TH ST
TH ST
TH ST
Question 01
a) What is an Accounting Information System? What are the six major components of an Accounting
Information System? Describe.
Answer
Accounting Information System refers to a system that collects, records, stores, and processes data to produce
information for decision makers. If accounting is the language of business, then AIS is the intelligence—the
information-providing vehicle—of that language. An AIS can be a paper-and-pencil manual system, a complex
system using the latest in IT, or something in between. Regardless of the approach taken, the process is the
same. The AIS must collect, enter, process, store, and report data and information. The paper and pencil or the
computer hardware and software are merely the tools used to produce the information.
There are six components of an AIS:
1. The people who use the system
2. The procedures and instructions used to collect, process, and store data
3. The data about the organization and its business activities
4. The software used to process the data
5. The information technology infrastructure, including the computers, peripheral devices, and network
communications devices used in the AIS
6. The internal controls and security measures that safeguard AIS data
Answer
c) Describe the role of the Accounting Information Systems in the value chain with the help of figure.
Answer
To provide value to their customers, most organizations perform a number of different activities. Value chain
is nothing but linking together of all those primary and support activities in a business. Thus, value is added
as a product passes through the chain.
Answer
Documentation is the narratives, flowcharts, diagrams, and other written materials that explain how a system
works. It explains how a system works, including the who, what, when, where, why, and how of data entry,
data processing, data storage, information output, and system controls. Documentation tools are important on
the following levels:
1. At a minimum, you must be able to read documentation to determine how a system works.
2. You may need to evaluate documentation to identify internal control strengths and weaknesses and
recommend improvements as well as to determine if a proposed system meets the company’s needs.
3. More skill is needed to prepare documentation that shows how an existing or proposed system operates.
The various Documentation Techniques are:
1. Data flow diagram (DFD), a graphical description of data sources, data flows, transformation processes,
data storage, and data destinations
2. Flowchart, which is a graphical description of a system. There are several types of flow charts, including:
a. Document flowchart, which shows the flow of documents and information between departments
or areas of responsibility
b. System flowchart, which shows the relationship among the input, processing, and output in an
information system
c. Program flowchart, which shows the sequence of logical operations a computer per forms as it
executes a program.
3. Business Process diagrams, which are graphical descriptions of the business processes used by a company
b) Pickle Corp. has asked you to document cash receipts system at their organization. Mr. Rick Sanchez, the
Accounts Manager, liaised with you for the task. Mr. Sanchez's narrative of the system follows:
Customer payments include cash received at the time of purchase and payments received in the mail. At
day’s end, the treasurer endorses all checks and prepares a deposit slip for the checks and the cash. A clerk
deposits the checks, cash, and deposit slip at the local bank each day. When checks are received as payment
for accounts due, a remittance slip is included with the payment. The Treasurer sends this to accounts
receivable. Data from the remittance slips are entered into the computer, and the accounts receivable
database is updated. The remittance slips are stored in a file drawer by date. Every week, accounts
receivable generates a cash receipts report and an aged trial balance using the accounts receivable ledger.
The cash receipts report is sent to Morty and Summer and one of them reviews it. A copy of the aged trial
balance is sent to the credit and collections department, where it is reviewed.
Required:
1. Develop a context diagram and a Level 0 DFD for the cash receipts system at Pickle Corp.
2. Prepare a document flowchart for the cash receipts system at Pickle Corp.
Answer
An information systems, or internal control, audit reviews the controls of an AIS to assess its compliance with
internal control policies and procedures and its effectiveness in safeguarding assets. The purpose of it is to
review and evaluate the internal controls that protect the system. The audits usually evaluate system input and
output, processing controls, backup and recovery plans, system security, and computer facilities. When
performing an information systems audit, auditors should ascertain that the following six objectives are met:
Objective 1: Overall Information System Security (Security provisions protect computer equipment,
programs, communications, and data from unauthorized access, modification, or destruction)
Objective 2: Program Development and Acquisition (Program development and acquisition are performed in
accordance with management’s general and specific authorization)
Objective 3: Program Modification (Program modifications have management’s authorization and approval)
Objective 4: Computer Processing (Processing of transactions, files, reports, and other computer records is
accurate and complete)
Objective 5: Source Data (Inaccurate or improperly authorized source data are identified and handled
according to prescribed managerial policies)
Objective 6: Data Files (Computer data files are accurate, complete, and confidential)
b) Briefly discuss the components and some of the principles therein suggested by the COSO's Internal
Control Model Explain how upholding these principles are expected to better risk management for the
enterprise result in better risk management for the enterprise.
Answer
The Committee of Sponsoring Organizations (COSO) proposed framework that defines internal controls and
provides guidance for evaluating and enhancing internal control systems.
A. Control Environment
This is the foundation for all other components of internal control. The core of any business is its people—
their individual attributes, including integrity, discipline, ethical values, and competence — and the
environment in which they operate. They are the engine that drives the organization and the foundation on
which everything rests.
B. Risk Assessment
The organization must identify, analyze, and manage its risks. Managing risk is a dynamic process.
Management must consider changes in the external environment and within the business that may be
obstacles to its objectives.
C. Control Activities
Control policies and procedures help ensure that the actions identified by management to address risks and
achieve the organization’s objectives are effectively carried out. Control activities are performed at all levels
and at various stages within the business process and over technology.
