Internal control summary
Book 1: Accounting information systems
Chapter 1: Accounting information systems: an overview
Introduction
System: Detailed methods, procedures, and routines that carry out
activities, perform a duty, achieve goals or objectives, or solve problems.
Goal conflict: subsystem’s goals are inconsistent with the goals of other
subsystems.
Goal congruence: when a subsystem achieves its goals while contributing
to the organization’s overall goal.
Data: facts that are collected, recorded, stored, and processed by an
information system.
Information: data that have been organized and processed to provide
meaning and improve decision-making.
Data is most useful when it is in a machine-readable format, that can be
read and processed by a computer.
Information overload occurs when the amount of information a human
mind can absorb, and process gets exceeded. This results in a
decline in decision-making quality and an increase in the cost of
providing information. IT is a solution to this problem.
An information system is the people and technologies in an
organization that produce information. The value of information is
benefits – costs.
Business processes
A business process is a set of related, coordinated, and structured
activities and tasks that are performed by a person, a computer, or a
machine, and that help accomplish a specific organizational goal.
To make effective decisions, organizations must decide what decisions
they need to make, what information they need to make the decisions,
and how to gather and process the data needed to produce the
information.
A transaction is an agreement between two entities to exchange goods or
services or any other event that can be measured in economic terms by an
organization. Examples are selling goods to customers or paying
employees. Transaction processing is the process of capturing transaction
data, processing it, storing it for later use, and producing information
output, such as a managerial report or financial statement. Most
transactions are give-get exchange. These exchanges can be grouped into
five major business processes/transaction cycles.
Revenue cycle: goods and services are sold for
cash or a future promise of cash.
Expenditure cycle: purchase of raw materials
or inventory for resale in exchange for cash or
a future promise of cash.
Production cycle: raw materials are
transformed into finished goods.
, Human resources/payroll cycle: hiring, training,
compensating, evaluating, promoting and termination of
employees.
Financing cycle: companies sell shares to investors and
borrow money, where investors are paid dividends and
interest is paid on loans.
The general ledger and reporting system are information-
processing operations involved in updating the general ledger and
preparing reports for both management and external parties.
Accounting information systems
An accounting information system is a system that collects,
records, stores, and processes data to produce information for
decision makers. It includes people, procedures and instructions,
data, software, information technology infrastructure, and
internal controls and security measures.
Accounting is the recording of an organization’s financial transactions. It
also includes summarizing, analyzing, and reporting these transactions to
management, owners/investors, oversight agencies, and tax collection
entities.
An AIS can and should be the organization’s primary information system
and that it provides users with the information they need to perform their
jobs. There are six components of an AIS: people, procedures/instructions
(to collect, process, and store data), data, software (for processing),
information technology infrastructure, and internal controls/security
measures.
An AIS fulfills three important business functions:
1. Collect and store data about organizational activities, recourses
and personnel.
2. Transform data into information so management can plan,
execute, control, and evaluate activities, resources and
personnel.
3. Provide adequate controls to safeguard the organization’s
assets and data.
A well-designed AIS adds value to an organization by
Improving the quality and reducing the costs of products or services
Improving efficiency
Sharing knowledge
Improving the efficiency and effectiveness of its supply chain
Improving internal control structure
Improving decision making
An AIS can also use AI and data analytics to improve decision making.
Data analytics is the use of software and algorithms to discover,
describe, interpret, communicate, and apply meaningful patterns
in data to improve business performance.
An essential part of most analytic tools is a data dashboard that
displays important data points, metrics, and KPI’s in the form of line
, or bar charts, tables, or gauges.
Data analytics can identify a problem, collect data, and give
actionable insights.
Developments in business strategy, IT and organization culture influence
the design of AIS.
Virtualization is running multiple systems simultaneously on one physical
computer. This cuts hardware costs because fewer computers need to be
purchased.
Cloud computing uses a browser to remotely access software, data
storage, hardware, and applications. It is often used for employees. There
are different variants: infrastructure as a service, platform as a service,
and software as a service.
Internet of things is the embedding of sensors in devices so they can
connect to the internet.
Value chain
A value chain provides value to customers and consists of five primary
activities that directly provide value to customers:
1. Inbound logistics.
2. Operations: actions that transforms inputs into final products or
services.
3. Outbound logistics.
4. Marketing and sales
5. Service.
Support activities allow the five primary activities to be performed
efficiently and effectively. They are grouped into four categories:
Firm infrastructure: the accounting, finance, legal, and general
administration activities that allow an organization to function.
Human resources: activities including recruiting, hiring, training and
compensating employees.
Technology: activities that improve a product or service.
Purchasing: activities that produce raw materials, supplies,
machinery, and the building used to carry out the primary activities.
