Accounting
Information
Systems
SIXTH EDITION
JAMES A. HALL
Peter E. Bennett Chair in
Business and Economics
Lehigh University
Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States
Accounting Information Systems, Sixth Edition
James A. Hall
VP/Editorial Director: Jack W. Calhoun
Publisher: Rob Dewey
Acquisitions Editor: Matt Filimonov
Developmental Editor: Aaron Arnsparger
© 2008 Cengage Learning
ALL RIGHTS RESERVED. No part of this work covered by the copyright
herein may be reproduced, transmitted, stored or used in any form or by
any means graphic, electronic, or mechanical, including but not limited to
photocopying, recording, scanning, digitizing, taping, Web distribution,
information networks, or information storage and retrieval systems,
except as permitted under Section 107 or 108 of the 1976 United States
Copyright Act, without the prior written permission of the publisher.
Marketing Manager: Kristin Hurd
Production Project Manager: Darrell Frye
For more information about our products, contact us at:
Cengage Learning Academic Resource Center, 1-800-423-0563
Manufacturing Coordinator: Doug Wilke
Production House: Pre-PressPMG
For permission to use material from this text or product, submit a
request online at />
Printer: Edwards Brothers
Art Director: Stacy Jenkins Shirley
Cover and Internal Designer: C. Miller Design
South-Western Cengage Learning, a part of Cengage Learning.
Cengage, the Star logo, and South-Western are trademarks used herein
under license.
Cover Images: © Getty Images
Library of Congress Control Number: 2007937812
ISBN-13: 978-0-324-56089-3
ISBN-10: 0-324-56089-3
Cengage Learning
5191 Natorp Boulevard
Mason, OH 45040
USA
Printed in the United States of America
1 2 3 4 5 09 08 07 06
Brief Contents
Part I
CHAPTER 1
CHAPTER 2
CHAPTER 3
Part II
CHAPTER 4
CHAPTER 5
CHAPTER 6
CHAPTER 7
CHAPTER 8
Part III
CHAPTER 9
CHAPTER 10
CHAPTER 11
CHAPTER 12
Part IV
CHAPTER 13
CHAPTER 14
Part V
CHAPTER 15
CHAPTER 16
CHAPTER I7
GLOSSARY
INDEX
Overview of Accounting Information Systems
The Information System: An Accountant’s Perspective
Introduction to Transaction Processing 44
Ethics, Fraud, and Internal Control 112
Transaction Cycles and Business Processes
1
2
161
The Revenue Cycle 162
The Expenditure Cycle Part I: Purchases and Cash Disbursements
Procedures 234
The Expenditure Cycle Part II: Payroll Processing and Fixed Asset
Procedures 285
The Conversion Cycle 332
Financial Reporting and Management Reporting Systems 381
Advanced Technologies in Accounting
Information 429
Database Management Systems 430
The REA Approach to Database Modeling 496
Enterprise Resource Planning Systems 528
Electronic Commerce Systems 563
Systems Development Activities
623
Managing the Systems Development Life Cycle 624
Construct, Deliver, and Maintain Systems Project 659
Computer Controls and Auditing
723
IT Controls Part I: Sarbanes-Oxley and IT Governance 724
IT Controls Part II: Security and Access 759
IT Controls Part III: Systems Development, Program Changes,
and Application Controls 797
G-1
I-1
Table of Contents
Part I
Overview of Accounting Information Systems 1
Chapter 1
The Information System: An Accountant’s
Perspective 2
The Information Environment 3
What Is a System? 4
An Information Systems Framework 6
AIS Subsystems 9
A General Model for AIS 10
Acquisition of Information Systems 15
Organizational Structure 16
Business Segments 16
Functional Segmentation 17
The Accounting Function 20
The Information Technology Function
21
The Evolution of Information System Models 26
The Manual Process Model 26
The Flat-File Model 27
The Database Model 29
The REA Model 31
Enterprise Resource Planning Systems
34
The Role of the Accountant 34
Accountants as Users 35
Accountants as System Designers 35
Accountants as System Auditors 36
Summary 37
Chapter 2
Introduction to Transaction Processing
44
An Overview of Transaction Processing 45
Transaction Cycles 45
The Expenditure Cycle 45
The Conversion Cycle 46
The Revenue Cycle 47
Accounting Records 47
Manual Systems 47
The Audit Trail 54
Computer-Based Systems
55
Documentation Techniques 57
Data Flow Diagrams and Entity Relationship Diagrams
58
Table of Contents
v
Flowcharts 61
Record Layout Diagrams
72
Computer-Based Accounting Systems 73
Differences between Batch and Real-Time Systems 74