10 Selecting and developing controls that might help mitigate risks to an acceptable level
11 Selecting and developing general control activities over technology
12 Deploying control activities as specified in policies and relevant procedures
E. Monitoring
The entire process must be monitored, and modifications made as necessary so the system can change as
conditions warrant. Evaluations ascertain whether each component of internal control is present and
functioning. Deficiencies are communicated in a timely manner, with serious matters reported to senior
management and the board.
16 Selecting, developing, and performing ongoing or separate evaluations of the components of internal
control
17 Evaluating and communicating deficiencies to those responsible for corrective action, including
senior management and the board of directors, where appropriate
Segregation of accounting duties – separating the accounting functions of authorization, custody, and
recording helps to minimize an employee’s ability to commit fraud and conceal that, thus they get low
chances to commit fraud or fear to commit fraud
Segregation of systems duties – implementing control procedures to clearly divide authority and
responsibility within the information system function. Restricted access to the computer, its programs, and
live data work as deterrent to perpetrate and conceal fraud.
Question 04
a) What do you mean by Internal Control? Describe Control the three major functions of Internal Control.
Answer
Internal controls are the processes implemented to provide reasonable assurance that the following control
objectives are achieved:
1. Safeguard assets—prevent or detect their unauthorized acquisition, use, or disposition.
2. Maintain records in sufficient detail to report company assets accurately and fairly.
3. Provide accurate and reliable information.
4. Prepare financial reports in accordance with established criteria.
5. Promote and improve operational efficiency.
6. Encourage adherence to prescribed managerial policies.
7. Comply with applicable laws and regulations.
Internal controls perform three important functions:
1. Preventive controls deter problems before they arise. Examples include hiring qualified personnel,
segregating employee duties, and controlling physical access to assets and information.
2. Detective controls discover problems that are not prevented. Examples include duplicate checking of
calculations and preparing bank reconciliations and monthly trial balances.
3. Corrective controls identify and correct problems as well as correct and recover from the resulting errors.
Examples include maintaining backup copies of files, correcting data entry errors, and resubmitting
transactions for subsequent processing.
Question 05
a) What do you mean by System Development Life Cycle (SDLC)? Briefly describe the five-step SDLC with
the help of figure.
Answer
A five-step process used to design and implement a new system: systems analysis, conceptual design, physical
design, implementation and conversion, and operation and maintenance.
1) Systems analysis - First SDLC step where the information needed to purchase, develop, or modify a system
is gathered.
2) Conceptual design - Second SDLC step where analysts decide how to meet user needs, identify and
evaluate design alternatives, and develop detailed specifications for what the system is to accomplish and
how it is to be controlled.
3) Physical design - Third SDLC step where broad, user-oriented conceptual design requirements are
translated into the detailed specifications used to code and test software, design input/output, create
files/databases, develop procedures, and implement controls.
4) Implementation and conversion - Fourth SDLC step where the company hires and trains employees, tests
and modifies procedures, establishes standards and controls, completes documentation, moves to the new
system, and detects and corrects design deficiencies.
5) Operations and maintenance - Fifth SDLC step where the system is periodically reviewed and necessary
modifications and improvements are made.
Answer
PERT and Gantt charts are two major techniques for scheduling and monitoring systems development
activities.
1) Program evaluation and review technique (PERT) – way to plan, develop, coordinate, control, and
schedule systems development activities; all activities, and precedent and sub sequent relationships among
activities, are identified and shown on a PERT diagram. Completion time estimates are made, and the
critical path—the path requiring the greatest amount of time—is determined. If any activity on the critical
path is delayed, then the whole project is delayed. If possible, resources can be shifted to critical path
activities to reduce project completion time.
2) Gantt chart – is a bar chart with project activities on the left-hand side and units of time across the top.
For each activity, a bar is drawn from the scheduled starting date to the ending date, thereby defining
expected project completion time. As activities are completed, they are recorded on the Gantt chart by
filling in the bar; thus, at any time it is possible to determine which activities are on schedule and which
are behind. The primary advantage of the Gantt chart is the ability to show graphically the entire schedule
for a large, complex project, including progress to date and status. A disadvantage is that the charts do not
show the relationships among project activities.
Answer
Feasibility study is an investigation to determine whether it is practical to develop a new application or system.
There are five important aspects to be considered during a feasibility study:
1. Economic feasibility: Will system benefits justify the time, money, and resources required to implement
it?
2. Technical feasibility: Can the system be developed and implemented using existing technology?
3. Legal feasibility: Does the system comply with all applicable federal and state laws, administrative agency
regulations, and contractual obligations?
4. Scheduling feasibility: Can the system be developed and implemented in the time allotted?
5. Operational feasibility: Does the organization have access to people who can design, implement, and
operate the proposed system? Will people use the system?
Question 06
a) "ERP Systems are often modularized"-explain the statement with appropriate examples.
Answer
ERP systems are modular, with each module using best business practices to automate a standard business
process. It integrates all aspects of an organization’s activities—such as accounting, finance, marketing, human
resources, manufacturing, inventory management etc. into one system. This modular design allows businesses
to add or delete modules as needed. For example, typical ERP modules include: