COPYRIGHTED MATERIAL. Systems fundamentals 1. Systems characteristics and considerations 33. Introduction 2. Business processes 34

Transcription

1 Contents About the authors iii Preface xi Part 1 Systems fundamentals 1 chapter 1 Introduction 2 Introduction What is an accounting information system? 4 Accounting Data and information explained 7 Ais focus 1.1 Loyalty New Zealand reaping the big data rewards What is a system? Definition and evolution of accounting information systems 11 A brief history of accounting information systems The role of accounting and accounting information 14 Ais focus 1.2 Using data in the organisation Where next? 18 Part 2: Systems characteristics and considerations 18 Ais focus 1.3 Hacktivists Anonymous attack Australian government websites 22 Ais focus 1.4 Is your ready for the summer bushfire season? 23 Part 3: Systems in action 25 Part 4: Systems issues 27 Summary 28 Key terms 28 Discussion questions 29 Self-test activities 29 Problems 30 Further reading 31 Self-test answers 31 Endnotes 32 Acknowledgements 32 Part 2 Systems characteristics and considerations 33 chapter 2 Business processes 34 Introduction Organisational strategy and mission 36 Ais focus 2.1 ALDI in the Australian supermarket industry Organisational design 39 The functional perspective of the organisation What is a business process? 42 Interlocking activities 42 Across the organisation (the horizontal perspective) 43 Predetermined goal 43 Customer needs 43 What is a business process compared with a business function? 44 Business processes within the organisation Why business processes? 45 Ais focus 2.2 Outsourcing business processes for innovation 47 End-user perspective ERP systems, business processes and best practice Issues in moving to a business process-based environment 50 Management change 50 People change Changing business processes 51 Total Quality Management (TQM) 51 Business process re-engineering (BPR) 52 Technology-driven process improvements 59 Ais focus 2.3 Moraitis lengths ahead BPR evaluated 68 Risks and criticisms of BPR What are Australian organisations doing with information technology and processes? 69 How are businesses using IT? 69 COPYRIGHTED MATERIAL

2 Is IT really improving processes? 72 Information as a business 74 Summary 76 Key terms 78 Discussion questions 78 Self-test activities 79 Problems 79 Further reading 85 Self-test answers 85 Endnotes 85 Acknowledgements 89 chapter 3 Database concepts I 90 Introduction 91 Ais focus 3.1 T Construction Industries The role of databases in decision making and reporting systems 92 Design of database models in relational databases Database concepts Data redundancy 98 Modification anomalies 99 Insertion anomalies 99 Deletion anomalies Database systems and functions 99 Database systems 99 Advantages of database systems 101 Other database systems Database modelling, design and implementation of relational databases 104 Database modelling Database design 109 Conceptual model entity relationship diagram 109 Implementation model 114 Implementing relationships 114 Ais focus 3.2 Tax Disputes Limited 120 Top-down versus bottom-up database design 121 Summary 122 Key terms 123 Discussion questions 124 Self-test activities 127 Problems 127 Further reading 133 Self-test answers 134 Acknowledgements 134 chapter 4 Database concepts II 135 Introduction Normalisation and database design 137 Database tables and normalisation 139 Definitions 139 First normal form 140 Second normal form 141 Third normal form 144 Relating the normalised tables example A 145 Beyond third normal form 146 Further examples of normalisation 146 Relating the normalised tables examples B and C 148 Relating the normalised tables example D Different ways a business works = different data structures Enterprise models 155 Developing an enterprise model The REA Accounting Model 165 REA Accounting Model example Differences between REA and ER modelling Database implementation 171 Client server systems 171 Databases in e-commerce 173 Summary 174 Key terms 175 Discussion questions 175 Self-test activities 176 Problems 176 Further reading 195 Self-test answers 195 Endnotes 196 Acknowledgements 196 chapter 5 Systems development 197 Introduction Business size and complexity Systems development life cycle 199 Investigation 201 Ais focus 5.1 Supermarkets changing the way you shop 202 Analysis 207 Design 208 Ais focus 5.2 Selecting a vendor based on RFPs 213 Implementation 213 Maintenance and review 217 contents v