Alternative Data Processing Approaches 75
Batch Processing Using Real-Time Data Collection 78
Real-Time Processing 80
Summary 82
Appendix 82
Chapter 3
Ethics, Fraud, and Internal Control
112
Ethical Issues in Business 113
Business Ethics 113
Computer Ethics 114
Sarbanes-Oxley Act and Ethical Issues
117
Fraud and Accountants 119
Definitions of Fraud 119
Factors that Contribute to Fraud 120
Financial Losses from Fraud 122
The Perpetrators of Frauds 122
Fraud Schemes 125
Internal Control Concepts and Techniques 134
SAS 78/COSO Internal Control Framework
139
Summary 145
Part II
Transaction Cycles and Business Processes 161
Chapter 4
The Revenue Cycle
162
The Conceptual System 163
Overview of Revenue Cycle Activities
Sales Return Procedures 170
Cash Receipts Procedures 173
Revenue Cycle Controls 177
Physical Systems 181
Manual Systems 182
Sales Order Processing 182
Sales Return Procedures 185
Cash Receipts Procedures 185
163
vi
Table of Contents
Computer-Based Accounting Systems 188
Automating Sales Order Processing with Batch
Technology 188
Keystroke 191
Edit Run 191
Update Procedures 191
Reengineering Sales Order Processing with
Real-Time Technology 193
Transaction Processing Procedures 194
General Ledger Update Procedures 194
Advantages of Real-Time Processing 195
Automated Cash Receipts Procedures 195
Reengineered Cash Receipts Procedures 197
Point-of-Sale (POS) Systems 197
Daily Procedures 198
End-of-Day Procedures 199
Reengineering Using EDI 200
Reengineering Using the Internet 200
Control Considerations for Computer-Based
Systems 201
PC-Based Accounting Systems 203
PC Control Issues
204
Summary 204
Appendix 205
Chapter 5
The Expenditure Cycle Part I: Purchases and
Cash Disbursements Procedures 234
The Conceptual System 235
Overview of Purchases and Cash Disbursements
Activities 235
The Cash Disbursements Systems 243
Expenditure Cycle Controls 245
Physical Systems 249
A Manual System 249
The Cash Disbursements Systems
251
Computer-Based Purchases and Cash Disbursements
Applications 252
Automating Purchases Procedures Using Batch Processing
Technology 253
Cash Disbursements Procedures 258
Table of Contents
vii
Reengineering the Purchases/Cash Disbursements
System 259
Control Implications 261
Summary 263
Chapter 6
The Expenditure Cycle Part II: Payroll
Processing and Fixed Asset
Procedures 285
The Conceptual Payroll System 286
Payroll Controls
294
The Physical Payroll System 296
Manual Payroll System 297
Computer-Based Payroll Systems 298
Automating the Payroll System Using Batch
Processing 298
Reengineering the Payroll System 298
The Conceptual Fixed Asset System 301
The Logic of a Fixed Asset System
302
The Physical Fixed Asset System 305
Computer-Based Fixed Asset System 305
Controlling the Fixed Asset System 307
Summary 310
Chapter 7
The Conversion Cycle
332
The Traditional Manufacturing
Environment 333
Batch Processing System 334
Controls in the Traditional Environment
344
World-Class Companies and Lean
Manufacturing 347
What Is a World-Class Company? 348
Principles of Lean Manufacturing 348
Techniques and Technologies that Promote
Lean Manufacturing 350
Physical Reorganization of the Production
Facilities 350
Automation of the Manufacturing Process 350
viii
Table of Contents
Accounting in a Lean Manufacturing
Environment 355
What’s Wrong with Traditional Accounting
Information? 355
Activity-Based Costing (ABC) 356
Value Stream Accounting 358
Information Systems that Support Lean
Manufacturing 360
Materials Requirement Planning (MRP) 360
Manufacturing Resource Planning (MRP II) 360
Enterprise Resource Planning (ERP) Systems 363
Summary 364
Chapter 8
Financial Reporting and Management
Reporting Systems 381
Data Coding Schemes 382
A System without Codes 382
A System with Codes 383
Numeric and Alphabetic Coding Schemes
The General Ledger System 387
The Journal Voucher 387
The GLS Database 388
GLS Procedures 389
The Financial Reporting System 389
Sophisticated Users with Homogeneous
Information Needs 389
Financial Reporting Procedures 389
Controlling the FRS 391
COSO/SAS 78 Control Issues
392
The Management Reporting System 394
Factors that Influence the MRS 394
Management Principles 395
Management Function, Level, and
Decision Type 398
Problem Structure 401
Types of Management Reports 403
Responsibility Accounting 405
