Professional Documents
Culture Documents
Accounting Information Systems Study Notes
Accounting Information Systems Study Notes
Week 1 Lecture 1
Data and information
AIS- Stores, collects, records and processes data to produce information for decision making.
Supply chain-An extended system that includes the value chain as well as its distributors,
suppliers, and creditors.
Business processes and transaction cycles
Week 2 Lecture 2
Strategy for competitive advantage
A company that has the following:
An edge over competitors
Superior margins
Value
Difficult or impossible to replicate.
VRIO Framework
Source of competitive
advantage
Porters five forces of competitive advantage
1. Threat of new entrants-The threat of new companies and ideas infiltrating the
market and gravitating serious market share.
2. Threat of internal competition-The threat of competitors offering similar
products/services for an improved perceive value.
3. Threat of alternatives-The threat of further competitors offering alternative
products and services for the same need.
4. Customer bargaining power-When the customer is in few, and the market is
saturated with similar products (Price war results).
5. Supplier bargaining power- When the supplier market is saturated, and
companies have a wide array to choose from.
Broad market
Cost leadership
Differentiation
Narrow segments
Focus
Examples of competitive advantages
Ease of use
Experience
Trade secrets
Patents/trademarks
Natural resources
Technology
Innovation
Personal touch
Scale
Sustainability
Brand equity
Ambassadors
Supply chain and logistics
Upcoming advantages
Supplier and customer intimacy
CSR
IT influence
intra firm processes
Improve synergies. -Pooling of resources between companies
Improve knowledge sharing as a core competency. -Encourages sharing between
business units
IT alignment framework
Week 3 Lecture 3
Overview of ERM
The Core Information Systems
-An ERP system is a set of computer program modules that attempts to integrate the different
functional areas of the organization.
-An ERP is designed based on best practice – the best way of performing a particular process.
Customer-facing applications
Customer touching applications
Operational CRM Systems provide the following benefits: Efficient, personalized marketing,
sales, and service
A 360-degree view of each customer.
The ability of sales and service employees to access a complete history of customer
interaction with the organization, regardless of the touch point.
- Sales
- Field service
Customer-Facing Applications
Customer-Touching Applications
Search and Comparison Capabilities Technical and Other Information and Services
Customized Products and Services Personalized web pages
FAQs
E-mail and Automated Response
Loyalty Programs
Copyright © 20110 John Wiley & Sons, Inc. All rights reserved.
Better segmentation
Better communication
Better protection of data privacy
Benefits of CRM
Segmentation
Focus
Better communication
Customer retention
All strategies
Financial Flows
Procurement Distribution
Benefits of SCM
Week 4 Lecture 4
Control activities, business processes and accounting
• For an accountant working with a AIS, the concern extends beyond financial to non-
financial risks and controls.
After identifying risks, policies, and procedures to address the risks will be
implemented – these policies are called control activities.
Australian Auditing Standard ASA 315 classifies controls into five types:
Authorisation
Performance reviews
Segregation of duties
1. Authorisation:
• Activities and procedures to assure transactions and events are carried out by those with the
higher clearance. Set defined roles, responsibilities, and adherence mechanisms for
individuals within the organisation.
Completeness: all events are recorded. General controls: policies and procedures that
support applications and application controls. Application controls: manual or automated
procedures, at business process level, related to the processing of transactions by individual
applications.
5. Physical controls: Controls put in place to physically protect the resources of the
organisation, including protecting them from the risk of theft or damage.
6. Segregation of duties: Certain key functions should not be performed by the same person.
Applies across the IT systems within the organisation.
Preventive controls are designed to prevent errors or irregularities. For example: password,
required fields, a firewall or an input control preventing a data error.
Detective controls will not prevent errors, but instead alert those using the system to Detect
errors. For example: virus software scan.
Corrective controls are designed to correct an error or irregularity after it has occurred.
• For example: disaster recovery plan or virus protection software.
This classification scheme of preventive, detective and corrective controls can be applied
to both general and application controls.
Input controls: operate as data ____ the system. Address accuracy, validity, and
completeness.
