Professional Documents
Culture Documents
eig
ht
ag
e
Paper 7A – Entreprise
Information Systems
1.1 INTRODUCTION
A large organization typically has several different kinds of Information systems built around diverse
functions, organizational levels, and business processes that can automatically exchange information. This
fragmentation of data in hundreds of separate systems, degrades organizational efficiency and business
performance. For instance - sales personnel might not be able to tell at the time they place an order whether
the ordered items are in inventory, and manufacturing cannot easily use sales data to plan for next production.
Enterprise Information Systems solve this problem by collecting data from numerous crucial business
processes in manufacturing and production, finance and accounting, sales and marketing, and human
resources and storing the data in single central data repository. An Enterprise Information System (EIS) may
be defined as any kind of information system which improves the functions of an enterprise business
processes by integration.
An EIS provide a technology platform that enable organizations to integrate and coordinate their business
processes on a robust foundation.
For example, when a customer places an order, the data flow automatically to other fractions of the company
that are affected by them leading to the enhanced coordination between these different parts of the
business which in turn lowers costs and increase customer satisfaction.
• The order transaction triggers the warehouse to pick the ordered products and schedule shipment.
• The warehouse informs the factory to replenish whatever has depleted.
• The accounting department is notified to send the customer an invoice.
• Customer service representatives track the progress if the order through every step to inform customers
about the status of their orders.
1.2 ENTERPRISE BUSINESS PROCESSES
• A Business Process is an activity or set of activities that will accomplish a speciic organizational goal.
• Business Process Management (BPM) is a systematic approach to improving these processes.
• Business Process Management (BPM), helps an organization achieve 3E’s for business processes, namely
Effectiveness, Efficiency and Economy.
The key components of business process are outlined below in the
Fig.1.2.1
Counter Measure: An action, device, procedure, technique or other measure that reduces the vulnerability
of a component or system is referred as Counter Measure. For example, well known threat ‘spoofing the
user identity’, has two countermeasures:
• Strong authentication protocols to validate users; and
• Passwords should not be stored in configuration files instead some secure mechanism should be used.
Similarly, for other vulnerabilities, different countermeasures may be used.
The relationship and different activities among these terms may be understood by the Fig. 1.4.1.
Concluding, Risk can be defined as the potential harm caused if a threat exploits a particular vulnerability to
cause damage to an asset, and Risk Analysis is defined as the process of identifying security risks and
determining their magnitude and impact on an organization. Risk Assessment includes the following:
• Identification of threats and vulnerabilities in the system;
• Potential impact or magnitude of harm that a loss of CIA, would have on enterprise operations or
enterprise assets, should an identified vulnerability be exploited by a threat; and New technology
provides the potential for dramatically enhanced business performance, improved and demonstrated
information risk reduction and security measures. Technology can also add real value to the organization
by contributing to interactions with the trading partners, closer customer relations, improved
competitive advantage and protected reputation.
• Invoice Processing: The vendor sends the invoice to the accounts payable department who will input
the details into the computer system. The vendor invoice is checked with the PO to ensure that only
the goods ordered have been invoiced and at the negotiated price. Further the vendor invoice is
checked with the GRN to ensure that the quantity ordered has been received.
• Payment: If there is no mismatch between the PO, GRN and vendor invoice, the payment is released to
the vendor based on the credit period negotiated with the vendor.
1.5.1 Importance of IT Controls
Control refers to the policies, procedures, practices and organization structures that are designed to provide
reasonable assurance that business objectives are achieved and undesired events are prevented or detected
and corrected. Implementing right type of controls is responsibility of management. IT Controls perform
dual role:
(i) They enable enterprise to achieve objectives; and
(ii) They help in mitigating risks.
• The book is represented as an external entity and the input is the bar code.
• The process is the scanning of the bar code and giving an output of the Book ID.
• The next process calculates the fine based on accessing the “library database” and establishing the
“due back” date.
• Finally,the fine is communicatedto theborrower who is alsoshown as an external entity.