Behavioral Considerations 409
Summary 412
383
Table of Contents
ix
Part III
Advanced Technologies in Accounting
Information 429
Chapter 9
Database Management Systems
430
Overview of the Flat-File vs. Database
Approach 431
Data Storage 431
Data Updating 431
Currency of Information 431
Task-Data Dependency 431
The Database Approach 432
Flat-File Problems Solved 432
Controlling Access to the Database 433
The Database Management System 433
Three Conceptual Models 434
Elements of the Database Environment 434
Users 435
Database Management System
Database Administrator 438
The Physical Database 441
436
The Relational Database Model 442
Relational Database Concepts 443
Anomalies, Structural Dependencies, and
Data Normalization 447
Designing Relational Databases 454
Identify Entities 455
Construct a Data Model Showing Entity
Associations 457
Add Primary Keys and Attributes to the Model 458
Normalize Data Model and Add Foreign Keys 459
Construct the Physical Database 460
Prepare the User Views 463
Global View Integration 464
Databases in a Distributed Environment 464
Centralized Databases 464
Distributed Databases 466
Summary 470
Appendix 471
x
Table of Contents
Chapter 10
The REA Approach to Database
Modeling 496
The REA Approach 497
The REA Model
497
Developing an REA Model 501
Differences between ER and REA Diagrams 501
View Modeling: Creating an Individual REA
Diagram 502
View Integration: Creating an Enterprise-Wide REA
Model 509
Step 1. Consolidate the Individual Models 510
Step 2. Define Primary Keys, Foreign Keys, and
Attributes 513
Step 3. Construct Physical Database and Produce
User Views 516
REA and Value Chain Analysis 520
REA Compromises in Practice 521
Summary 521
Chapter 11
Enterprise Resource Planning
Systems 528
What Is an ERP? 529
ERP Core Applications 531
Online Analytical Processing 531
ERP System Configurations 532
Server Configurations 532
OLTP Versus OLAP Servers 532
Database Configuration 535
Bolt-on Software 535
Data Warehousing 537
Modeling Data for the Data Warehouse 537
Extracting Data from Operational Databases 538
Cleansing Extracted Data 540
Transforming Data into the Warehouse Model 540
Loading the Data into the Data Warehouse
Database 541
Decisions Supported by the Data Warehouse 542
Supporting Supply Chain Decisions from the
Data Warehouse 542
Table of Contents
xi
Risks Associated with ERP Implementation 543
Big Bang Versus Phased-in Implementation
Opposition to Changes in the Business’s
Culture 544
Choosing the Wrong ERP 545
Choosing the Wrong Consultant 546
High Cost and Cost Overruns 547
Disruptions to Operations 548
544
Implications for Internal Control and
Auditing 549
Transaction Authorization 549
Segregation of Duties 549
Supervision 549
Accounting Records 550
Access Controls 550
Auditing the Data Warehouse 551
Summary 552
Appendix 553
Chapter 12
Electronic Commerce Systems
563
Intra-Organizational Networks and EDI 564
Internet Commerce 564
Internet Technologies 564
Protocols 567
Internet Protocols 569
Benefits from Internet Commerce
577
Risks Associated with Electronic Commerce 578
Intranet Risks 580
Internet Risks 581
Risks to Consumers 581
Security, Assurance, and Trust 587
Encryption 588
Digital Authentication 588
Firewalls 590
Seals of Assurance 591
Implications for the Accounting Profession 592
Privacy Violation 593
Audit Implications of XBRL 594
Continuous Auditing 594
Electronic Audit Trails 594
xii
Table of Contents
Confidentiality of Data 595
Authentication 595
Nonrepudiation 595
Data Integrity 595
Access Controls 595
A Changing Legal Environment
596
Summary 596
Appendix 597
Part IV
Systems Development Activities 623
Chapter 13
Managing the Systems Development Life
Cycle 624
The Systems Development Life Cycle 625
Participants in Systems Development
626
Systems Strategy 627
Assess Strategic Information Needs 627
Strategic Business Needs
Legacy Systems 628
User Feedback 629
627
Develop a Strategic Systems Plan 631
Create an Action Plan 632
The Learning and Growth Perspective 634
The Internal Business Process Perspective 634
The Customer Perspective 634
The Financial Perspective 634
Balanced Scorecard Applied to IT Projects 634
Project Initiation 635
Systems Analysis 635
The Survey Step 636
The Analysis Step 638
Conceptualization of Alternative Designs 640
How Much Design Detail Is Needed?
