Presentation is loading. Please wait.

Presentation is loading. Please wait.

Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA.

Published byJoella Flowers Modified over 8 years ago

Similar presentations

Presentation on theme: "Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA."— Presentation transcript:

1 Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA

2 LOGO supervision by D.Amal fouda develop by Noha Binzagr Identifying Risks and Controls in Business Processes

3 Contents What is internal control Internal control framework RISK ASSESSMENT CONTROL ACTIVTY

4 LOGO INTERNAL CONTROL FRAMEWORK

5 Internal Control A process… designed to provide reasonable assurance regarding the objectives in the following categories: (a)reliability of financial reporting, (b)effectiveness and efficiency of operations, (c)compliance with applicable laws and regulations.

6 components of internal control: Control environment refers to broad factors that set the tone of an organization and affects the control understanding of its employees. Risk assessment is the identification and analysis of risks that interfere with the achievement of internal control objectives. Control activities are the policies and procedures developed by the organization to address the risks.

7 components of internal control: Information and Communication: The company’s information system is collection of procedures (automated and manual) and records established to initiate, record, process, and report the events in an entity’s process. Monitoring: Management should monitor internal controls to make sure that the organization’s controls are functioning as in intended.

8 Internal Control Objectives Different stakeholders (stockholders, managers, customers, and employees) may be concerned with different objectives.  Stockholders :primarily concerned with objectives related to share value.  The marketing manager :most interested in objectives related to market share, sales, and customer satisfaction.  An external auditor deals with the objective of reliable financial statements.

9 Internal Control Objectives Internal control objectives in previous slide are consistent with the four objectives as SAS objective of effectiveness : 1)Execution 2) information system 3) asset protection 4) and performance is discussed in more detail in the following section.

10 Execution Objectives In Revenue cycle: execution refers to the delivery of goods or services and the collecting and handling of cash. Two execution objectives for the revenue cycle are: (1)to ensure proper delivery of goods and services and (2)to ensure proper collection and handling of cash. Two execution objectives apply to the revenue process of any business. For example, generic risks related to the delivery of goods/services include delivering the wrong goods/services, delivering the wrong quantity, or delivering to the wrong customer.

11 Execution Objectives acquisition cycle: execution refers to the actual receiving of goods or services and the payment and handling of cash. Two execution objectives for the acquisition cycle are: (1)to ensure proper receiving of goods and services and (2)to ensure proper payment and handling of cash.

12 Information system objectives: Information system objectives focus on recording, updating, and reporting accounting information. Information systems objectives are also important for ensuring effective execution of transactions. Event data should be recorded properly on source documents and in transaction files. Master file data bout customers, suppliers, employees, and products/services should be updated as needed. Finally, timely and useful reports should be provided to employees/ managers. For example, data about supplier bills must be collect correctly and in a timely fashion in order for the subsequent cash payment process to be effective.

13 Asset protection objectives: These objectives are appropriate in this text because they are especially relevant to the function of an accounting information system and are consistent with our focus on events and processes. Objective of safeguarding assets because theft or loss of assets is a risk that accountants are expected to help control and because accounting information can play a major role in safeguarding assets.

14 Performance objectives : focus on achieving favorable performance of an organization, person, department, product, or service. Recall that execution objectives emphasize the proper execution of key revenue and acquisition cycle operations. Event when these objectives are achieved, performance objectives may not be met. Example, orders, shipments, and billing may be done properly, but sales targets may not be met.

15 Performance objectives : Similarly, percentage of uncollectible accounts may be unacceptable despite the facts that customers are approved according to management policies and sales are made only to authorized customers.

16 summary of objectives:

17 LOGO Risk assessment

18 Assessment of execution risks In Revenue cycle: Generic execution risks for each of the two revenue cycle transactions are as follows: 1. Delivering goods and services: Unauthorized sale or service permitted. Authorized sale or service did not occur, occurred late. Wrong type of product or service Wrong quantity, quality, or price Wrong customer or address 2. Collecting cash: Cash not collected or collected late. Wrong amount of cash collected.

19 Assessment of execution risks In Revenue cycle: Five steps are useful in understanding and assessing execution risks: Step 1. Achieve an understanding of the organization’s processes. Step 2. Identify the goods or services provided and cash received that are at risk. Step 3. Restate each generic risk to describe the execution risk more precisely for the particular process under study. Step 4. Assess the significance of the remaining risks. Step 5For significant risks, identify factors that contribute to the risk.

20 Assessment of execution risks In acquisition cycle: Generic execution risks for each of the two acquisition cycle transactions are as follows: 1. Receiving goods and services: Unauthorized goods/services received Expected receipt of goods/services did not occur, occurred late. Wrong type of product or service received Wrong quantity, quality or price Wrong supplier 2. Making payment: Unauthorized payment Cash not paid or paid late Wrong amount paid Wrong supplier paid

21 Assessment of execution risks In acquisition cycle: Five steps are useful in understanding and assessing execution risks: Step 1. Achieve an understanding of the organization’s processes. Step 2. Identify the goods or services provided and cash received that are at risk. Step 3. Restate each generic risk to describe the execution risk more precisely for the particular process under study. Step 4. Assess the significance of the remaining risks. Step 5. For significant risks, identify factors that contribute to the risk.

22 Assessment of information system risks In this section I will focused in risk of errors in company's information system through the importance recoding, updating, or reporting of data since information system keep track of company's transactions, they are not in dependent of execution risks. Organize information system risk s into two categories: 1- recording risks2- update risks

23 Assessment of information system risks recording risks: Definition: Recording risks represent risks that event information is not captured accurately in an organization’s information system. Errors in recording can cause substantial losses. For example, if a sales record has the wrong customer identification, the proper customer will not get billed, and the company may not be paid for the sale.

24 Assessment of information system risks Updating Risks Definition: Update risks are risks that summary fields in master records are not properly updated. Update failures can be costly. For example, orders may be rejected because the quantity of inventory was reported as zero, when inventory was really available.

25 recording risks: Generic recording risks for both revenue and acquisition cycles are as follows: Event recorded that never occurred. Event nor recorded, recorded late, or unintended duplication of recording. Wrong type of product or service recorded. Wrong quantity or price recorded. Wrong external or internal agent recorded.

26 recording risks: Three steps are useful in identifying recording risks. Step 1. Achieve an understanding of the process under study. Step 2. Review the events, and identify instances where data are recorded in a source document or in a transaction file. Step 3.For each event where data are recorded in a source document or transaction record, consider the preceding generic recording risks.

27 Update Risks Generic updating risks are as follows: Update of master record omitted or unintended duplication of update. Update of master record occurred at the wrong time. Summary field updated by wrong amount. Wrong master record updated.

28 Update Risks Three steps are useful in identifying update risks: Step 1. Identify recording risks as indicated in slide. Step 2. Identify the events that include update. activity. Identify the summary fields in master files that are updated. Types of master files that could be updated as a result of transactions include: (a) inventory, (b) services, and (c) agents. Step 3. For each event where a master file is updated, consider the preceding generic update risks.

29 Risks in recording & updating information in a general ledger system One risk is that the wrong general ledger account will be recorded and that the amounts of the debit or credit could be wrong. There is also the risk that the general ledger master record might not be updated at all, updated late, or updated twice. In addition, the wrong general ledger master record could have been updated, and the update process may have an error resulting in an updated balance that is incorrect.

30 Risks in recording & updating information in a general ledger system The policy for updating general ledger accounts should be well understood. in many case general ledger balances are not updated as soon as the transaction occurs. Update is made after batch of transactions has accumulated.

31 Control risks Once significations risks of losses or errors have been identified, the evaluator must consider ways to control the risks. In many case, a company will turn to its accountants, external auditors, or internal auditors to evaluate existing controls and suggest additional controls where warranted.

32 Control Activities Control activities are the policies and procedures developed by the organization to address the risks to the achievements of the organization’s objectives. These activities can be manual or automated and may be implemented at various levels of the organization.

33 Control Activities Describes four types of controls: Workflow controls are used to control a process as it moves from one event to the next. Input controls are used to control the input of data into computer systems. General controls are broader controls that apply to multiple processes. Performance reviews are activities involving analysis of performance including the comparison of actual results with budgets, forecasts, standards and prior-period data.

34 Control Activities of each type discussed in previous slide are described below:

35 Workflow Controls Segregation of duties. Use of information from prior events to control activities. Required sequence of events. Follow-up on events. Recording of internal agent(s) accountable for an event in a process. Limitation of access to assets and information. Reconciliation of records with physical evidence of assets.

36 Input Controls Drop-down or look-up menus that provide a list of possible values to enter. Record-checking to determine whether data entered was consistent with data entered in a related table. Confirmation of data that was entered by a user by displaying related data from another table. Referential integrity controls to ensure that event records are related to the correct master file records. Format checks to limit data entered to text, numbers, and date.

