CHAPTER 1: INTRODUCTION TO AIS

Overview of Business Processes

What is Business Process?

→ is a prescribed sequence of work steps performed in order to produce a desired result
for the organization.
→ is initiated by a particular kind of event and has a well‐defined beginning and end.

Organizations have many different business processes. Each business process has
either a direct or an indirect effect on the financial status of the organization.

FOUR GENERAL TYPES OF BUSINESS PROCESSES:

1. Revenue processes
a. Sales processes
b. Sales return processes
c. Cash collection processes

2. Expenditure processes
a. Purchasing processes
b. Purchase return processes
c. Cash disbursement processes
d. Payroll processes
e. Fixed asset processes

3. Conversion processes
a. Planning processes
b. Resource management processes
c. Logistics processes

4. Administrative processes
a. Capital processes
b. Investment processes
c. General ledger processes

KEY POINTS TO REMEMBER:

• Employees, work steps, and transaction recording systems must be established in

any organization to ensure that business processes occur and that any
accounting effects of those processes are captured and recorded.
• In addition, organizations implement internal control processes into their work steps
to prevent errors and fraud.
What is Internal Control?
→ are the set of procedures and policies adopted within an organization to safeguard its
assets, check the accuracy and reliability of its data, promote operational efficiency, and
encourage adherence to prescribed managerial practices.

Overview of Accounting Information System

What is Accounting Information System?

→ it comprises the processes, procedures, and systems that capture accounting data
from business processes; record the accounting data in the appropriate records; process
the detailed accounting data by classifying, summarizing, and consolidating; and report
the summarized accounting data to internal and external users.
→ Many years ago, accounting information systems were paper‐based journals and
ledgers that were recorded manually by employees. Today, nearly every organization
uses computer systems for maintaining records in its accounting information system.

ACCOUNTING INFORMATION SYSTEM (AIS) COMPONENTS:

1. Work steps within a business process capture accounting data as that business
process occurs.
2. Manual or computer‐based records record the accounting data from business
processes.
3. Work steps serve as internal controls within the business process to safeguard
assets and ensure accuracy and completeness of the data.
4. Work steps are used to process, classify, summarize, and consolidate the raw
accounting data.
5. Work steps generate both internal and external reports.

EXHIBIT 1.1 OVERVIEW OF AN ACCOUNTING INFORMATION SYSTEM.

The circles represent the many business processes that occur in the organization—
revenue, expenditure, conversion, and administrative processes. As those
processes occur, data is captured and becomes input into the accounting information
system. The accounting information system classifies, summarizes, and consolidates
the data. As input and processing occur, data must be added to or retrieved from data
storage. From this stored data and processing, several types of output are prepared.
Some of the outputs would be documents such as purchase orders, invoices, and
customer statements; other output would be checks to vendors and employees. The
output reports are feedback that managers within the organization use to monitor and
control the business processes.

IT Enablement of Business Processes

Generally, information technology (IT) comprises all types of technology used to
create, store, exchange, and utilize information in its various forms, including business
data, conversations, still images, motion pictures, and multimedia presentations. For the
purposes of this book, information technology is defined as the computers, ancillary
equipment, software, services, and related resources as applied to support business
processes.

IT usage to support business processes accomplishes one or more of the

following objectives:

1. Increased efficiency of business processes

2. Reduced cost of business processes
3. Increased accuracy of the data related to business processes.

Any processes within an organization, including the linkages within its supply chain, may
benefit by IT enablement. The touch‐screen cash register at McDonald’s is an example
of IT enablement that increases the efficiency of the sales process.

Business process reengineering (BPR) is the purposeful and organized changing of

business processes to make them more efficient. BPR not only aligns business processes
with the IT systems used to record processes, it also improves efficiency and
effectiveness of these processes.

Thus, the use of these sophisticated IT systems usually leads to two kinds of efficiency
improvements.
- First, the underlying processes are reengineered to be conducted more efficiently.
- Second, the IT systems improve the efficiency of the underlying processes.
Through rethinking and redesigning a process, the organization may be able to
improve, and thereby enhance, the process.
Basic Computer and IT Concepts
Basic Computer Data Structures
1.) BIT - is a shortened reference to binary digit. The bit is the smallest unit of information
in a computer system. A bit can have only one of two values: zero or one. All data
in a computer system is reduced to a set of bits, or zeros and ones.
2.) BYTE - is a unit of storage that represents one character. In most computer systems,
a byte is made up of eight bits. For example, the character “A” would be
represented in a computer system by a set of eight bits. Every character,
including letters, numbers, and symbols, are represented by a byte.
3.) FIELD - is one item within a record. For example, last name is a field in a payroll
record, and description is a field in an inventory record.
4.) RECORD - is a set of related fields for the same entity
5.) FILE - The entire set of related records
6.) DATABASE - is a collection of data stored on the computer in a form that allows the
data to be easily accessed, retrieved, manipulated, and stored. The term
database usually implies a shared database within the organization.

