what is an ais? systems are almost always composed of smaller subsystems, each performing a specific...
TRANSCRIPT
![Page 1: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/1.jpg)
What is an AIS?• Systems are almost always composed of smaller
subsystems, each performing a specific function supportive of the larger system.
• An accounting information system (AIS) consists of:– People– Procedures– Data– Software– Information technology
![Page 2: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/2.jpg)
Functions of an AIS?• What important functions does the AIS
perform in an organization?1 It collects and stores data about activities
and transactions.2 It processes data into information that is
useful for making decisions.3 It provides adequate controls to safeguard
the organization’s assets.
![Page 3: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/3.jpg)
Basic Subsystems in the AIS
ExpenditureCycle
HumanResources
ProductionCycle
RevenueCycle
FinancingCycle
General Ledger & Reporting System
![Page 4: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/4.jpg)
Factors InfluencingDesign of the AIS
OrganizationalCulture
Strategy
InformationTechnology
AIS
![Page 5: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/5.jpg)
The Value Chain• The ultimate goal of any business is to provide value
to its customers. A business will be profitable if the value it creates is greater than the cost of producing its products or services.
• The value chain concept can be extended by recognizing that organizations must interact with suppliers, distributors, and customers.
• An organization’s value chain and the value chains of its suppliers, distributors, and customers collectively form a value system.
![Page 6: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/6.jpg)
The Value Chain
Primary Activities
InboundLogistics
OutboundLogistics
Operations
Marketingand Sales
Service
![Page 7: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/7.jpg)
The Value Chain
Support Activities
Infrastructure
HumanResources
Technology
Purchasing
![Page 8: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/8.jpg)
What is the Value of Information?
• The value of information is the benefit produced by the information minus the cost of producing it.
![Page 9: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/9.jpg)
What is the Chart of Accounts?
• The chart of accounts is a list of all general ledger accounts used by an organization.
• It is important that the chart of accounts contains sufficient detail to meet the information needs of the organization.
![Page 10: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/10.jpg)
Strategy and Strategic Positions
Two Basic Strategies
To be a lower-cost producer than competitors
To differentiate products and services fromcompetitors
![Page 11: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/11.jpg)
11
System Documentation
• The most common systems documentation tools and techniques.1 Data flow diagrams2 Document flowcharts3 Computer system flowcharts4 Program flowcharts
![Page 12: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/12.jpg)
File-Oriented Approach
Applicationprogram #2
Applicationprogram #1
File # 1
Item A Item B Item C
File # 2
Item B Item D Item E
![Page 13: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/13.jpg)
Database Approach
Applicationprogram #3
Applicationprogram #2
Databasemanagement
system
Applicationprogram #1
Item A Item B Item C Item D Item E
Database
![Page 14: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/14.jpg)
Database Approach versus File-Oriented Approach
Minimum data redundancy
Fewer data inconsistencies
Standardized data format
No duplicated processing or storage
Allows cross-functional data analyses
Central data management / data security
Lower cost
![Page 15: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/15.jpg)
Databases
• Database management system (DBMS) is the program that manages and controls access to the database.
• Database system is the combination of the database, the DBMS, and the application program that uses the database.
• Database administrator (DBA) is the person responsible for the database.
![Page 16: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/16.jpg)
Logical & Physical Views of Data
A major advantage of database systems over file-oriented systems is that the database systems separate the logical and physical view of data:– Logical view: It is how the user or programmer conceptually
organizes and understands the data.
– Physical view: It refers to how and where the data are physically arranged and stored on disk, tape, CD-ROM, or other media.
The DBMS controls the database so that users can access, query, or update it without reference to how or where the data are physically stored.
![Page 17: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/17.jpg)
Relational Databases
• A data model is an abstract representation of the contents of a database.
• The relational data model represents everything in the database as being stored in the form of tables.
• Technically, these tables are called relations.• Each row in a relation, called a tuple, contains
data about a specific occurrence of the type of entity represented by that table.
![Page 18: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/18.jpg)
Schemas
• What are schemas?
• A schema describes the logical structure of a database.
