Sistem Informasi Akuntansi

Week 7 Highlights of the course

Chapter 1: Overview
Data vs. information
Data Information
What makes information useful?
1.
Relevant
2.
Reliable
3.
Complete
4.
Timely
5.
Understandable
6.
Verifiable
7.
Accessible

Accounting Information System

It can be manual or computerized
Consists of
People who use the system
Processes
Technology (data, software, and
information technology)
Controls to safeguard information
AIS adds value
A well thought out AIS can add value through
effective and efficient decisions.
Having effective decisions means quality
decisions
Having efficient decisions means reducing
costs of decision making
AIS & strategy
An AIS is influenced by an organizations
strategy.
A strategy is the overall goal the organization
hopes to achieve (e.g., increase
profitability).

Accounting Information System

in the value chain
The value chain shows how the different
activities within an organization provide
value to the customer.
These activities are primary and support
activities.
Primary activities provide direct value
to the customer.
Support activities enable primary
activities to be efficient and effective.

Once an overall goal is determined, an organization can decide

actions needed to reach the goal & identify the informational
requirements necessary to measure how well they are doing in
obtaining that goal

Chapter 2: Transaction Processing

Data Processing Cycle

Query response

Paper source docs are often

used to collect data, then data is
transferred into computer.
Turnaround docs
Source data automation
devices capture tranx data in
machine readable form.

Batch processing, data are

processed at fixed time periods
Online batch processing, data
are entered /edited as they
occured and stored for later
processing
On line real time processing

Soft copy
Hard copy: document, report,
query response

Chapter 2: ERP
Company uses ERP systems to
coordinate and manage data, business
process and resrouces
Modular, and each module uses best
business practices to automate a
standard business process
It integrates activities from the entire
organization
Production
Payroll
Sales
Purchasing
Financial Reporting

Complex and expensive

Companies should not pay for software
modules that they do not need
Because it difficult to implement ERP
software by themselves, they often hire
an ERP vendor or a consulting
company which provides 3 services:
consulting, customization and support
Segregation of duties may occur as
most managers/employees have access
to only a small portion of the system
for better internal control

Advantages of ERP
Integrated enterprise-wide
allowing for better flow of the
information as its stored in a
centralized database and can be
accessed by various
departments which also
improves customer service.
Data captured once (i.e., no
longer need sales to enter data
about a customer and then
accounting to enter same
customer data for invoicing)
Improve access of control of the
data through security settings
Standardization of procedures
and reports
Disadvantages of ERP
Costly
Significant amount of time
to implement
Complex
User resistance (learning
new things is sometimes
hard for employees)

Chapter 3: Documentation techniques

Data flow diagram
N

Entity
Name

Process
Description

Flowchart
Terminal showing source
or destination of documents
and reports
Source document or
report
Manual operation

Data Store
Name

File for storing source

documents and
reports
Computer process

Accounting records
(journals, registers,
logs, ledgers)

Direction of
data flow

Direct access storage

device

Terminal input/
output device

Business process diagram

Chapter 5: Fraud
Definition
Any means a person uses to gain an
unfair advantage over another person;
includes:
A false statement, representation,
or disclosure
A material fact, which induces a
victim to act
An intent to deceive
Victim relied on the
misrepresentation
Injury or loss was suffered by the
victim
Fraud is white collar crime

Fraud categories
Misappropriation of assets
Theft of company assets
which can include physical
assets and digital assets
Fraudulent financial reporting
cooking the books

Who perpetrates fraud & why Fraud

triangle concept

Computer fraud
If a computer is used to commit
fraud it is called computer fraud.
Computer fraud is classified as:
Input
Processor
Computer instruction
Data
Output
Preventing & detecting fraud
Make fraud less likely to occur
Make it difficulty to commit
Improve detection
Reduce fraud losses

Chapter 6: Computer fraud

Hacking
Unauthorized access,
modification, or use of an
electronic device or some
element of a computer system
Social Engineering
Techniques or tricks on
people to gain physical or
logical access to confidential
information
Malware
Software used to do harm

Hacking used for fraud

Internet misinformation
E-mail threats
Internet auction
Internet pump and dump
Click fraud
Web cramming
Software piracy
Social engineering
Identity theft
Pretexting
Posing
Phishing
Pharming
URL hijacking
Scavenging
Shoulder surfing
Skimming
Eeavesdropping

Malware
Spyware
Keylogger
Trojan Horse
Trap door
Packet sniffer
Virus
Worm

Chapter 7: Control
COBIT
32 management processes are
broken down into 4 domains
1.
Align, plan and organize
(APO)
2.
Build, acquire and
implement (BAI)
3.
Deliver, service and support
(DSS)
4.
Monitor,evaluate and assess
(MEA)

COSO IC

COSO ERM

RA
SA

Control avtivities
Proper authorization of transactions and
activities
Segregation of duties (Auth, Recd, Custd)
Project development and acquisition
controls
Change management controls
Design and use of documents and records
Safeguarding assets, records, and data
Independent checks on performance

Chapter 8: Information Security

Controls
Information
Security
Controls

Preventive
People
Processes
IT Solutions
Physical security
Change control & change
management

Detective

Log analysis
Instrusion detection
systems
Penetration testing
Continuous monitoring

Corrective

Computer Incident
Response Teams (CIRT)
Chief Information
Security Officer (CISO)
Patch management