3 5.3 Alternative systems development approaches 218 Prototyping 219 Agile/adaptive methods Software selection for SMEs 221 Pre-developed programs 221 Types of accounting packages 221 Software as a service Typical problems of systems development 222 Conflict 222 Escalation of commitment 222 Project goal issues 223 Technical skills 223 Interpersonal skills Systems development management tools 224 Gantt charts 224 CASE 225 Summary 225 Key terms 226 Discussion questions 227 Self-test activities 228 Problems 229 Ais focus 5.3 An integrated medical record system 232 Further reading 235 Self-test answers 235 Endnotes 235 Acknowledgements 237 chapter 6 Technology concepts 238 Introduction Why an ERP system? Business processes supported by ERP systems ERP systems SAP modules 242 Financial accounting (FI) 242 Controlling and profitability analysis (CO) 243 Human resources (HR) 243 Sales and distribution (SD) 243 Materials management (MM) XBRL and its role in reporting systems and decision making Different ways to apply XBRL tags 247 XBRL tags in the accounting system 247 Tagging accounts after reports have been produced Benefits of XBRL 249 Reduced data manipulation 249 Paperless reporting 251 Industry-accepted standards 251 Reduced accounting time 251 Recognition by major accounting software vendors 251 Interchangeable data 252 Comparisons across companies 252 Improved audit quality 252 Stakeholder benefits XBRL concepts 253 XML and XBRL compared to HTML 253 XBRL specifications 255 XBRL taxonomies 256 Instance documents 258 Tagging accounts using XBRL Cloud computing 263 Cloud Infrastructure as a Service (IaaS) 263 Cloud Platform as a Service (PaaS) 263 Software as a Service (SaaS) Big data 265 Other technologies 265 Ais focus 6.1 Phablets for accountants? 266 Summary 267 Key terms 268 Discussion questions 269 Self-test activities 270 Problems 270 Further reading 273 Self-test answers 273 Endnotes 274 Acknowledgements 274 chapter 7 Systems mapping and documentation 275 Introduction The purpose of systems documentation Role of systems documentation in process redesign and re-engineering Role of accountant in accurate reporting and preserving corporate memory 278 Auditing and systems documentation The law and systems documentation Reading systems documentation 281 Ais focus 7.1 The role of software in systems documentation 282 Entities 282 The narrative 283 Process maps 286 Data flow diagrams 287 Systems flowcharts 293 vi contents

4 7.6 Balancing a data flow diagram Drawing systems documentation 299 Analysing the case 301 Preparing a process map 303 Preparing data flow diagrams Comparing the different documentation techniques 317 Summary 318 Key terms 319 Discussion questions 320 Self-test activities 320 Problems 323 Self-test answers 328 Endnotes 328 Acknowledgements 329 chapter 8 Internal controls I 330 Introduction Evolution of corporate governance 332 What is corporate governance? 332 Brief history of corporate governance Principles of corporate governance in Australia 335 Ais focus 8.1 Availability of information to shareholders IT governance 339 What is IT governance? COBIT framework and principles 340 Australian IT governance 346 Ais focus 8.2 Governance and accounting failure in Australia Significance of internal control 347 What is internal control? Components of COSO internal control framework 349 Control environment 349 Risk assessment 350 Ais focus 8.3 Fuel prices and financials 350 Ais focus 8.4 Disaster recovery options 351 Control activities 353 Information and communication 353 Monitoring Identifying and assessing risks 357 Linking risks to financial statement assertions Evaluating COSO and COBIT frameworks 361 Ais focus 8.5 Corporate governance, financial reporting... what else? 363 Summary 364 Key terms 365 Discussion questions 366 Self-test activities 366 Problems 367 Further reading 368 Self-test answers 368 Endnotes 368 Acknowledgements 372 chapter 9 Internal controls II 373 Introduction Control activities, business processes and accounting Evaluation of control activities 376 Preventive, detective and corrective controls 377 Ais focus 9.1 Insider trading: the worst case in Australia? 379 Input, processing and output controls COSO, COBIT and control activities Aims of a computerised accounting information system 382 Proper authorisation 382 Proper recording 383 Completeness 383 Timeliness General controls 384 Physical controls 384 Segregation of duties 385 User access 385 System development procedures 387 User awareness of risks 387 Data storage procedures 387 Ais focus 9.2 Privilege vulnerabilities 388 Security policies Application controls 389 Input controls 389 Ais focus 9.3 Human error: the biggest problem 393 Processing controls 395 Output controls 397 Ais focus 9.4 Controls in practice Disaster recovery plans 399 Temporary sites 399 Staffing 400 Restore business relationships Execution of internal control 400 contents vii