• There are three levels of schemas:1 Conceptual-level schema2 External-level schema3 Internal-level schema
![Page 19: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/19.jpg)
Schemas
• The conceptual-level schema is an organization-wide view of the entire database.
• The external-level schema consists of a set of individual user views of portions of the database, also referred to as a subschema.
• The internal-level schema provides a low-level view of the database.
Schema Levels:
1. Conceptual
2. External
3. Internal
![Page 20: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/20.jpg)
The Data Dictionary
• What is a data dictionary?– It contains information about the structure of
the database.
• For each data element stored in the database, such as the customer number, there is a corresponding record in the data dictionary describing it.
![Page 21: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/21.jpg)
Basic Requirements of the Relational Data Model
1 Primary keys must be unique.2 Every foreign key must either be null or have a
value corresponding to the value of a primary key in another relation.
3 Each column in a table must describe a characteristic of the object identified by the primary key.
4 Each column in a row must be single-valued.5 The value in every row of a specific column must be
of the same data type.6 Neither column order nor row order is significant.
![Page 22: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/22.jpg)
E-Business Interactions• E-business encompasses an
organization’s external interactions with its:– Suppliers– Customers– Investors– Creditors– The government– Media
![Page 23: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/23.jpg)
Categories of E-Business
Type of E-Business Characteristics
Interactions between individuals & organizations:
B2C (Business to Consumers)
•Organization-individual
•Smaller dollar value
•One-time or infrequent transactions
•Relatively simple
Inter-organizational e-business:
B2B (Business to Business): B2G (Business to Government)
B2E (Business to Education)
•Inter-organizational
•Larger dollar value
•Established, on-going relationships
•Extension of credit by seller to customer
•More complex
![Page 24: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/24.jpg)
Use of E-Business• E-business includes the use of IT to redesign its
internal processes.• For organizations in many industries, engaging in
e-business is a necessity.• Engaging in e-business in and of itself does not
provide a competitive advantage.• However, e-business can be used to more
effectively implement its basic strategy and enhance the effectiveness and efficiency of its value-chain activities.
![Page 25: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/25.jpg)
E-Business Success Factors
• The degree to which e-business activities fit and support the organization’s overall business strategy.
• The ability to guarantee that e-business processes satisfy the three key characteristics of any business transaction– Validity
– Integrity
– Privacy
![Page 26: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/26.jpg)
E-Business Success Factors
• Implementation of an EDI must overcome the following threats:– Choosing an inappropriate technology– Unauthorized system access– Tapping into data transmission– Loss of data integrity– Incomplete transactions– System failures
![Page 27: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/27.jpg)
EncryptionThere are two principal types of encryption systems:
– Single-key systems: Same key is used to encrypt and decrypt the message
• Simple, fast, and efficient• Example: the Data Encryption Standard (DES) algorithm
– Public Key Infrastructure (PKI): Uses two keys:• Public key is publicly available and usually used to encode
message• Private key is kept secret and known only by the owner of that
pair of keys. Usually used to decode message
![Page 28: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/28.jpg)
Types of Networks
• The private portion can be further divided into two subsets:
1 Local area network (LAN) — a system of computers and other devices, such as printers, that are located in close proximity to each other.
2 Wide area network (WAN) — covers a wide geographic area.
![Page 29: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/29.jpg)
Types of Networks
• What is an Intranet?
• The term Intranet refers to internal networks that connect to the main Internet.
• They can be navigated with the same browser software, but are closed off from the general public.
• What are Extranets?
![Page 30: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/30.jpg)
Company A
AISVPN
equipmentISP
Internet
Types of Networks
• Companies build a virtual private network (VPN) to improve reliability and security, while still taking advantage of the Internet.
![Page 31: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/31.jpg)
Network Configuration Options
• Local area networks (LANs) can be configured in one of three basic ways:
1 Star configuration
2 Ring configuration
3 Bus configuration
![Page 32: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/32.jpg)
Network Configuration Options
• Wide area networks (WANs) can be configured in one of three basic ways:
1 Centralized system
2 Decentralized system
3 Distributed data processing
![Page 33: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/33.jpg)
Network Configuration Options
In a centralized WAN, all terminals and other devices are connected to a central corporate computer.