37 Input Controls Validation rules to limit the data that can be entered to certain values. Use of defaults from data entered in prior sessions. Computer-generated values entered in records. Batch control totals taken before data entry compared to printouts after data entry. Review of edit report for errors before positioning. Exception reports that list cases where defaults were over- ridden or where unusual values were entered.

38 General Controls General controls are organized into the following four categories: Information Systems (IS) Planning. Organizing the Information Technology (IT) Function. Identifying and Developing IS Solutions. Implementing and Operating Accounting Systems

39 Performance Reviews Establishment of budgets, forecasts, standards, or prior-period results through file maintenance. Use of reports to compare actual results to budgets, forecasts, standards, or prior-period results. Corrective action, if necessary, to improve performance and/or revise appropriate reference data (budgets or standards) in master table.

40 Copyright COPYRIGHT©2003 BY SOUTH-WESTERN, A DIVISION OF THOMSON LEARNING. THOMSON LEARNING™ IS A TRADEMARK USED HEREIN UNDER LICNSE. Printed in Canada “1 2 3 4 5 05 04 03 02” from more information, contact south-western, 5191 natorp boulevard, mason, ohio 45040. Or you can visit our internet site at http://www.swcollege.comhttp://www.swcollege.com All rights reserved. No part of this work covered by the copyright hereon may be reproduced or used in any form or by any means—graghic, electronic, or mechanical, including photocopying, recording, taping, web distribution or information storage and retrieval systems—without the written permission of the publisher. For permission to use material from this text or product, contact us by Tel:(800)730-2214 Fax:(800)730-2215 http://www.thomsonrights.com

41 LOGO

Download ppt "Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA."

Similar presentations

Chapter 14 Audit of the Sales and Collection Cycle

Chapter 14 Audit of the Sales and Collection Cycle
Chapter 12 The Revenue Cycle: Sales to Cash Collections Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 12-1.

Chapter 12 The Revenue Cycle: Sales to Cash Collections Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 12-1.
The Revenue Cycle: Sales to Cash Collections

The Revenue Cycle: Sales to Cash Collections
Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.

Internal Controls Becoming Compliant. Design & Implementation of Internal Controls. Design: Need to show that a framework is in place to establish internal.
Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA.

Jones Rama Accounting information system A Business process approach FREDERICK L. JONES DASARATHA V. RAMA.
The Islamic University of Gaza

The Islamic University of Gaza
Chapter 10: Auditing the Expenditure Cycle

Chapter 10: Auditing the Expenditure Cycle
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES
Chapter 12 The Revenue Cycle: Sales to Cash Collections Copyright © 2012 Pearson Education 12-1.

Chapter 12 The Revenue Cycle: Sales to Cash Collections Copyright © 2012 Pearson Education 12-1.
Chapter 11 THE REVENUE CYCLE. Introduction Revenue cycle: 1. Respond to customer inquiries 2. Develop agreements with customers to provide goods and services.

Chapter 11 THE REVENUE CYCLE. Introduction Revenue cycle: 1. Respond to customer inquiries 2. Develop agreements with customers to provide goods and services.
Accounting Information Systems: A Business Process Approach Chapter Nine: The Acquisition Cycle - Purchasing and Receiving.

Accounting Information Systems: A Business Process Approach Chapter Nine: The Acquisition Cycle - Purchasing and Receiving.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Principles of Information Systems, Seventh Edition2 An organization’s TPS must support the routine, day-to- day activities that occur in the normal course.

Principles of Information Systems, Seventh Edition2 An organization’s TPS must support the routine, day-to- day activities that occur in the normal course.
COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.

COSO Framework A company should include IT in all five COSO components: –Control Environment –Risk Assessment –Control activities –Information and communication.
Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.

Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.
Chapter 7 Revenue and Collection Cycle “What at first was plunder assumed the softer name of revenue.” Thomas Paine McGraw-Hill/IrwinCopyright © 2008 by.

Chapter 7 Revenue and Collection Cycle “What at first was plunder assumed the softer name of revenue.” Thomas Paine McGraw-Hill/IrwinCopyright © 2008 by.
Chapter 9 THE ACQUISITION CYCLE— PURCHASING AND RECEIVING

Chapter 9 THE ACQUISITION CYCLE— PURCHASING AND RECEIVING
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 9 THE ACQUISITION CYCLE— PURCHASING AND RECEIVING.

Chapter 9 THE ACQUISITION CYCLE— PURCHASING AND RECEIVING.

Similar presentations

Ads by Google