Chapter 8: Fraud and errors
As AIS grow more complex to meet our escalating needs for information,
companies face the growing risk that their systems may be compromised.
Threats to AIS are natural and political disasters such as wars and
earthquakes, software errors and equipment malfunctions such as errors
and crashes, unintentional acts like poorly trained personnel and human
carelessness, and intentional acts like sabotage, fraud and corruption.
The greatest risk and greatest dollar losses come from unintentional acts.
Fraud
Fraud is intentionally gaining an unfair advantage over another person. For
an act to be fraudulent, there must be:
A false statement, representation, or disclosure
A material fact, which is something that induces a person to act
, An intent to deceive
A justifiable reliance, the person relies on the misrepresentation to
act.
An injury or loss suffered by the victim.
Different kinds of fraud:
White-collar criminals: businesspeople who commit fraud. They
usually resort to trickery of cunning, and their crimes usually involve
a violation of trust or confidence.
Corruption: dishonest conduct by those in power and it often
involves actions that are illegitimate, immoral, or incompatible with
ethical standards.
Investment fraud: misrepresenting or leaving out facts in order to
promote an investment that promises fantastic profits with little or
no risk.
Misappropriation of assets: the theft of company assets by
employees. The most significant factor for this is the absence of
internal control and/or the failure to enforce existing internal
controls.
Fraudulent financial reporting: intentional or reckless conduct,
whether by act or omission, that results in materially misleading
financial statements. Four recommended actions to reduce
fraudulent financial reporting are
1 Establishing an organizational environment that contributes to the
integrity of the financial reporting process.
2 Identify and understand the factors that lead to fraudulent
financial reporting.
3 Assess the risk of fraudulent financial reporting within the
company.
4 Design and implement internal controls to provide reasonable
assurance of preventing fraudulent financial reporting.
Auditors should be able to detect fraud through the following: understand
fraud, discuss the risks of material fraudulent misstatements, obtain
information, identify; assess and respond to risks, evaluate the results of
their audit tests, document and communicate findings, and incorporate a
technology focus.
The fraud triangle represents three conditions that are present
when fraud occurs:
Pressure: a person’s incentive or motivation for committing
fraud.
Pressures for employee fraud are financial (debt), emotional
(greed, ego, job dissatisfaction), or lifestyle (gambling,
drugs).
Pressures for financial statement fraud are management
characteristics (forecasts, relationship), industry conditions
(declining, competition), or financial (economic conditions,
exceed earnings).
Book 1: Accounting information systems
Chapter 1: Accounting information systems: an overview
Introduction
System: Detailed methods, procedures, and routines that carry out
activities, perform a duty, achieve goals or objectives, or solve problems.
Goal conflict: subsystem’s goals are inconsistent with the goals of other
subsystems.
Goal congruence: when a subsystem achieves its goals while contributing
to the organization’s overall goal.
Data: facts that are collected, recorded, stored, and processed by an
information system.
Information: data that have been organized and processed to provide
meaning and improve decision-making.
Data is most useful when it is in a machine-readable format, that can be
read and processed by a computer.
Information overload occurs when the amount of information a human
mind can absorb, and process gets exceeded. This results in a
decline in decision-making quality and an increase in the cost of
providing information. IT is a solution to this problem.
An information system is the people and technologies in an
organization that produce information. The value of information is
benefits – costs.
Business processes
A business process is a set of related, coordinated, and structured
activities and tasks that are performed by a person, a computer, or a
machine, and that help accomplish a specific organizational goal.
To make effective decisions, organizations must decide what decisions
they need to make, what information they need to make the decisions,
and how to gather and process the data needed to produce the
information.
A transaction is an agreement between two entities to exchange goods or
services or any other event that can be measured in economic terms by an
organization. Examples are selling goods to customers or paying
employees. Transaction processing is the process of capturing transaction
data, processing it, storing it for later use, and producing information
output, such as a managerial report or financial statement. Most
transactions are give-get exchange. These exchanges can be grouped into
five major business processes/transaction cycles.
Revenue cycle: goods and services are sold for
cash or a future promise of cash.
Expenditure cycle: purchase of raw materials
or inventory for resale in exchange for cash or
a future promise of cash.
Production cycle: raw materials are
transformed into finished goods.
, Human resources/payroll cycle: hiring, training,
compensating, evaluating, promoting and termination of
employees.
Financing cycle: companies sell shares to investors and
borrow money, where investors are paid dividends and
interest is paid on loans.
The general ledger and reporting system are information-
processing operations involved in updating the general ledger and
preparing reports for both management and external parties.
Accounting information systems
An accounting information system is a system that collects,
records, stores, and processes data to produce information for
decision makers. It includes people, procedures and instructions,
data, software, information technology infrastructure, and
internal controls and security measures.
