment
4Information and
communication
5Monitoring
Information Systems Audit and Control
Foundation
The Information Systems Audit and Control Foundation
(ISACF) recently developed the Control Objectives for
Information and related Technology (COBIT).
COBIT consolidates standards from 36 different sources
into a single framework.
The framework addresses the issue of control from three
vantage points, or dimensions:
1 Information: needs to conform to certain criteria that
COBIT refers to as business requirements for
information
2 IT resources: people, application systems, technology,
facilities, and data
3 IT processes: planning and organization, acquisition and
implementation, delivery and support, and monitoring
The Control Environment
The first component of COSO’s internal control
model is the control environment.
The control environment consists of many
factors, including the following:
1Commitment to integrity and ethical values
2Management’s philosophy and operating style
3Organizational structure
4The audit committee of the board of directors
5Methods of assigning authority and
responsibility
6Human resources policies and practices
7External influences
Control Activities
The second component of COSO’s internal
control model is control activities.
Generally, control procedures fall into one
of five categories:
1Proper authorization of transactions and
activities
2Segregation of duties
3Design and use of adequate documents
and records
4Adequate safeguards of assets and
records
5Independent checks on performance
Proper Authorization of
Transactions and Activities
Authorization is the empowerment
management gives employees to
perform activities and make
decisions.
Digital signature or fingerprint is a
means of signing a document with a
piece of data that cannot be forged.
Specific authorization is the granting
of authorization by management for
certain activities or transactions.
Segregation of Duties
Good internal control demands
that no single employee be given
too much responsibility.
An employee should not be in a
position to perpetrate and
conceal fraud or unintentional
errors.
Segregation of Duties
Custodial Functions
Handling cash
Handling assets
Writing checks
Receiving checks in mail Authorization Functions
Authorization of
Recording Functions transactions
Preparing source documents
Maintaining journals
Preparing reconciliations
Preparing performance reports
Segregation of Duties
Iftwo of these three functions are the
responsibility of a single person,
problems can arise.
Segregation of duties prevents
employees from falsifying records in
order to conceal theft of assets
entrusted to them.
Prevent authorization of a fictitious or
inaccurate transaction as a means of
concealing asset thefts.
Segregation of Duties
Segregation of duties prevents an
employee from falsifying records
to cover up an inaccurate or false
transaction that was
inappropriately authorized.
Design and Use of Adequate
Documents and Records
The proper design and use of
documents and records helps
ensure the accurate and
complete recording of all relevant
transaction data.
Documents that initiate a
transaction should contain a
space for authorization.
Design and Use of Adequate
Documents and Records
The following procedures safeguard
assets from theft, unauthorized use,
and vandalism:
– effectively supervising and segregating
duties
– maintaining accurate records of assets,
including information
– restricting physical access to cash and paper
assets
– having restricted storage areas
Adequate Safeguards of
Assets and Records
What can be used to safeguard
assets?
– cash registers
– safes, lockboxes
– safety deposit boxes
– restricted and fireproof storage areas
– controlling the environment
– restricted access to computer rooms,
computer files, and information
Independent Checks on
Performance
Independent checks ensure that
transactions are processed accurately
are another important control element.
What are various types of
independent checks?
– reconciliation of two independently maintained
sets of records
– comparison of actual quantities with recorded
amounts
– double-entry accounting
– batch totals
Independent Checks on Performance
Fivebatch totals are used in
computer systems:
1 A financial total is the sum of a dollar field.
2 A hash total is the sum of a field that would
usually not be added.
3 A record count is the number of documents
processed.
4 A line count is the number of lines of data
entered.
5 A cross-footing balance test compares the
grand total of all the rows with the grand total
of all the columns to check that they are equal.
Risk Assessment
Thethird component of COSO’s internal control
model is risk assessment.
Companies must identify the threats they face:
– strategic — doing the wrong thing
– financial — having financial resources lost, wasted, or stolen
– information — faulty or irrelevant information, or unreliable
systems
Companies that implement electronic data interchange
(EDI) must identify the threats the system will face, such
as:
1Choosing an inappropriate technology
2Unauthorized system access
3Tapping into data transmissions
4Loss of data integrity
Risk Assessment
5 Incomplete transactions
6 System failures
7 Incompatible systems
Risk Assessment
Some threats pose a greater risk
because the probability of their
occurrence is more likely. For example:
A company is more likely to be the
victim of a computer fraud rather than
a terrorist attack.
Risk and exposure must be considered
together.
Estimate Cost and
Benefits
No internal control system can
provide foolproof protection
against all internal control
threats.
The cost of a foolproof system
would be prohibitively high.
One way to calculate benefits
involves calculating expected
loss.
Estimate Cost and
Benefits
The benefit of a control
procedure is the difference
between the expected loss with
the control procedure(s) and the
expected loss without it.
Expected loss = risk × exposure
Information and Communication
The fourth component of COSO’s
internal control model is information
and communication.
Accountants must understand the
following:
1 How transactions are initiated
2 How data are captured in machine-readable
form or converted from source documents
3 How computer files are accessed and updated
4 How data are processed to prepare information
5 How information is reported
6 How transactions are initiated
Information and
Communication
Allof these items make it possible for
the system to have an audit trail.
An audit trail exists when individual
company transactions can be traced
through the system.
Monitoring Performance
The fifth component of COSO’s
internal control model is
monitoring.
What are the key methods of
monitoring performance?
– effective supervision
– responsibility accounting
– internal auditing
The Four Principles of a
Reliable System
1. Availability of the system when needed.
2. Security of the system against
unauthorized physical and logical
access.
3. Maintainability of the system as
required without affecting its
availability, security, and integrity.
4. Integrity of the system to ensure that
processing is complete, accurate,
timely, and authorized.
The Criteria Used To Evaluate
Reliability Principles
For each of the four principles of reliability,
three criteria are used to evaluate whether or
not the principle has been achieved.
1. The entity has defined, documented, and
communicated performance objectives, policies,
and standards that achieve each of the four
principles.
2. The entity uses procedures, people, software, data,
and infrastructure to achieve each principle in
accordance with established policies and standards.
3. The entity monitors the system and takes action to
achieve compliance with the objectives, policies,
and standards for each principle.