The History Of Accounting Information Systems

Published Date: 02 Nov 2017

AIS is an integrated framework within a firm that employs physical resources to transform economic data into financial information for operating and managing the firm's activities, and reporting the firm's achievements to interested parties. - Wilkinson J W

The role of Accounting Information System (AIS) is crucial in managing an organization and implementing an internal control system. A significant matter involving the field of management decision-making and accounting concerns the correspond of AIS with organizational requirements for information communication and control.

Investing in such a system has its advantages when the benefits exceed its costs.

We can make use of these information generated by the AIS to make effective decision-making processes, and purchase.

The benefits of AIS can be gauged by its improvement of the following components:

Table .1 Components of AIS

clip_image001_0001.gif

Figure .1 Relationship between organizational activity and AIS

This model illustrates the relationships among its components and activities of information systems.

Internal Controls:

They are measures organizations adopt to reflect business reality. By establishing Internal Controls, organizations can safeguard their assets and ensure reliability of confidential data. These data may include its employees’ salary information, Social Security numbers, credit card numbers, etc. All these data should be encrypted, and access to the system should be surveilled and logged at all times.

It is a fundamental aspect of management’s stewardship responsibility to present shareholders with acceptable assurance that the business is adequately controlled.

AIS also requires internal controls to withstand internal and external threats such as computer viruses, hackers, unauthorized computer access and to limit access to authorized users. It must also be able to recover information in the case of natural disasters or when power surges that cause data loss.

Likewise, management has a accountability to equip potential investors and shareholders with reliable financial reports on a timely basis. (Sarbanes-Oxley act) It enables organizations to adhere to accounting principles like Generally Accepted Accounting Principles (GAAP) as it ensures accuracy and reliability.

Objectives of Internal Control:

Internal controls of AIS aims to ensure:

effectiveness and efficiency of operations

accuracy and reliability of accounting records and information.

appropriate management and control of risk

compliance with applicable regulations, sub-ordinate laws and other financial management procedures of the government

These objectives generally contributes to the efficiency of its operations, to the control over its activities and to the efficient utilization of its resources.

By helping to control and anticipate the risks involved, the internal control system plays a key role in conducting and monitoring its various activities. Nonetheless, internal control cannot guarantee that all of the organization’s objectives will be met.

Management must also be able to demonstrate that these internal controls are operating as intended, ensuring that the levels of risk are minimal and acceptable to the organization.

Scope of Internal Control:

Every individual organizations will have their unique design of internal control system which is suitably adapted to their situation. Parent company should ensure that these control systems exist with their own individual characteristics and coexist with its subsidiaries.

Components of Internal Control System:

In 1992, Committee of Sponsoring Organizations of the Treadway Commission (COSO) published the report Internal Control--Integrated Framework as a "basis for developing business control systems and assessing their effectiveness" (Internal Control Issues).

This report provides the following five components of internal control:

Table .2 Components of Internal Control

Accounting Systems: Manual vs. Computerized:

Computerized Accounting

The 2 major benefits of a computerized system are its improvements on speed and accuracy of processing accounting information. In the case of disasters/hazards, information can also be recovered/rolled-back from the backup server.

The accounting profession must reinvent how information is retrieved, kept and granted to users or to be substituted by a new yet to emerge profession.

Manual Accounting

Requires the role of an accountant/bookkeeper to handle business transactions to the general ledger, general journal and worksheet. This process is done by either using actual ledger sheets and paper journal or by creating these sheets in a computer software i.e. Microsoft Excel. This is a manual process because each transaction is specifically entered into the system individually.

Comparison

Table .3 Comparison

With the aid of an accounting software such as the MYOB (Mind Your Own Business), less labor/work are required as most processes such as calculations, or plotting graphs and charts are done automatically.

However, there are two sides to every coin. With the advancement of Information Technology, conventional business processes have to be reengineered accordingly to work with the new internal control techniques that are required to address the security hazards that surfaced on the new computerized environment.

Exposure and Risk:

A weakness or absence of a control is called exposure. Exposures amplify organization’s risk to financial loss or deficiency when undesirable events arise.

These security hazards include:

Fraud performed by persons both in and outside the firm

Mischievous acts, such as Denial-of-Service, disruption of operation, unauthorized access by computer hackers and threats from worms, Trojan horses, spyware and computer viruses that destroy programs and databases

Errors due to workers’ ineffectiveness, deficient computer programs, inaccurate input data

Computerized systems can be complicated to understand. Additionally, if the systems are not in particular revised or set up for the business it can cause disaster to the accounts. [http://basiccollegeaccounting.com/]

We need to instigate effective controls for who has the access to the information. If security breach occurs and information got stolen, management can be held accountable for the loss. We also need to ensure that the data has been accurately keyed into the system, as a mistake in the data entry can destroy a whole set of data.

Additional problems with Computerized AIS over manual system.

Difficult to trace who entered data

Fraud is potentially easier: e.g. in manual system, a clerk would query large payslip, a computerized system may not.

Data not easily view. Need office computer.

Solution:

In order to achieve the objectives new environment, Computerized AIS internal Controls have to be implemented. These controls can be break down into three distinctive categories. They are:

Administrative Control over the organization of the IS function

System’s Development Controls over the design & implementation of systems

Procedural Controls over the daily basis of the running system

Administrative Controls

Division of duties:

This ensures that no one can have full control over a transaction. Having one person operating the entire system can result in fraud if the person operating is not trustworthy. Thus, segregation of duties must be practiced. Or else, it will have a major impact on the system if the person-in-charge were to leave the organization.