5 9.9 Documenting controls 401 Narrative descriptions 401 Questionnaires and checklists 402 Flowcharts 403 Control matrix The limitations of controls 404 Threats to an organisation s objectives 404 Threats to internal controls 406 Summary 407 Key terms 408 Discussion questions 409 Self-test activities 410 Problems 410 Self-test answers 420 Endnotes 420 Acknowledgements 422 Part 3 Systems in action 423 chapter 10 Transaction cycle the revenue cycle 426 Introduction Revenue cycle overview and key objectives 427 Strategic implications of the revenue cycle 429 Ais focus 10.1 Simply Energy Technologies underpinning the revenue cycle 430 Ais focus 10.2 Caffe Primo Chain Data and decisions in the revenue cycle 432 Data and the revenue cycle 432 Revenue cycle business decisions Revenue cycle documentation 433 Revenue cycle context 433 Revenue cycle logical data flows Revenue cycle activities and related risks and controls 439 Process the sales order activities, risks and controls 440 Pick, pack and ship the goods activities, risks and controls 448 Bill the customer activities, risks and controls 450 Receive and record payment activities, risks and controls 459 Physical DFD process the sales order 463 Systems flowchart process the sales order Measuring revenue cycle performance 466 Summary 467 Key terms 468 Discussion questions 469 Self-test activities 470 Problems 471 Further reading 479 Self-test answers 479 Endnote 479 Acknowledgements 480 chapter 11 Transaction cycle the expenditure cycle 481 Introduction Expenditure cycle overview and key objectives 483 Strategic implications of the expenditure cycle Technologies underpinning the expenditure cycle 485 Ais focus 11.1 Getting behind the scenes managing your supply chain Data and decisions in the expenditure cycle 486 Data and the expenditure cycle 486 Expenditure cycle business decisions 487 Ais focus 11.2 Accounts payable processing at Telstra Expenditure cycle documentation 488 Expenditure cycle context 489 Expenditure cycle logical data flows Expenditure cycle activities and related risks and controls 495 Determine demand for goods activities, risks and controls 495 Order goods activities, risks and controls 499 Receive goods activities, risks and controls 505 Pay for goods activities, risks and controls 512 Physical DFD determine demand for goods 520 System flowchart determine demand for goods Measuring expenditure cycle performance 524 Summary 524 Key terms 526 Discussion questions 527 Self-test activities 527 Problems 529 viii contents

6 Further reading 537 Self-test answers 537 Endnote 537 Acknowledgements 537 chapter 12 Transaction cycle the general ledger and financial reporting cycle 538 Introduction General ledger and financial reporting cycle overview and key objectives 539 Strategic implications of the general ledger and financial reporting cycle Technologies underpinning the general ledger and financial reporting cycle 542 Ais focus 12.1 Storm clouds ahead: some pros and cons of data in the cloud Data and decisions in the general ledger and financial reporting cycle 545 Data and the general ledger and financial reporting cycle 545 Ais focus 12.2 Online recruiter uses Xero for accounting online 547 General ledger and financial reporting cycle business decisions General ledger and financial reporting cycle documentation 549 General ledger and financial reporting cycle context 549 General ledger and financial reporting cycle logical data flows General ledger and financial reporting cycle activities and related risks and controls 556 Prepare budgets activities, risks and controls 556 Update the general ledger activities, risks and controls 557 Record general ledger adjustments activities, risks and controls 565 Produce reports activities, risks and controls 569 Physical DFD prepare budgets 575 Systems flowchart prepare budgets Measuring general ledger and financial reporting cycle performance 580 Summary 580 Key terms 582 Discussion questions 582 Self-test activities 583 Problems 585 Further reading 593 Self-test answers 593 Acknowledgements 594 Part 4 Systems issues 595 chapter 13 Auditing and governance of accounting information systems 596 Introduction Importance of the audit function Internal auditing External auditing Audit committees Influences on the auditor 601 Benchmarks and best practice Financial (statutory) audit 602 Requirement for a financial audit 602 Sarbanes Oxley Act (SOX) requirements Information systems audit 604 Overview of the AIS audit 605 Ais focus 13.1 Cloud computing: assessing the risks 606 Audit tools 608 Ais focus 13.2 COBIT and IT governance case studies 608 Planning the audit 613 Fieldwork (performing the audit) 617 Analysis 618 Ais focus 13.3 Protecting customer data 620 Completion, review, monitoring and reporting 622 Audit of systems under development 623 Special purpose audits 623 Summary 624 Key terms 624 Discussion questions 625 Self-test activities 626 Problems 627 Further reading 630 Self-test answers 631 Endnotes 631 Acknowledgements 632 contents ix

7 chapter 14 Ethics and cybercrime 633 Introduction The importance of ethics 634 Consequentialist theories 635 Non-consequentialist theories 636 Importance of ethics in AIS and accounting 637 Ethical issues in business Ethical decision making 638 Applying the framework Ethical issues in accounting information systems 640 Customer protection and privacy 640 Ais focus 14.1 Data breaches 641 Ais focus 14.2 RFID: Asset tracking capabilities and more Cybercrime 649 Malware: viruses, worms, Trojans, bots 650 Spam 650 Identity crime 651 Ais focus 14.3 News of the World Fraud, online fraud and scams 652 Sales fraud or e-commerce fraud Reducing the risk of cybercrime Future trends and issues with new technologies 656 Summary 657 Key terms 658 Discussion questions 659 Self-test activities 660 Problems 661 Further reading 662 Self-test answers 663 Endnotes 663 Acknowledgements 666 x contents