640
Systems Evaluation and Selection 642
Perform a Detailed Feasibility Study 642
Perform Cost-Benefit Analysis 643
Prepare Systems Selection Report 649
Table of Contents
xiii
Announcing the New System Project
User Feedback 650
650
The Accountant’s Role in Managing the
SDLC 651
How Are Accountants Involved with SDLC? 651
The Accountant’s Role in Systems Strategy 651
The Accountant’s Role in Conceptual Design 652
The Accountant’s Role in Systems Selection 652
Summary 652
Chapter 14
Construct, Deliver, and Maintain Systems
Project 659
In-House Systems Development 660
Tools for Improving Systems Development
660
Construct the System 664
The Structured Design Approach 664
The Object-Oriented Design Approach 667
System Design 669
Data Modeling, Conceptual Views, and
Normalized Tables 670
Design Physical User Views 670
Design the System Process 677
Design System Controls 681
Perform a System Design Walk-Through 681
Program Application Software 682
Software Testing 683
Deliver the System 684
Testing the Entire System 684
Documenting the System 685
Converting the Databases 687
Converting to the New System 688
Post-Implementation Review 689
The Role of Accountants 690
Commercial Packages 691
Trends in Commercial Packages 691
Advantages of Commercial Packages 693
Disadvantages of Commercial Packages 693
Choosing a Package 693
xiv
Table of Contents
Maintenance and Support 698
User Support 698
Knowledge Management and Group Memory
698
Summary 699
Appendix 699
Part V
Computer Controls and Auditing 723
Chapter 15
IT Controls Part I: Sarbanes-Oxley and IT
Governance 724
Overview of Sections 302 and 404 of SOX 725
Relationship between IT Controls and Financial
Reporting 725
Audit Implications of Sections 302 and 404 726
IT Governance Controls 728
Organizational Structure Controls 728
Segregation of Duties within the Centralized
Firm 729
The Distributed Model 731
Creating a Corporate IT Function 732
Audit Objectives Relating to Organizational
Structure 734
Audit Procedures Relating to Organizational
Structure 734
Computer Center Security and Controls 734
Computer Center Controls
735
Disaster Recovery Planning 737
Providing Second-Site Backup 738
Identifying Critical Applications 739
Performing Backup and Off-Site Storage
Procedures 740
Creating a Disaster Recovery Team 740
Testing the DRP 740
Audit Objective: Assessing Disaster Recovery
Planning 741
Audit Procedures for Assessing Disaster Recovery
Planning 741
Summary 742
Appendix 743
Table of Contents
Chapter 16
xv
IT Controls Part II: Security and
Access 759
Controlling the Operating System 760
Operating System Objectives 760
Operating System Security 760
Threats to Operating System Integrity 761
Operating System Controls and Test of
Controls 762
Controlling Database Management Systems 767
Access Controls 767
Backup Controls 770
Controlling Networks 771
Controlling Risks from Subversive Threats 771
Controlling Risks from Equipment Failure 780
Electronic Data Interchange (EDI) Controls 782
Transaction Authorization and Validation
Access Control 783
EDI Audit Trail 783
783
Summary 785
Appendix 786
Chapter 17
IT Controls Part III: Systems Development,
Program Changes, and Application
Controls 797
Systems Development Controls 798
Controlling Systems Development Activities 798
Controlling Program Change Activities 800
Source Program Library Controls 801
The Worst-Case Situation: No Controls 802
A Controlled SPL Environment 802
Application Controls 806
Input Controls 806
Processing Controls 809
Output Controls 812
Testing Computer Application Controls 815
Black Box Approach 815
White Box Approach 816
White Box Testing Techniques
818
xvi
Table of Contents
The Integrated Test Facility
Parallel Simulation 823
822
Substantive Testing Techniques 824
The Embedded Audit Module 825
Generalized Audit Software (GAS) 826
Summary 830
GLOSSARY
INDEX
G-1
I-1
Preface
Welcome to the Sixth Edition
The sixth edition of Accounting Information Systems includes a full range of new and
revised homework assignments, up-to-date content changes, as well as several reorganized chapters. All of these changes add up to more student and instructor enhancements
than ever before. As this preface makes clear, we have made these changes to keep students and instructors as current as possible on issues such as business processes, systems
development methods, IT governance and strategy, security, internal controls, and relevant aspects of Sarbanes-Oxley legislation.
Focus and Flexibility in Designing
