ACCOUNTING INFORMATION SYSTEM

MAKE UP CAT

GEORGE KIIRITHIO WAWERU

C027-01-2058/2019

BSc. Business Information Technology

CAT I

Category selected: Banks

A. INFORMATION SYSTEM FUNCTIONS

 Discuss the operations/functions the Information system used-e.g confirmation of balances,
keying data (specify), sending info,

IT component of banking institution –

has a determining role at the internal
environment level, but also at the level
of relations with the external
environment. Generically speaking, an
information system includes a hardware
component and a software component –
systems and applications which
ensure data entering, processing and
storage and are operated by specialized
personnel
IT component of banking institution –
has a determining role at the internal
environment level, but also at the level
of relations with the external
environment. Generically speaking, an
information system includes a hardware
component and a software component –
systems and applications which
ensure data entering, processing and
storage and are operated by specialized
personnel.
1. Automated Teller Machines (ATMs)
Banks use mainframe computers to maintain their customer accounts by dealing with
transactions generated because of withdrawals and deposits.
It also operates a network of automated teller machines or ATMs.
Typically, an ATM is used to:
- withdraw cash;
- check an account balance;
- order a statement or print a ‘mini statement’;
- order a cheque book
2. Clearing cheques
 Once a cheque has been written and paid into the bank a process, called clearing begins. This
describes the steps that take place in order for the correct amount of money to be
transferred from one account to another. Cheques are processed using MICR
3. Electronic Funds Transfer (EFT)
They can be used to pay for goods and services instead of cash or cheques. This type of
payment system is called EFT.
4. Smart cards
They look exactly like a credit or debit card except that it has a microchip built into it. Can be
used to store data reliably and securely. Money is stored on the card in an electronic purse .
 Data entered into the system as well as output if any (can be of different functional areas)
- Customer Personal Details
- Account Details
- Customer Transactions
- Customer complaints and service inquiries
- Social Media Feeds
- Market Sentiment
- Product Performance, etc.
 Objectives of information system- processing of loans, responding to enquiries e.t.c (n.b
objectives are not same as functions of the i.s), based on output
- To minimize the negative impact of outdated systems. If replacing them is hardly
possible, one should look for solutions for managing data with an adaptable structure.
This will allow working with old software and advanced technologies.
- To be attentive to the storage of content. Finding the necessary information is time-
consuming when it is dispersed across different blocks and systems. In this case, it
makes sense to use data collection technologies regardless of their location.
- To search for affordable solutions for customers. Consumers are looking for quick and
easy ways to interact with banks. The latter are trying to provide them with slow and
poorly adaptable platforms. However, traditional financial institutions can adopt
advanced digital models to provide a change in software architecture components. This
can make the bank more competitive than when using individual (particular) solutions.
- To avoid informational chaos. Analytics is the key to discovering the value of data. Using
platforms to manage them allows making more informed decisions.
- To allow scalability. Many bank systems cannot be scaled as they grow, although namely
the presence of such an opportunity should be the main criterion in choosing software
providers.
 Observed weakness that the system may have had and probable solutions
A feature of the work of financial organizations is that information losses here can be expressed
in huge amounts of money. This is due to the fact that banks preserve not only the material
values of their customers, but also bank secrecy – data on depositors, creditors, their accounts
and funds. Any leak of such information leads the financial organization to serious reputational,
legal and operational problems and, consequently, to loss of income.
 Hacking of automated banking systems and theft of funds through unauthorized transfers from
one account to another negatively affects the bank’s reputation and entails the need to
reimburse huge funds. The same consequences for banks are derived from transfers from
accounts by forgery of plastic bank cards and phishing.

A modern bank operates with huge amounts of information that require fast encryption “on the
fly” for their safety, which significantly increases the system requirements for computer
technology and cryptographic devices. In addition, banks need to ensure backup of large
amounts of data and secure storage of copies. Any security incident can be complicated by the
fact that information about the vulnerability, as well as software tools for using it, is instantly
distributed over the Internet, leading to large-scale exploitation of the vulnerability (Chaikovskyi
& Kovalchuk, 2019). Therefore, financial institutions need to pay special attention to the choice
of software or IT contractors, as well to in-time updates.

CAT II

B. A.I.S THREATS AND RISKS THE ORGANIZATION IS EXPOSED TO

 Describe the threats and risks the organization is exposed to e.g hacking e.t.c, discuss past
experience of any when threat was actualized not a must.
- Intentional acts- Here we have had many people who attempt or manage to commit bank
robbery for example students who dug a tunnel at Thika and stole Kenya Shillings 30 million.
- Accident or innocent errors –e.g. in 24th February 2020 a matatu crashed into a bank, at least
7 people were left injured after a 14 -seater matatu crashed into an Equity Bank building in
Chuka.
- Software errors and equipment malfunction- Although minimal but equipment malfunction
happens that leads to one teller at the bank being un operational
- Increase in the number of clients and customers in the bank resulting to a rise in the number
of users required to use the to serve clients hence if not properly managed may lead to
hacking
- A rise in the amount of information being distributed to users in the bank system making it
harder to control as well as confidentiality
 Controls and procedures (ICS) put in place to manage the risks- preventive, detective and
corrective measures

1. Preventive control
- Hiring highly qualified accounting personnel- The bank in many occurrences hire stuff who have
both a degree and masters in accounting hence reduce the risk of money laundry in the bank.
- Instilling a culture of integrity and honesty – This is seen in many banks as all stuff are required
to not share or see any client information without the clients permission.
- Appropriately segregating employee duties – The bank has stuffs who play different roles in the
organization ,be it the teller or the security guard each play a significant role in reducing risk that
may occur in the organization
- Effectively controlling access to assets, facilities and information – All the stuff are required to
enter at the same time ,like today when you go to a bank before 8Am the stuff are outside the
door and 10 minutes to 8Am they all enter
- IT controls e.g. passwords, firewalls- For example the Equity mobile banking to access it you
have to have your password hence increase the level of security

2. Detective Control
- Physical monitoring of employee activities – The manager walks into the offices of the teller to
check the progress of the employees
- Double checking calculations- The bank has Audit managers who come now and then to check
on the financial statements and hence double check all the values entered to ensure a honest
transaction that took place between the clients and the bank.
- Preparing Reconciliation Statements – The bank has many accountant professional who prepare
this king of statement which is real time
- Use of CCTV cameras- The bank has a lot of CCTV cameras which make it easier to see robbery
that can or is taking place in the bank

3. Corrective Control
- Maintaining back-up copies of key transactions and master files – All bank have back-up for all
data in the bank hence when the system crushes they can recover all the data when the system
is corrected
- Adherence to procedures for creating data entry errors-When you go to a bank all the questions
are the same they first start asking you questions from bringing your Id to what amount are you
withdrawing.
 Weakness in ICS (procedures) put in place and potential solutions for each
- Destruction of assets i.e. physical assets and information-Like in the case given above the
Matatu that caused an accident in the bank made a lot of damages like glasses were broken and
chairs broken
- Theft of assets-This happens frequently as people take the small things like the pen given at the
bank
- Disruption of information system – For example an IT student from JKUAT was accused of
Hacking into a bank system he stole 24million and attempted to steal 190 million in the local
bank
- Corruption of information or information system – For a system to be hacked it must be
corrupted.
THE END.