2.1 INTRODUCTION
This chapter is meant for providing an insight to Financial and Accounting Systems, its working, audit and its
use for business management and development. Financial and Accounting Systems forms an integral part of
any business and acts as a backbone for it. Financial and Accounting systems may include other aspects of
business management like human resource, inventory, Customer Relationship Management (CRM), etc.
After going through this chapter a student is expected to understand about –
• What is a system?
• What is ERP System?
• What is a Financial and Accounting system?
• How to use it for different purposes like accounting, auditing, business management, etc.?
• How to assess risks and controls of any Financial and Accounting System ?
In the process of learning about Financial and Accounting systems, there can be different angles to view the
same thing and to understand it in a better way, we shall be viewing Financial and Accounting Systems from
many different angles.
Different Requirements from Different Persons
• Accountants View – Balance Sheet and Profit & Loss Account must be prepared easily without putting
much time / efforts.
• Auditors View – Balance Sheet and Profit & Loss Account must be correct at any point of time
• Business Manager / Owner’s View – I need right information at right point of time for right decision
making
2.2 INTEGRATED (ERP) AND NON-INTEGRATED SYSTEMS
2.2.1 What is a System ?
Dictionary meaning of the word System is -
“a set of things working together as parts of a mechanism or an interconnecting network; a complex whole”
It is an organized, purposeful structure that consists of interrelated and interdependent elements
(components, entities, factors, members, parts etc.).
These elements continually influence one another (directly or indirectly) to maintain their activity and the
existence of the system, to achieve the goal of the system.
• Accounting Master Data – This includes names of ledgers, groups, cost centers, accounting voucher
Let us consider a simple transaction of capital introduction in business in cash 1,00,000. This
transaction is recorded as under in Table 2.2.1.
Table 2.2.1: Data Sample Transaction
Receipt No.1 Date: 01st Apr. 2017
Cash Dr. 1,00,000
To Capital Cr. 1,00,000
Above information is stored in Accounting Information Systems in two ways, in the form of Master Data and
Transaction Data. Let us understand what is stored in the system through Table2.2.2.
Table 2.2.2: Data Stored in Forms
Master Data Non-Master Data
Voucher Type Voucher Number
As shown in the Fig. 2.2.4 regarding the flow of accounting, in all there are seven steps in accounting flow,
out of which only first two steps require human intervention. Remaining five steps are mechanical steps
and can be performed by software with high speed and accuracy.
V. Types of Ledgers
In accounting, we have studied that there are three types of ledger accounts, i.e. Personal, Real and Nominal.
But as far as Financial and Accounting Systems are concerned, ledgers may be classified in two types only.
Ledger having Debit Balance and ledger having Credit Balance. Why this is so? Let us understand with the
help of the Fig. 2.2.5.
(i) Front End & Back End :These two words are used by software people again and again. Let us understand
these two words in a simple language.
a. Front End – It is part of the overall software which actually interacts with the user who is using the
software.
b. Back End – It is a part of the overall software which does not directly interact with the user, but
interact with Front End only.
If a user wants to have some information from the system, i.e. Balance Sheet.
• User will interact with Front End part of the software and request front end to generate the
report.
• Front End will receive the instruction from user and pass it on to the back end.
• Back End will process the data, generate the report and send it to the front end. Front end will
now display the information to user.
• This is how the process gets completed each and every time.
To understand this concept in a better way, let us try to co-relate this with a situation in a restaurant as
shown in the Fig. 2.2.7.
• Better Analysis and Planning Capabilities: Another advantage provided by ERP Systems is the boost to
the planning functions. By enabling the comprehensive and unified management of related business
functions such as production, finance, inventory management etc. and their data, it becomes possible
to utilize fully many types of Decision Support Systems (DSS) and simulation functions, what-if analysis
and so on; thus, enabling the decision-makers to make better and informed decisions.
• Improved information accuracy and decision-making capability: The three fundamental characteristics
of information are accuracy, relevancy and timeliness. The information needs to be accurate, relevant
for the decision-maker and available to the decision-makers when he requires it. The strength of ERP
Systems- integration and automation - help in improving the information accuracy and help in better
decision-making.
• Use of latest Technology: ERP packages are adapted to utilize the latest developments in Information
Technology such as open systems, client/server technology, Cloud Computing, Mobile computing etc.
It is this adaptation of ERP packages to the latest changes in IT that makes the flexible adaptation to
changes in future development environments possible.
Fig. 2.2.9 showing different departments connecting with each other through central database.
2) Process Risks: One of the main reason for ERP implementation is to improve, streamline and make the
business process more efficient, productive and effective.
Table 2.3.1(8): Risks and corresponding Controls related to Process Risks
Aspect Risk Associated Control Required
Program There could be a possibility This requires bridging the information gap
Management of an information gap between between traditional ERP-based functions
day-to-day program management and high value operational management
activities and ERP-enabled functions functions, such applications can provide
like materials and procurement reliable real-time information linkages
planning, logistics and manufacturing. to enable high-quality decision making.
Business BPR means not just change - This requires overhauling of organizational
Process but dramatic change and structures, management systems, job
Reengineering dramatic improvements. descriptions, performance measurements,
(BPR) skill development., training and use of IT.
3) Technological Risks: The organizations implementing ERP systems should keep abreast of the latest
technological developments and implementation which is required to survive and thrive.
Aspect Risk Associated Control Required
Software
Functionality ERP systems offer a myriad of Care should be taken to incorporate the
features and functions, however, features that are required by
not all organizations require those the organization and supporting
many features. Implementing all additional features and functionality that
the functionality and features just might be required at a future date
for the sake of it can be disastrous
for an organization
Technological With the advent of more efficient This requires critical choice of technology,
Obsolescence technologies every day, the ERP architecture of the product, ease of
system also becomes obsolete enhancements, ease of upgrading, quality
as time goes on. of vendor support
 Master Data - This includes the material master, work centres, routings and bill of materials.
 SO P - Sales and Operations Planning (SOP) provides the ability to forecast sales and production
plans based on historical, current and future data.
 DRP - Distribution Resource Planning (DRP) allows companies the ability to plan the demand for
distribution centres.
 Production Planning - This includes material forecasting, demand management, long term planning
and master production scheduling (MPS).
 M RP - Material Requirements planning relies on demand and supply elements with the calculation
parameters to calculate the net requirements from the planning run.
 Capacity Planning - This evaluates the capacity utilized based on the work centres available capacity
to show capacity constraints.
 Product Cost Planning - This is the process of evaluating all the time values and value of component
materials to determine the product cost
f. Material Management(MM) Module
MM Module as the term suggests manages materials required, processed and produced in enterprises.
Different types of procurement processes are managed with this system. Some of
• High-quality business reporting is at the heart of strong and sustainable organizations financial markets,
and economies, as this information is crucial for stakeholders to assess organizational performance
and make informed decisions.
• As organizations fully depend on their stakeholders for sustainable success, it is in their interest to
provide them with high- quality reports. For example, effective high-quality reporting reduces the risk
for lenders and may lower the cost of capital.
• High-quality reports also promote better internal decision-making. High-quality information is integral
to the successful management of the business, and is one of the major drivers of sustainable
organizational success.
2.8.2 Fundamentals of XBRL
XBRL (eXtensible Business Reporting Language) is a freely available and global standard for exchanging
business information. One use of XBRL is to define and exchange financial information, such as a financial
statement. The XBRL Specification is developed and published by XBRL International, Inc.
I. What is XBRL?
• XBRL is the open international standard for digital business reporting.
• XBRL is used around the world, in more than 50 countries.
• Millions of XBRL documents are created every year, replacing older, paper-based reports with
more useful, more effective and more accurate digital versions.
• XBRL is a standards-based way to communicate and exchange business information between
business systems.
II. What does XBRL do?
XBRL makes reporting more accurate and more efficient. It allows unique tags to be associated with reported
facts, allowing:
• people publishing reports to do so with confidence that the information contained in them can be
consumed and analyzed accurately.
• people consuming reports to test them against a set of business and logical rules, to capture and avoid
mistakes at their source.
• people using the information to do so in the way that best suits their needs, including by using different
languages, alternative currencies and in their preferred style.
• people consuming the information to do so confident that the data provided to them conforms to a set
of sophisticated pre-defined definitions.
Navkar Institute | CA Intermediate | Paper 7 : Enterprise Information Systems 87
III. What is XBRL tagging?
XBRL Tagging is the process by which any financial data is tagged with the most appropriate element in an
accounting taxonomy (a dictionary of accounting terms) that best represents the data in addition to tags that
facilitate identification/classification (such as enterprise, reporting period, reporting currency, unit of
measurement etc.). Since all XBRL reports use the same taxonomy, numbers associated with the same
element are comparable irrespective of how they are described by those releasing the financial statements.
Comprehensive definitions and accurate data tags allow preparation, validation, publication, exchange,
consumption; and analysis of business information of all kinds. Information in reports prepared using the
XBRL standard is interchangeable between different information systems in entirely different organizations.
This allows for the exchange of business information across a reporting chain. People that want to report
information, share information, publish performance information and allow straight through information
processing all rely on XBRL.
IV. Who uses it?
The international XBRL consortium is supported by more than 600 member organizations, from both the
private and public sectors. XBRL is used in many ways, for many different purposes, including by:
(i) Regulators
• Financial regulators that need significant amounts of complex performance and risk information
about the institutions that they regulate.
• Securities regulators and stock exchanges that need to analyze the performance and compliance
of listed companies and securities, and need to ensure that this information is available to markets
to consume and analyze.
• Business registrars that need to receive and make publicly available a range of corporate data
about private and public companies, including annual financial statements.
• Tax authorities that need financial statements and other compliance information from companies
to process and review their corporate tax affairs.
• Statistical and monetary policy authorities that need financial performance information from
many different organizations.
(ii) Companies
• Companies that need to provide information to one or more of the regulators mentioned above.
• Enterprises that need to accurately move information around within a complex group.
• Supply chains that need to exchange information to help manage risk and measure activity.
(iii) Governments
• Government agencies that are simplifying the process of businesses reporting to government
and reducing red tape, by either harmonizing data definitions or consolidating reporting obligations
(or both).
• Government agencies that are improving government reporting by standardizing the way that
consolidated or transactional reports are prepar
(iv) Data Providers
• Specialist data providers that use performance and risk information published into the market
place and create comparisons, ratings and other value-added information products for other
market participants.
4 Accuracy More – As this is an integrated Less – as there are two separate system
system and hence accounting reconciliation with accounting data
data and tax compliance data is needed, possibility of mismatch
shall always be same. No need of data is always there.
to transfer data to compliance
software and reconcile the data.
5 Cost More – if tax compliance feature Less - as this is specific purpose software,
is not available in accounting there shall be less complications
system, getting it customized and the cost also shall be less.
may require some amount of cost
which may be higher than buying
separate software.
A ) An Operating System (OS) is a set of computer programs that manages computer hardware resources
and acts as an interface with computer applications programs. The operating system is a vital component
of the system software in a computer system.
Q-5 Explain variety of activities are executed by Operating systems?
• Performing hardware functions: Application programs to perform tasks have to obtain input from
keyboards, retrieve data from disk & display output on monitors. Operating system acts as an
intermediary between the application program and the hardware.
• User Interfaces: An important function of any operating system is to provide user interface. If we
remember DOS days, it had a command based User Interface (UI) i.e. text commands were given to
computer to execute any command. But today we are more used to Graphic User Interface (GUI) which
uses icons & menus like in the case of Windows. So, how we interface with our system will be provided
by Operating system.
• Memory Management: Memory Management features of Operating System allow to control how
memory is accessed and maximize available memory & storage.
• Task Management: Task Management feature of Operating system helps in allocating resources to
make optimum utilization of resources. This facilitates a user to work with more than one application
at a time i.e. multitasking
• Networking Capability: Operating systems can provide systems with features & capabilities to help
connect computer networks. Like Linux & Windows 8 give us an excellent capability to connect to
internet.
• Logical access security: Operating systems provide logical security by establishing a procedure for
identification & authentication using a User ID and Password. It can log the user access thereby providing
security control.