Your AIS Course
Among accounting courses, accounting information systems (AIS) courses tend to be the
least standardized. Often the objectives, background, and orientation of the instructor,
rather than adherence to a standard body of knowledge, determines the direction the AIS
course takes. Therefore, we have designed this text for maximum flexibility:
•
This textbook covers a full range of AIS topics to provide instructors with flexibility
in setting the direction and intensity of their courses.
•
At the same time, for those who desire a structured model, the first nine chapters of
the text, along with the chapters on electronic commerce and computer controls, provide what has proven to be a successful template for developing an AIS course.
•
Earlier editions of this book have been used successfully in introductory, advanced,
and graduate-level AIS courses.
•
The topics in this book are presented from the perspective of the managers’ and
accountants’ AIS-related responsibilities under the Sarbanes-Oxley Act.
•
While the book was written primarily to meet the needs of accounting majors about
to enter the modern business world, we have also developed it to be an effective text
for general business and industrial engineering students who seek a thorough understanding of AIS and internal control issues as part of their professional education.
Key Features
Conceptual Framework
This book employs a conceptual framework to emphasize the professional and legal
responsibility of accountants, auditors, and management for the design, operation,
and control of AIS applications. This responsibility pertains to business events that are
narrowly defined as financial transactions. Systems that process nonfinancial transactions are not subject to the new standards of internal control under Sarbanes-Oxley
Preface
xviii
legislation. Supporting the information needs of all users in a modern organization,
however, requires systems that integrate both accounting and nonaccounting functions.
While providing the organization with unquestioned benefit, a potential consequence
of such integration is a loss of control due to the blurring of the lines that traditionally separate AIS from non-AIS functions. The conceptual framework presented in this
book distinguishes AIS applications that are legally subject to specific internal control
standards.
Evolutionary Approach
Over the past 50 years, accounting information systems have been represented by a number of different approaches or models. Each new model evolved because of the shortcomings and limitations of its predecessor. An interesting feature in this evolution is that
older models are not immediately replaced by the newest technique. Thus, at any point
in time, various generations of legacy systems exist across different organizations and
often coexist within a single enterprise. The modern accountant needs to be familiar with
the operational characteristics of all AIS approaches that he or she is likely to encounter.
Therefore, this book presents the salient aspects of five models that relate to both legacy
and state-of-the-art systems:
1.
2.
3.
4.
5.
manual processes
flat-file systems
the database approach
the resources, events, and agents (REA) model
enterprise resource planning (ERP) systems
Emphasis on Internal Controls
The book presents a conceptual model for internal control based on COSO and Statement on Auditing Standards (SAS) No. 78. This model is used to discuss control issues
for both manual processes and computer-based information systems (CBIS). Three chapters
(Chapters 15, 16 and 17) are devoted to the control of CBIS. Special emphasis is given to
the following areas:
•
computer operating systems
•
database management systems
•
electronic data interchange (EDI)
•
electronic commerce systems
•
ERP systems
•
systems development and program change processes
•
the organization of the computer function
•
the security of data processing centers
•
verifying computer application integrity
Preface
Exposure to Systems Design and Documentation Tools
The book examines various approaches and methodologies used in systems analysis and
design, including the following:
•
structured design
•
object-oriented design
•
computer-aided software engineering (CASE)
•
prototyping
In conjunction with these general approaches, professional systems analysts and programmers use a number of documentation techniques to specify the key features of systems.