WAN Configuration:
1. Centralized
2. Decentralized
3. Distributed
![Page 34: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/34.jpg)
Threats to AIS• Natural and political disasters:
– fire / heat / floods / earthquakes / winds / war
• S/W errors & Equipment Malfunctions:– H/W failures / power outages / data transmission errors
• Unintentional acts:– accidents / lost data / human & logic errors /systems that do
not meet company needs
• Intentional acts:– Sabotage / computer fraud / embezzlement
![Page 35: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/35.jpg)
Internal Control Classifications
• The specific control procedures used in the internal control and management control systems may be classified using the following four internal control classifications:1 Preventive, detective, and corrective controls
2 General and application controls
3 Administrative and accounting controls
4 Input, processing, and output controls
![Page 36: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/36.jpg)
COSO’s Internal Control Model Components
1 Control environment
2 Control activities
3 Risk assessment
4 Information and communication
5 Monitoring Performance
![Page 37: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/37.jpg)
Principles of a Reliable System
1. Security of the system against unauthorized physical and logical access.
2. Availability of the system when needed.3. Processing Integrity – data is processed accurately,
completely, in a timely manner and with proper authorization.
4. Privacy – personal information about customers is collected, used, disclosed and maintained in an appropriate manner.
5. Confidentiality – sensitive information is protected from unauthorized disclosure.
![Page 38: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/38.jpg)
Physical Access Controls
• How can physical access security be achieved? – placing computer equipment in locked rooms and
restricting access to authorized personnel
– having only one or two entrances to the computer room
– requiring proper employee ID
– requiring that visitors sign a log
– installing locks on PCs
![Page 39: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/39.jpg)
Logical Access Controls
• Users should be allowed access only to the data they are authorized to use and then only to perform specific authorized functions.
• What are some logical access controls?– passwords
– physical possession identification
– biometric identification
– compatibility tests
![Page 40: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/40.jpg)
Estimate Cost and Benefits• No internal control system can provide foolproof
protection against all internal control threats.
• The cost of a foolproof system would be prohibitively high.
• One way to calculate benefits involves calculating expected loss.
• The benefit of a control procedure is the difference between the expected loss with the control procedure(s) and the expected loss without it.
Expected loss = risk × exposure
![Page 41: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/41.jpg)
Segregation of Duties Withinthe Systems Function
• Organizations must implement compensating control procedures.
• Authority & responsibility must be clearly divided among the following functions:1 Systems analysis
2 Programming
3 Computer operations
4 Users
5 AIS library
6 Data control
![Page 42: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/42.jpg)
Segregation of Duties
Recording FunctionsPreparing source documents
Maintaining journalsPreparing reconciliations
Preparing performance reports
Custodial FunctionsHandling cash
Handling assetsWriting checks
Receiving checks in mail Authorization FunctionsAuthorization of
transactions
![Page 43: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/43.jpg)
Disaster Recovery Plan
• Objectives:1 Minimize the extent of the disruption, damage, and
loss.
2 Temporarily establish an alternative means of processing information.
3 Resume normal operations as soon as possible.
4 Train and familiarize personnel with emergency operations.
![Page 44: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/44.jpg)
General Controls• General controls ensure that overall computer
system is stable and well managed:1. Developing a security plan2. Segregation of duties within the systems function3. Project development controls4. Physical access controls 5. Logical access controls6. Data storage controls7. Data transmission controls8. Documentation standards9. Minimizing system downtime10. Disaster recovery plans11. Protection of personal computers & client/server networks12. Internet controls
![Page 45: What is an AIS? Systems are almost always composed of smaller subsystems, each performing a specific function supportive of the larger system. An accounting](https://reader030.vdocuments.net/reader030/viewer/2022032803/56649e225503460f94b0fa94/html5/thumbnails/45.jpg)
Computer-Aided Software Engineering (CASE)
• CASE is an integrated package of computer-based tools that automate important aspects of the software development process.
• CASE tools are used to plan, analyze, design, program, and maintain an information system.
• They are also used to enhance the efforts of managers, users, and programmers in understanding information needs.