RELATIONAL DATABASE stores data in several small two‐dimensional tables that can
be joined together in many varying ways to represent many different kinds of
relationships among the data. A relational database is intended to allow flexibility
in queries.
MASTER FILES are the relatively permanent files that maintain the detailed data for each
major process. The master file is much like a subsidiary ledger.
TRANSACTION FILE is the set of relatively temporary records that will be processed to
update the master file. A payroll transaction file would contain the set of hours
worked by each employee for a particular pay period.

Types of Access:
1.) Sequential access files - store records in sequence, with one record stored
immediately after another. The sequence is usually based on a key field such as
employee number or customer number. Sequential files are read and written in
sequence.
2.) Random access files - are not written or read in sequential order; rather, their records
are stored in random order on a disk media. Since records are distributed randomly
on the disk surface, an underlying system enables the computer to find a record
among the random records, using either a formula or a hashing scheme to assign
a specific address to each record.
● There are situations where the same files may sometimes be accessed either way,
sequentially or randomly. In cases where both access methods are necessary,
some systems use the indexed sequential access method (ISAM). ISAM files
are stored sequentially, but can also be accessed randomly because an index
allows random access to specific records.

Two modes of processing information:

1.) Batch processing - requires that all similar transactions be grouped together for a
specified time; then this group of transactions is processed as a batch. Batch
processing is best suited to applications having large volumes of similar
transactions that can be processed at regular intervals.
2.) Online processing - is the opposite of batch processing. Transactions are not
grouped into batches, but each transaction is entered and processed one at a time.
Some online processing systems are also real‐time processing systems,
meaning that the transaction is processed immediately, and in real time, so that
the output is available immediately.

DATA WAREHOUSE AND DATA MINING

Data warehouse - is an integrated collection of enterprise‐wide data that generally
includes several years of nonvolatile data, used to support management in
decision making and planning.
Operational database - contains the data that is continually updated as transactions are
processed. Usually, the operational database includes data for the current fiscal
year and supports day‐to‐day operations and record keeping for the transaction
processing systems
Data mining - is the process of searching data within the data warehouse for identifiable
patterns that can be used to predict future behavior.

STRUCTURED, UNSTRUCTURED, AND BIG DATA

Structured data - easily fits into rows and columns. These columns usually are fields of
fixed length. An example would be 10 digits for a phone number. Customer name,
credit card number, and total dollar amount of sales are other examples of data
that easily fits into rows and columns.
Unstructured data - does not easily fit into rows and columns of fixed length. An example
of unstructured data would be the free‐form text of a customer’s online review of a
product. It might include Facebook posts, tweets, video, and other free‐form types
of data.
Big Data - is known as high‐volume, high‐speed information that may be so large and
diverse that it demands innovative forms of IT processing. It is generally
considered too large in size and scope to be analyzed with traditional database
tools.

NETWORKS AND THE INTERNET

Computer network is two or more computers linked together to share information and/or
resources.
Types of Computer Network:
1. Local Area Network- is a computer network that spans a relatively small area.
2. Wide Area Network- one LAN can be connected to other LANs over any distance via
other network connections
3. Internet- is the global computer network, or “information super‐highway.”
4. Intranet- is a company’s private network accessible only to the employees of that
company. The purposes of an intranet are to distribute data or information to employees,
to make shared data or files available, and to manage projects within the company.
5. Extranet- is similar to an intranet except that it offers access to selected outsiders,
such as buyers, suppliers, distributors, and wholesalers in the supply chain. Extranets
allow business partners to exchange information.

