Professional Documents
Culture Documents
Notebook in Acctg8
Notebook in Acctg8
Notebook in Acctg8
Financial Cycle deals with interactions between an organization and its lenders
and owners.
Goal Conflict is when a subsystem’s goals are inconsistent with the goals of
another subsystem or the system as a whole.
Goal Congruence is when a subsystem achieves its goals while contributing to the
organization’s overall goal.
Function of an AIS:
Provide information to executives for the purpose of making strategic decisions
Transforming data into useful information
Component of AIS:
The procedures and instructions used to collect, process and store data is
transforming data into information so that the management can plan, execute,
control and evaluate activities, resources and personnel.
CHAPTER 2
Data Input – where data is captured, collected and entered into the system.
Data Storage – where data is stored for future use.
Data Processing – where stored data is updated with new input data.
Record should include all information maintained by the system about a particular
entity.
Sequence Code are numbered items consecutively to account for all of them, and
missing ones cause a gap in the sequence.
Block Code are blocks of numbers reserved for specific categories of data.
Group Code are two or more subgroups of digits used to code items, are often in
conjunction with block codes.
The most likely to be used in the expenditure cycle is the receiving report, it is
used to record the receipt of goods from suppliers. Companies pay their suppliers
based on the goods received and recording on the receiving report.
The Sales Order is a revenue cycle document that captures the information about
the customer’s order.
The Credit Memo is a revenue cycle document that is used to give a credit to a
customer for damaged or returned goods.
A Job Time Ticket is a production cycle documents that is used to record the time
spent on specific jobs.
Note: The Chart of Accounts list general ledger accounts by the order in which they appear
in financial statements.
Online Batch Processing involves entering transaction data and editing them as
they occur.
CHAPTER 3
System Flowcharts depicts the relationships among input, processing, storage and
output.
Data sources and Destinations are represented as a square in a data flow diagram.
A curved arrow represents a data flow. A circle represents a process. Two parallel
lines represents a data store.
CHAPTER 4
The relational data model portrays data as being stored in tables or relation
format.
A hierarchical database portrays data as being stored in hierarchies.
Data Integration are master files that are combined into large “pools” of data that
many application programs access. This may be an employee database that
consolidates payroll, personnel, and job skills master files.
Data Sharing are more easily shared with authorized users. Database are easily
browsed to research a problem or obtain detailed information underlying a report.
Data Independence. As a data and the programs that use them are independent of
each other, each can be changed without changing the other.
DDL (Data Definition Language): is used to build the data dictionary, create a
database, describe logical views, and specify any limitations or constraints on
security.
A primary key must be unique which is why a supplier number would be the most
likely attribute.
Entity Integrity Rule. Every primary key in a relational table must have a nonnull
value.
Referential Integrity Rule. Stipulates that foreign keys must have values that
correspond to the value of primary key in another table or be empty.
CHAPTER 5
Input Fraud is the simplest and most common way to commit a computer fraud. It
involves altering or falsifying input.
Ponzi Schemes, in which money from new investors is used to pay off earlier
investors, are investment frauds that often do not involve auditors.
Lapping, in which later payments on account are used to pay off earlier payments
that were stolen.
Computer Fraud
Theft of money by altering computer records
Obtaining information illegally using a computer
Unauthorized modification of a software
Note: Majority of computer security problems are caused by human errors.
Background Check on Employees can help screen out dishonest job applicants,
but it does not stop employees from lapping accounts receivable payments.
Regular backup of data and programs helps the injured party recover lost or
damaged data and programs.
Contingency plan helps the injured party restart operations on a timely basis.
Segregation of duties is an effective method of deterring fraud but does not help a
company recover from fraud once it occurs.
CHAPTER 6
Virus damages a system using a segment of executable code that attaches itself to
software, replicates itself and spreads to other systems or files.
Worm is a program that hides in a host program and copies and actively transmits
itself directly to other systems.
Trap Door is entering a system using a back door that bypasses normal system
controls.
Logic Bomb sabotages a system using a program that lies idle until some specified
circumstances or a particular time triggers it.
URL Hijacking
Chipping is planting a chip that records transaction data in a legitimate credit card
reader.
Round-down fraud are interest calculations truncated at two decimal places, and
the excess decimals are put into an account the perpetrator controls.
Phreaking is a perpetrator that attacks phone systems to obtain free phone line
access or uses telephone lines to transmit viruses and to access, steal and destroy
data.
Vishing is voice publishing, in which e-mail recipients are asked to call a phone
number where they are asked to divulge confidential data,
Pretexting is one specific type of social engineering. It involves acting under false
pretenses to gain confidential information.
Packet Sniffers are programs that capture data from information packets as they
travel other the Internet or company networks.
Bluesnarfing is a type of computer attack steals contact lists, images and other
data using Bluetooth.
Butter overflow is inputting so much data that input buffer overflows. The
overflow contains code that takes control of the computer.
Carding is verifying card validity; buying and selling stolen credit cards.
CHAPTER 7
Detective Controls are controls designed to discover control problems that were
not prevented.
Preventive Controls are controls that deter problems before they arise…
Application Controls are controls that prevent, detect and correct transaction
errors and fraud in application programs.
Strategic Objectives are high-level goals aligned with the company’s mission and
are one of the objectives in COSO’s ERM model.
Compliance Objectives help the economy comply with all applicable laws and
regulations and are one of the objectives in COSO’s ERM model.
The risk assessment steps: Identify threats, estimate risk and exposure, identify
controls and estimate costs and benefits.