• File management: The operating system keeps a track of where each file is stored and who can access
it, based on which it provides the file retrieval.
Organizations require structure to distribute responsibility to groups of people with specific skills and
knowledge. The structure of an organization is called an organization.
Fig. 4.1.1 illustrates the old traditional model of doing business with multiple layers before product 1s
finally del1vered to customer. F1g. 4.1.2 1llustrates the new business model enabled by technology. In this
model the link to consumer and supplier is virtually direct.
I. User: This may be individual / organization or anybody using the e-commerce platforms. As e-commerce,
has made procurement easy and simple, just on a click of button. E -commerce vendors needs to
ensure that their products are not delivered to wrong users.
II. E-commerce Vendors: This is the organization / entity providing the user, goods/ services asked for. For
example: www.flipkart.com. E-commerce Vendors further needs to ensure following for better,effective
and efficient transaction.
- Suppliers and Supply Chain Management: These being another important component of the whole
operations. For effectiveness, they need to ensure that -
• They have enough and the right goods suppliers.
• They (suppl1ers) financ1ally and operat1onal safe.
• Suppliers are able to provide real-time stock inventory.
• The order to deliver time is very short.
- Warehouse operations: When a product is bought, it is delivered from the warehouse of e-
commerce vendor or online retailers pick products from the shelf, pack them as per customer’s
specification / pre-decided standards and prepare those products to be delivered.
- Shipping and returns: Shipping is supplementary and complementary to whole warehouse
operations. Fast returns have become Unique Selling Preposition (USP) for many e-commerce
vendors, so these vendors need very effective and efficient return processing.
- E Commerce catalogue and product display: Proper display of all products being sold by vendor
including product details, technical specifications, makes for a better sales conversion ratio. These
help customers gauge the products/ services being sold.
148 Chapter 4 : E-Commerce, M-Commerce and Emerging Technologies
- Marketing and loyalty programs: Loyalty programs establish a long-term relationship with
customer. The best examples can be customer loyalty programs being run by airline industry. In
airline industry, customer can get good discount/ free tickets based on loyalty points accumulated.
- Showroom and offline purchase: Few e-commerce vendors over period have realized that their
products can be sold fast if customers are able to feel / touch / see those products. These vendors
have opened outlets for customer experience of their products.
- Different Ordering Methods: These are the way customer can place his/her order, say Cash on
Delivery is today most preferred method.
- Guarantees: The product / service guarantee associated with product / service being sold. Money
back guarantees help generate a security in customer’s mind that in case of any problems there
money shall be safely returned back.
- Privacy Policy: E-commerce website must have a privacy policy. Customers are very concerned
about the information that they are sharing. E - commerce vendors need to clearly explain them
what the vendor plan to do with the various information that is collected from its customers
- Security: Represents the security policy adopted by the c-commerce vendors. Vendor website
needs to state that online data used to transact is safe that vendors is using appropriate security
including security systems like SSL (Secure Socket Layer). This guarantees that the data provided
by customer will not fall into the hand of a malicious hacker while transferring from his / her
computer to the web server.
(iii) Technology Infrastructure: The computers, servers, database, mobile apps, digitallibraries, data
interchange enabling the e-commerce transactions.
(a) Computers, Servers and DatabaseThese are the backbone for the success of the venture. Big e-
commerceorganization invest huge amount of money / time in creating these systems. Theystore
the data / program used to run the whole operation of the organization.
- As cloud computing is increasingly being used, many small / mid-sized ecommerce
originations have started using shared infrastructures.
(b) Mobile Apps (Q: Explain Write a Short note on Mobile App?)A mobile app is a software application
programmed to run specifically on a mobile device.
Smartphone’s and tablets have become a dominant form of computing, with many more
smartphones being sold than personal computers. This means that organizations will have to get
smart about developing software on mobile devices in order to stay relevant.
A mobile app is an expensive proposition, and it will only run on one type of mobile device at a time.
For example, if an organization creates an iPhone app, those with Android phones cannot run the
application.
Various Aspect of mobile app :
- Mobile store front modules are an integral part of m-commerce apps, where all commodities and
services are categorized and compiled in catalogs for customers to easily browse.