Accounting is the recording of an organization’s financial transactions. It
also includes summarizing, analyzing, and reporting these transactions to
management, owners/investors, oversight agencies, and tax collection
entities.
An AIS can and should be the organization’s primary information system
and that it provides users with the information they need to perform their
jobs. There are six components of an AIS: people, procedures/instructions
(to collect, process, and store data), data, software (for processing),
information technology infrastructure, and internal controls/security
measures.
An AIS fulfills three important business functions:
1. Collect and store data about organizational activities, recourses
and personnel.
2. Transform data into information so management can plan,
execute, control, and evaluate activities, resources and
personnel.
3. Provide adequate controls to safeguard the organization’s
assets and data.
A well-designed AIS adds value to an organization by
Improving the quality and reducing the costs of products or services
Improving efficiency
Sharing knowledge
Improving the efficiency and effectiveness of its supply chain
Improving internal control structure
Improving decision making
An AIS can also use AI and data analytics to improve decision making.
Data analytics is the use of software and algorithms to discover,
describe, interpret, communicate, and apply meaningful patterns
in data to improve business performance.
An essential part of most analytic tools is a data dashboard that
displays important data points, metrics, and KPI’s in the form of line
, or bar charts, tables, or gauges.
Data analytics can identify a problem, collect data, and give
actionable insights.
Developments in business strategy, IT and organization culture influence
the design of AIS.
Virtualization is running multiple systems simultaneously on one physical
computer. This cuts hardware costs because fewer computers need to be
purchased.
Cloud computing uses a browser to remotely access software, data
storage, hardware, and applications. It is often used for employees. There
are different variants: infrastructure as a service, platform as a service,
and software as a service.
Internet of things is the embedding of sensors in devices so they can
connect to the internet.
Value chain
A value chain provides value to customers and consists of five primary
activities that directly provide value to customers:
1. Inbound logistics.
2. Operations: actions that transforms inputs into final products or
services.
3. Outbound logistics.
4. Marketing and sales
5. Service.
Support activities allow the five primary activities to be performed
efficiently and effectively. They are grouped into four categories:
Firm infrastructure: the accounting, finance, legal, and general
administration activities that allow an organization to function.
Human resources: activities including recruiting, hiring, training and
compensating employees.
Technology: activities that improve a product or service.
Purchasing: activities that produce raw materials, supplies,
machinery, and the building used to carry out the primary activities.
Chapter 8: Fraud and errors
As AIS grow more complex to meet our escalating needs for information,
companies face the growing risk that their systems may be compromised.
Threats to AIS are natural and political disasters such as wars and
earthquakes, software errors and equipment malfunctions such as errors
and crashes, unintentional acts like poorly trained personnel and human
carelessness, and intentional acts like sabotage, fraud and corruption.
The greatest risk and greatest dollar losses come from unintentional acts.
Fraud
Fraud is intentionally gaining an unfair advantage over another person. For
an act to be fraudulent, there must be:
A false statement, representation, or disclosure
A material fact, which is something that induces a person to act
, An intent to deceive
A justifiable reliance, the person relies on the misrepresentation to
act.
An injury or loss suffered by the victim.
Different kinds of fraud:
White-collar criminals: businesspeople who commit fraud. They
usually resort to trickery of cunning, and their crimes usually involve
a violation of trust or confidence.
Corruption: dishonest conduct by those in power and it often
involves actions that are illegitimate, immoral, or incompatible with
ethical standards.
Investment fraud: misrepresenting or leaving out facts in order to
promote an investment that promises fantastic profits with little or
no risk.
Misappropriation of assets: the theft of company assets by
employees. The most significant factor for this is the absence of
internal control and/or the failure to enforce existing internal
controls.
Fraudulent financial reporting: intentional or reckless conduct,
whether by act or omission, that results in materially misleading
financial statements. Four recommended actions to reduce
fraudulent financial reporting are
1 Establishing an organizational environment that contributes to the
integrity of the financial reporting process.
2 Identify and understand the factors that lead to fraudulent
financial reporting.
3 Assess the risk of fraudulent financial reporting within the
company.
4 Design and implement internal controls to provide reasonable
assurance of preventing fraudulent financial reporting.
Auditors should be able to detect fraud through the following: understand
fraud, discuss the risks of material fraudulent misstatements, obtain
information, identify; assess and respond to risks, evaluate the results of
their audit tests, document and communicate findings, and incorporate a
technology focus.
The fraud triangle represents three conditions that are present
when fraud occurs:
Pressure: a person’s incentive or motivation for committing
fraud.
Pressures for employee fraud are financial (debt), emotional
(greed, ego, job dissatisfaction), or lifestyle (gambling,
drugs).
Pressures for financial statement fraud are management
characteristics (forecasts, relationship), industry conditions
(declining, competition), or financial (economic conditions,
exceed earnings).