Operation Controls:

Essential to monitor what the workstation and the employees handling the system have been doing. These controls includes:

Rotation of shift duties

Duty logs

Standard Operating Procedures (SOP)

Attendance Records

Computer logs

They enable auditors to track the actions taken by employees on the computerized environment. These documentation allows them to easily spot any errors/misused acts that have occurred.

File Controls:

They are used to minimize oversight and errors that occur in the file system. These controls includes:

Availability of a skilled technician

Appropriate procedures for issuing and returning files

Proper labeling and indexing of files

Protection of storage media from humidity, dust , fire etc.

Formalities for returning files for certain periods

Recovering files that have been corrupted or damaged.

Creating backup copies of files.

Hardware & Software security:

Restricting access to the computer system. Certain levels of security must be complied with e.g. only the administrator can have access to the storage systems and CPU. In the event of disaster/ power fluctuations, a roll-back should be done to recover loss data. These controls would make sure that the failure of the system would not have a serious impact on the organization.

Systems Development Controls

They are controls that covers the design and implementation of the system. It ensures that the system developed does not face a great number of errors or risks.

Standardization: It systemizes and enhance in correcting problems and updating the system. The documentation also allows the auditor to get a better understanding of how the organization’s system works.

Managerial Involvement: Management must possess documentation such as feasibility analyses, budgets and performance estimations.

Testing & Trials: Thorough testing of programs should be performed before putting system into live.

Training: Staff should be provided with appropriate trainings to handle the system. Errors would be lesser with adequate amount of trainings.

Concurrent Running of new and old systems: i.e. running old and new systems in parallel to tally results.

Procedural Controls

One of the main aspect of controls as they are placed on the daily basis of the running of the system.

Input Controls:

User Department

Validation checks on documents (complete, accurate, and valid (i.e. properly authorized))

Serial numbering of documents

Batch documents, noting number of batches & batch totals

Authorization procedures

Processing Department

Vet batches to make sure they are complete and accurate

Scheduling work to ensure it is done before deadline

Examine on data conversion methods

Processing Controls:

Validation tests are done on data when being processed. These checks ensures digit verifications, size of file and records, mode of file, range test, hash totals and batch totals.

File checks on header labels to identify what sort of record. Use of trailer labels to ensure completeness of processing

Output Controls:

Used to ensure the accuracy, timeliness and completeness of the output on screen, printed statistical summary form, also on storage media. Some of these controls are:

Output should only be shown to authorized people by authorized personnel.

Review output for reasonableness, reconcile corresponding input and output total

Storage Controls

Ensure that no unauthorized personnel would be able to access, tamper with or destroy data. This helps to trace the person to be hold accountable for the loss. These controls can be enhanced with:

Password encryption

Amendments and deletions are being logged.

Proper facilities for the backing up data.

All these internal controls mentioned made up the 4-tier Controls Structure:

http://security.practitioner.com/introduction/infosec_5_5_files/image001.jpg

Figure .2 4-tier Controls Structure

Deterrent control - Minimize threats

Preventive control – Lowers the vulnerability of the system

Corrective control - Reduces the impact on the organization

Detective control - Detects problem and triggers controls

Conclusion:

Internal controls minimize the exposures of information system mentioned in part 7. In order to transit from traditional to computerized environment, new solutions to detect, prevent and correct computer threats are to be implemented to deal with hazards in the computerized environment.

All of these solutions mentioned in part 8 are used to enhance on the 5 key components of effective internal control stated in part 5.

It is clear that computerized AIS has many benefits over the manual system. In order to integrate, organization must address to the possible threats/hazards and adapt themselves before, during and after the transition period by implementing new controls in parallel with the convention ones.

Once proper operating program is established at system implementation, the integrity factor must be preserved throughout the application’s life cycle.

In small companies or in functional areas that faces insufficient personnel, management must counterbalance for the absence of segregation controls with close supervision. In this case, supervision is also known as compensating control.

Organization should also carry out a benefit/cost analysis of each control. Only if the benefits exceeds the cost of implementing control, and is less than the cost of the risk will it be cost-effective to bring in the control.

To sum it all up, Internal Controls has to be revised before, during, and after transitioning to computerized environment. It enhances the following factors:

Confidentiality

Integrity

Availability.

Learning Outcomes:

At the end of this coursework and the relevant readings, I have learnt about the moral and ethical issues posted by the advancement of technology. With internal controls, organizations can prevent their intellectual properties from being compromised and cases whereby security is being breached will be minimized.

[1994 words, excluding content page and references]

Gantt Chart: Progress Monitoring

Date: December 2012 – January 2013

Tasks

Dec13-15

Dec21-24

Jan1-3

Jan21-24

Jan25-27

Jan27-30

1.0) Initiating

1.1) Coursework Discussion

2) Planning

2.1) Research of topics

2.2) Interview Questions

2.3) Report Structure

2.4) Research on the Internet

2.5) Planning Outcome

3.0) Executing

3.1) Arrangement of Tables

3.2) Consolidate data

3.3) Report Writing

3.4) Consulting Experts (Lecturer)

3.6) Vetting of Report

4.0) Progress Monitoring