The modern auditor works closely with systems professionals during IT audits and must
learn to communicate in their language. The book deals extensively with documentation
techniques such as data flow diagrams (DFDs), entity relationship diagrams (ERDs), as
well as system, program, and document flowcharts. The book contains numerous systems
design and documentation cases and assignments intended to develop the students’ competency with these tools.
Significant Changes in the Sixth Edition
Chapter 4, “The Revenue Cycle”; Chapter 5 “The Expenditure Cycle
Part I: Purchases and Cash Disbursements Procedures”; Chapter 6,
“The Expenditure Cycle Part II: Payroll Processing and Fixed Asset
Procedures”
The end-of-chapter material to these chapters has been significantly revised. This entailed
the creation of many new multiple-choice questions and problems. In particular, great
attention was given to internal control case solutions to ensure that they were consistent
in appearance and accurately reflect the cases in the text. In the 6th edition all case solution flowcharts are numerically coded and cross referenced to text that explains the internal control issues. This approach, which has been classroom tested, facilitates effective
presentation of internal control case materials.
Chapter 7, “The Conversion Cycle”
This chapter has been completely rewritten to include issues, techniques, and technologies pertinent to the popular philosophy of lean manufacturing. The revised chapter
presents the key features of two alternative cost accounting models: (1) activity-based
costing (ABC) and (2) value stream accounting. The latter is gaining acceptance as a superior accounting technique for lean manufacturing companies.
Chapter 9, “Database Management Systems”
The body of this chapter has been revised to better integrate traditional data modeling techniques with REA modeling, which is discussed in Chapter 10. This integration
xix
Preface
xx
facilitates distinguishing the modeling techniques that are unique to each approach while
avoiding redundant treatment of issues that they have in common. The chapter appendix
provides a new and easy-to-understand, business-based data normalization example.
Chapter 10, “The REA Approach to Database Modeling”
This is an entirely new chapter on REA data modeling. The chapter begins by presenting the theoretical REA model, which is based on an economic exchange. This model is
then developed step by step into functional databases for revenue and expenditure cycle
applications.
Chapter 11, “Enterprise Resource Planning Systems”
The significant change to this chapter is a revised appendix that presents the key features
of the leading large-scale, midsized, and small business ERP systems.
Chapter 12, “Electronic Commerce Systems”
This chapter was revised to emphasize the growing and changing threats from denial of
service Dos attacks. While such attacks can be aimed at any type of website, they are particularly devastating to business entities that are prevented from receiving and processing
business transactions from their customers. Three common types of DOS attacks—SYN
flood, smurf, and distributed denial of service (DDOS)—are discussed.
Organization and Content
Part I: Overview of Accounting Information Systems
Chapter 1, “The Information System: An Accountant’s Perspective”
This chapter places the subject of accounting information systems in perspective for
accountants. It is divided into four major sections, each dealing with a different aspect of
information systems.
•
The first section explores the information environment of the firm. It introduces basic
systems concepts, identifies the types of information used in business, and describes
the flows of information through an enterprise. This section also presents a framework for viewing accounting information systems in relation to other information
systems components.
•
The second section of the chapter deals with the impact of organizational structure
on AIS. The centralized and distributed models are used to illustrate extreme cases in
point.
•
The third section reviews the evolution of information systems models. Accounting
information systems have been represented by a number of different approaches or
models. Five dominant models are examined: manual processes; flat-file systems;
the database approach; the resources, events, agents (REA) model; and enterprise
resource planning (ERP) systems.
Preface
•
The final section discusses the role of accountants as users, designers, and auditors of
AIS. The nature of the responsibilities shared by accountants and computer professionals for developing AIS applications are examined.