Processing controls: ensure correct ________ of data e.g., making sure data is
correctly updated in the various data stores.
Output controls: protect outputs generated by the process e.g., how outputs are
prepared.
Input, processing, and output controls operate within a business process and are
designed based on the particular risks present within the process – they are
application controls.
Proper authorisation
• User privileges, access rights, user restrictions, approval over threshed
Proper recording
• Records right type and format, reflect the reality of the underlying transaction or
event.
General controls
General controls are those that relate across all the information systems in an organisation.
PHYSICAL CONTROLS
SEGREGATION OF DUTIES
USERACCESS
DATASTORAGEPROCEDURES.
General controls
Physical controls are concerned with restricting access to the physical resources.
Onsite security.
General controls
Segregation of duties:
Between the users of IT, the maintainers of the IT systems, system designers, system
testers and those with access to the data.
User access:
E.g., use of passwords and a unique identification code to restrict system access.
General controls
General controls
General controls
IS STORED ON SERVERS→
• If released it could financially and non-financially consequences.
General controls
Security policies:
• Information security policies to protect electronic.
resources.
• Document an organisation’s approach to security. • Usually by following a framework
and/or standard.
Application controls
Application controls:
• INPUT
• PROCESSING • OUTPUT.
Application controls
Input controls:
• Standardised forms.
• Pre-numbering documents.
• Sequence checks.
• Turnaround documents:
Batch totals.
• Independent reviews.
Application controls
Processing controls:
• AIM TO ENSURE THAT DATA WITHIN THE SYSTEM IS
Run-to-run totals.
Reconciliations.
Batch totals.
Sequence checks.
Hash totals.
Application controls
Output controls:
• PROTECTACCESSTODIGITALOUTPUTS
(SEGREGATION OF DUTIES).
• Examples: access privileges, ability to generate reports, page numbering of reports and end-
of- report footers; integrated ERP system
• PHYSICALCONTROL.
• Example: confidential information should not be printed on a printer accessible by all staff.
Disaster types:
• Terrorism e.g., September 11.
• Natural disasters e.g., fire or flood, cyclones.
• Online operations e.g., web server going down.
Disaster recovery plan: the strategy that will be put into action, in the event of a disaster that
disrupts normal operations, ____________as soon as possible and _________that relate to its
processes.
Contact and staff responsibilities, role/s and reporting plan; drills; remote site staff.
• Extranets
• Need to consult with such partners and related bodies when developing plans
Judgement error
Conflicting signals: possibility that different signals are being sent by management to
employees.
An internal control system does not provide 100% assurance that an organisation’s
objectives will be achieved:
Management incompetence: incompetence at the top can flow down and impact on
the remainder of the organisation.
External factors: external factors beyond our control that can have dramatic impacts
on an organisation e.g., natural disasters.
Types of controls based on how to deal with risk and where control activity takes place.
Fresh foods should use SCM to address its challenges. Based off the information provided the
business has stated they are facing issues regarding its supply chain efficiency. This has led to
a reduced delivery success rate which has reduced customer satisfaction. SCM should be
integrated as it is the first issue to arise. Therefore, by eradicating the issue using SCM it will
act as a response to the logistical issue and a preventative issue for further customer
dissatisfaction. SCM involves establishing close relationships with suppliers and establishing
new production and logistical chains to better suit the forecast expansion of the business.
Fresh food has clear problems with meeting delivery time. This implies that its current
production facilities are either to small and not located near customers or perhaps both.
Therefore, Fresh food must consider expanding its manufacturing facilities or to solely invest
in new areas that are nearer to multiple suppliers. It is likely that Fresh foods current
suppliers are facing the same geographical constraint as the Fresh food. This relationship is
simply a survival relationship and will affect Fresh food’s ability to grow into the future. By
seeking a new manufacturing hub in an ideal location, a business in need of expansion and
radical redesign will be able to establish a bargaining power with new suppliers, therefore it
is clear that SCM can be utilised to eradicate the problem if Fresh foods moves its majority
manufacturing capacity to new preferred locations.