Examples of IT Enablement

1. E-BUSINESS
E‐business is the use of electronic means to enhance business processes. E‐business
encompasses all forms of online electronic trading—consumer‐based e‐commerce and
business‐to‐business transactions, as well as the use of IT for process integration inside
organizations.
2. ELECTRONIC DATA INTERCHANGE
Electronic data interchange (EDI) is the intercompany, computer‐to‐computer transfer of
business documents in a standard business format. Three parts of this definition highlight
the important characteristics of EDI:
(1) “Intercompany” refers to two or more companies conducting business electronically.
For example, a buyer of parts may use EDI to purchase parts from its supplier.
(2) The computer‐to‐computer aspect of the definition indicates that each company’s
computers are connected via a network.
(3) A standard business format is necessary so that various companies, vendors, and
sellers can interact and trade electronically by means of EDI software. EDI is used
to transmit purchase orders, invoices, and payments electronically between
trading partners.

3. POINT OF SALE SYSTEM

A point of sale system (POS) is a system of hardware and software that captures retail
sales transactions by standard bar coding. Nearly all large retail and grocery stores use
POS systems that are integrated into the cash register.

4. AUTOMATED MATCHING
Automated matching is a system in which the software matches an invoice to its related
purchase order and receiving report. Traditional systems rely on a person to do this
matching, whereas an automated matching system does not. To institute an automated
matching system, all of the relevant files must be online and constantly ready for
processing; the purchase order and receiving files and records must be in online files or
databases. When an invoice is received from a vendor, an employee enters the details
into the accounting system by completing the fields in the invoice entry screen, including
the purchase order number that usually appears on the invoice. The system can then
access the online purchase order and receiving files and verify that the items, quantities,
and prices match. The system will not approve an invoice for payment unless the items
and quantities match with the packing slip and the prices match the purchase order
prices..

5. EVALUATED RECEIPT SETTLEMENT

Evaluated receipt settlement (ERS) is an invoice‐less system in which computer hardware
and software complete an invoice‐less match comparing the purchase order with the
goods received. If the online purchase order matches the goods, payment is made to the
vendor. This eliminates the need for the vendor to send an invoice, since payment is
approved as soon as goods are received (when they match a purchase order).

6. E-PAYABALES AND ELECTRONIC INVOICE PRESENTMENT AND PAYMENT

E‐payables and electronic invoice presentment and payment (EIPP) are both terms that
refer to Web‐enabled receipt and payment of vendor invoices. EIPP enables a vendor to
present an invoice to its trading partner via the Internet, eliminating the paper, printing,
and postage costs of traditional paper invoicing
 7. ENTERPRISE RESOURCE PLANNING SYSTEM
Enterprise resource planning (ERP) is a multi‐module software system designed to
manage all aspects of an enterprise. ERP systems are usually broken down into modules
such as financials, sales, purchasing, inventory management, manufacturing, and human
resources. The modules are designed to work seamlessly with the rest of the system and
to provide a consistent user interface between modules. These systems usually have
extensive set‐up options that allow some flexibility in the customizing of functionality to
specific business needs. ERP systems are based on a relational database system.

The Internal Control Structure of Organizations

Accountants have a long history of being the professionals within the organization who
help design and implement controls to lessen risks that have an impact on the financial
standing of the organization. Accountants are usually experts in controls that can reduce
risks in the following broad categories:
1. The risk that assets will be stolen or misused
2. The risk of errors in accounting data or information
3. The risk of fraudulent activity by employees, managers, customers, or vendors
4. The risks inherent in IT systems, such as
a. Erroneous input of data
b. Erroneous processing of data
c. Computer fraud
d. Computer security breaches. Hardware or software failure
f. Natural disasters that can interrupt computer system operations

Management should ensure that the following types of controls exist:

1. Enterprise risk management (summarized in the next subsection)
2. Code of ethics
3. COSO accounting internal control structure
4. IT system control structure
5. Corporate governance structure
6. IT governance structure

ENTERPRISE RISK MANAGEMENT (ERM)

It is defined as a process, effected by an entity’s board of directors, management and
other personnel, applied in strategy setting and across the enterprise, designed to identify
potential events that may affect the entity, and manage risk to be within its risk appetite,
to provide reasonable assurance regarding the achievement of entity objectives.
ERM requires that management set policies and procedures related to:
• Internal Environment—The internal environment encompasses the tone of an
organization that sets the basis for how risk is viewed and addressed by an entity’s
people, including risk management philosophy and risk appetite, integrity and ethical
values, and the operational environment.

• Objective Setting—Objectives must exist before management can identify potential

events affecting their achievement. ERM ensures that management has in place a
process to set objectives that support and align with the entity’s mission and are
consistent with its risk appetite.

• Event Identification—Internal and external events affecting achievement of an entity’s

objectives must be identified, with distinction made between risks and opportunities.
Opportunities are channeled back to management’s strategy or objective‐setting
processes.

• Risk Assessment—Risks are analyzed by likelihood and impact, as a basis for

determining how they should be managed. Risks are assessed on both an inherent and
a residual basis, meaning that the likelihood of errors is considered both before and after
the application of controls.

• Risk Response—Management selects risk responses—avoiding, accepting, reducing,

or sharing risk—by developing a set of actions to align risks with the entity’s risk
tolerances and risk appetite.

• Control Activities—Policies and procedures are established and implemented to help

ensure that the risk responses are effectively carried out.

• Information and Communication—Relevant information is identified, captured, and

communicated in a form and a time frame that enable people to carry out their
responsibilities. Effective communication also occurs in a broader sense, flowing down,
across, and up the entity.

• Monitoring—The entirety of ERM is monitored and modified as necessary. Monitoring

is accomplished through ongoing management activities (including internal auditing),
separate evaluations (such as those performed by external auditors), or both.

A CODE OF ETHICS
A company’s developing and adhering to a code of ethics should reduce opportunities for
managers or employees to conduct fraud.

COSO ACCOUNTING INTERNAL CONTROL STRUCTURE

In addition to its ERM guidance, COSO is well known for its “Internal Controls—Integrated
Framework,” which explains what has become the standard accepted by the accounting
and business community as the definition and description of internal control. According to
this framework, there are five interrelated components of internal control: the control
environment, risk assessment, control activities, information and communication, and
monitoring.

IT CONTROLS
IT controls can be divided into two categories
•General controls apply overall to the IT accounting system; they are not restricted to
any particular accounting application.
•Application controls are used specifically in accounting applications to control inputs,
processing, and output. Application controls are intended to ensure that inputs are
accurate and complete, processing is accurate and complete, and outputs are properly
distributed, controlled, and disposed of

CORPORATE GOVERNANCE
If forced to provide a single definition, accountants would characterize corporate
governance as an elaborate system of checks and balances whereby a company’s
leadership is held accountable for building shareholder value and creating confidence in
the financial reporting processes.
Corporate governance has been tremendously affected by the Sarbanes–Oxley
Act of 2002. The purpose of the Act was to improve financial reporting and reinforce the
importance of corporate ethics

IT GOVERNANCE
The proper management, control, and use of IT systems are known as IT
governance. The IT Governance Institute defines IT governance as the leadership,
organizational structure, and process es that ensure that the enterprise achieve(s) its
goals by adding value while balancing risk versus return over IT and its processes. IT
governance provides the structure that links IT processes, IT resources, and information
to enterprise strategies and objectives.

To fulfill the management obligations that are inherent in IT governance, management

must focus on the following aspects:
• Aligning IT strategy with the business strategy
• Cascading strategy and goals down into the enterprise
• Providing organizational structures that facilitate the implementation of strategies and
goals
• Insisting that an IT control framework be adopted and implemented
The Importance of Accounting Information Systems to Accountants

Accountants have several possible roles related to accounting information systems:

• Users of the AIS
 Accountants within any organization must use the accounting information system
to accomplish the functions of accounting, generating and using accounting reports.

• Design or Implementation Team

Accountants are usually part of a multiple‐discipline team that designs and/or
implements accounting information systems.

• Auditors of the AIS

Auditors conduct assurance services such as a financial audit. To conduct an audit,
the auditor must collect evidence and make judgments regarding the completeness and
accuracy of accounting information.

The Relation of Ethics to Accounting Information Systems

. Accounting information systems can be misused to assist in committing or

concealing unethical acts. That is, the AIS is often the tool used to commit or cover up
unethical behavior.

Other examples of some potential unethical behaviors

• Fraudulent financial reporting
• Revenue inflation
• Expense account fraud
• Inflating hours worked for payroll purposes
• Computer fraud
• Hacking
• Browsing confidential data

For many reasons, accountants must become aware of the potential unethical
behaviors. Some of those reasons are that Accountants

1. Assist in developing and implementing internal control structures that should lessen the
chance of unethical actions.
2. Are often pressured to assist in, or cover up, unethical actions.
3. Deal with assets or records that could easily tempt accountants to engage in unethical
behavior.