Chapter 2, “Introduction to Transaction Processing”
The second chapter expands on the subject of transaction cycles introduced in Chapter 1.
While the operational details of specific transaction cycles are covered in subsequent
chapters, this chapter presents material that is common to all cycles. Topics covered
include:
•
the relationship between source documents, journals, ledgers, and financial statements in both manual and computer-based systems;
•
system documentation techniques, such as data flow diagrams, entity relationship
(ER) diagrams, document systems, and program flowcharts; and
•
data processing techniques, including batch and real-time processing.
The techniques and approaches presented in this chapter are applied to specific business
cycle applications in later chapters. The chapter is supported by material in the appendix
and on the website.
Chapter 3, “Ethics, Fraud, and Internal Control”
Chapter 3 deals with the related topics of ethics, fraud, and internal control.
•
The chapter first examines ethical issues related to business and specifically to computer systems. The questions raised are intended to stimulate class discussions.
•
The chapter then addresses the subject of fraud. There is perhaps no area of greater
controversy for accountants than their responsibility to detect fraud. Part of the problem stems from confusion about what constitutes fraud. This section distinguishes
between management fraud and employee fraud. The chapter presents techniques for
identifying unethical and dishonest management and for assessing the risk of management fraud. Employee fraud can be prevented and detected by a system of internal
controls. The section discusses several fraud techniques that have been perpetrated
in both manual and computer-based environments. The results of a research study
conducted by the Association of Certified Fraud Examiners as well as the provisions
of the Sarbanes-Oxley Act are presented.
•
The final section of the chapter describes the internal control structure and control
activities specified in SAS 78 and the COSO framework. The control concepts discussed in this chapter are applied to specific applications in chapters that follow.
Part II: Transaction Cycles and Business Processes
Chapters 4, 5, and 6, The Revenue and Expenditure Cycles
The approach taken in all three chapters is similar. First, the business cycle is reviewed
conceptually using data flow diagrams to present key features and control points of each
major subsystem. At this point the reader has the choice of either continuing within the
xxi
Preface
xxii
context of a manual environment or moving directly to computer-based examples. Each
system is examined under two alternative technological approaches:
•
First examined is automation, which preserves the basic functionality by replacing
manual processes with computer programs.
•
Next, each system is reengineered to incorporate real-time technology.
Under each technology, the effects on operational efficiency and internal controls are
examined. This approach provides the student with a solid understanding of the business
tasks in each cycle and an awareness of how different technologies influence changes in
the operation and control of the systems.
Chapter 7, “The Conversion Cycle”
Manufacturing systems represent a dynamic aspect of AIS. Chapter 7 discusses the technologies and techniques used in support of two alternative manufacturing environments:
•
traditional mass production (batch) processing
•
lean manufacturing
These environments are driven by information technologies such as materials requirements planning (MRP), manufacturing resources planning (MRP II), and enterprise
resource planning (ERP). The chapter addresses the shortcomings of the traditional cost
accounting model as it compares to two alternative models: activity-based costing (ABC)
and value stream accounting.
Chapter 8, “Financial Reporting and Management Reporting Systems”
Chapter 8 begins with a review of data coding techniques used in transaction processing
systems and for general ledger design. It explores several coding schemes and their respective
advantages and disadvantages. Next it examines the objectives, operational features, and
control issues of three related systems: the general ledger system (GLS), the financial reporting system (FRS), and the management reporting system (MRS). The emphasis is on operational controls and the use of advanced computer technology to enhance efficiency in each of
these systems. The chapter distinguishes the MRS from the FRS in one key respect: financial
reporting is mandatory and management reporting is discretionary. Management reporting
information is needed for planning and controlling business activities. Organization management implements MRS applications at their discretion, based on internal user needs.
The chapter examines a number of factors that influence and shape information
needs. These include management principles, decision type and management level, problem structure, reports and reporting methods, responsibility reporting, and behavioral
issues pertaining to reporting.
Part III: Advanced Technologies in Accounting Information
Chapter 9, “Database Management Systems”
Chapter 9 deals with the design and management of an organization’s data resources.
•
It begins by demonstrating how problems associated with traditional flat-file systems
are resolved under the database approach.
Preface
•
The second section describes in detail the functions and relationships among four
primary elements of the database environment: the users, the database management
system (DBMS), the database administrator (DBA), and the physical database.
•
The third section is devoted to an in-depth explanation of the characteristics of the
relational model. A number of database design topics are covered, including data
modeling, deriving relational tables from ER diagrams, the creation of user views,
and data normalization techniques.
•
The fourth section concludes the chapter with a discussion of distributed database
issues. It examines three possible database configurations in a distributed environment: centralized, partitioned, and replicated databases.
Chapter 10, “The REA Approach to Database Modeling”
Chapter 10 presents the REA model as a means of specifying and designing accounting
information systems that serve the needs of all users within an organization. The chapter
is composed of the following major sections.
•
It begins by defining the key elements of REA. The basic model employs a unique form
of ER diagram called an REA diagram that consists of three entity types (resources,
events, and agents) and a set of associations linking them.
•
Next the rules for developing an REA diagram are explained and illustrated in detail.
An important aspect of the model is the concept of economic duality, which specifies
that each economic event must be mirrored by an associated economic event in the
opposite direction.
•
The chapter goes on to illustrate the development of an REA database for a hypothetical firm following a multistep process called view modeling. The result of this
process is an REA diagram for a single organizational function.
•
The next section in the chapter explains how multiple REA diagrams (revenue cycle,
purchases, cash disbursements, and payroll) are integrated into a global or enterprisewide model. The enterprise model is then implemented into a relational database
structure, and user views are constructed.
•
The chapter concludes with a discussion of how REA modeling can improve competitive advantage by allowing management to focus on the value-added activities of
their operations.
Chapter 11, “Enterprise Resource Planning Systems”
This chapter presents a number of issues related to the implementation of enterprise
resource planning (ERP) systems. It is composed of five major sections.
•
The first section outlines the key features of a generic ERP system by comparing the
function and data storage techniques of a traditional flat-file or database system to
that of an ERP.
•
The second section describes various ERP configurations related to servers, databases,
and bolt-on software.
xxiii
Preface
xxiv
•
Data warehousing is the topic of the third section. A data warehouse is a relational
or multidimensional database that supports online analytical processing (OLAP).
A number of issues are discussed, including data modeling, data extraction from
operational databases, data cleansing, data transformation, and loading data into the
warehouse.
•
The fourth section examines risks associated with ERP implementation. These include
“big bang” issues, opposition to change within the organization, choosing the wrong
ERP model, choosing the wrong consultant, cost overrun issues, and disruptions to
operations. The fifth section reviews several control and auditing issues related to
ERPs. The discussion follows the SAS 78 framework.
•
The chapter appendix provides a review of the leading ERP software products including SAP, Oracle E-Business Suite, Oracle | PeopleSoft, JD Edwards, EnterpriseOne,
SoftBrands, MAS 500, and Microsoft Dynamics.
Chapter 12, “Electronic Commerce Systems”
Driven by the Internet revolution, electronic commerce is dramatically expanding and
undergoing radical changes. While electronic commerce promises enormous opportunities for consumers and businesses, its effective implementation and control are urgent
challenges facing organization management and accountants. To properly evaluate the
potential exposures and risks in this environment, the modern accountant must be familiar with the technologies and techniques that underlie electronic commerce. This chapter
and the associated appendix deal with several aspects of electronic commerce.
•
The body of the chapter examines Internet commerce including business-to-consumer
and business-to-business relationships. It presents the risks associated with electronic
commerce and reviews security and assurance techniques used to reduce risk and to
promote trust.
•
The chapter concludes with a discussion of how Internet commerce impacts the
accounting and auditing profession. The internal usage of networks to support distributed data processing and traditional business-to-business transactions conducted
via EDI systems are presented in the appendix.
Part IV: Systems Development Activities
Chapter 13, “Managing the Systems Development Life Cycle” and
Chapter 14, “Construct, Deliver, and Maintain Systems Projects”
These chapters examine the accountant’s role in the systems development process.
•
Chapter 13 begins with an overview to the systems development life cycle (SDLC).
This multistage process guides organization management through the development
and/or purchase of information systems.
•
Next, Chapter 13 presents the key issues pertaining to developing a systems strategy,
including its relationship to the strategic business plan, the current legacy situation,