- Mobile ticketing module is an m-commerce app component that is closely linked to promotional side
of commercial business and enables vendors to attract customers by distributing vouchers, coupons
and tickets.
- Mobile advertising and marketing module empowers merchants to leverage mcommerce channels in
order to manage its direct marketing campaigns, which are reported to be very effective especially
when targeted at younger representatives of digital information consumers.
- Mobile customer support and information module is a point of reference for information about a
Navkar Institute | CA Intermediate | Paper 7 : Enterprise Information Systems 149
particular retailer, its offerings and deals. The news about the company, current discounts, shop locations
and other information is either pushed to users’ m-commerce apps or can be found in m-commerce
app itself.
- Mobile banking is inextricably linked to selling process via m-commerce apps, because no purchase
can be finalized without a payment. There are various options for executing mobile payments, among
which are direct mobile billing, payments via SMS, credit card payments through a familiar mobile web
interface, and payments at physical POS terminals with NFC technology.
(c) Digital Libraries: A Digital Library is a special library with a focused collection of digital objects that can
include text, visual material, audio material, video material, stored as electronic media formats (as
opposed to print, microform, or other media), along with means for organizing, storing, and retrieving
the files and media contained in the library collection. Digital libraries can vary immensely in size and
scope, and can be maintained by individuals, organizations, or affiliated with established physical
library buildings or institutions, or with academic institutions.
(d) Data Interchange: Data Interchange is an electronic communication of data. For ensuring the correctness
of data interchange between multiple players in e-commerce, business specific protocols are being
used. There are defined standards to ensure seamless z/ exact communication in e-commerce.
(iv) Internet / Network: This is the key to success of e-commerce transactions.This is the critical enabler for
e-commerce. Internet connectivity is important for anye-commerce transactions to go through. Net
connectivity in present days can bethrough traditional as well as new technology.
- The faster net connectivity leads to better e-commerce. Many mobile companies in India have
launched 4G services.
- The success of e-commerce trade depends upon the internet capability of organization. The
latest communication technologies like 4G, 5G have already made in-roads in India.
(v) Web portal: This shall provide the interface through which and individual /organization shall perform
e-commerce transactions.
- Web Portal is the application through which user interacts with the e-commerce vendor. The front
end through which user interacts for an e-commerce transaction.
These web portals can be accessed through desktops / laptops / PDA / hand- held computing
devices / mobiles and now through smart TVs also.
- The simplicity and clarity of content on web portal is directly linked to customerexperience of
buying a product online. E-commerce vendors put a lot of money and effort in this aspect.
(vi) Payment Gateway: The mode through which customers shall make payment.payments. Payment
gateway represents the way e-commerce / m-commerce vendors collects their payments. These
assures seller of receipt of payment from buyer of goods / services from e-commerce vendors.
Presently numerous methods of payments by buyers to sellers are being used, including Credit /
Debit Card Payments, Online bank payments, Vendors own payment wallet, Third Party Payment
wallets, like SBI BUDDY or PAYTM, Cash on Delivery (COD) and Unified Payments Interface (UPI).
4.3 ARCHITECTURE OF NETWORKED SYSTEMS
Architecture is a term to define the style of design and method of construction, used generally for buildings
and other physical structures. In e-commerce, it denotes the way network architectures are build. commerce
runs through network-connected systems.
Networked systems can have two types of architecture namely
(i) Two tier, and
(ii) Three tier.
150 Chapter 4 : E-Commerce, M-Commerce and Emerging Technologies
4.3.1 Two Tier Client Server
In a Two tier network, client (user) sends request to Server and the Server responds to the request by
fetching the data from it. The Two-tier architecture is divided into two tiersPresentation Tier and Database
Tier as shown in the Fig. 4.3.1:
M Commerce (Mobile Commerce): M-commerce (mobile commerce) is the buying and selling of goods and
Refer Fig. 4.4.1 for E-Commerce Work Flow and Table 4.4.1 for its description
Navkar Institute | CA Intermediate | Paper 7 : Enterprise Information Systems 155
Table 4.4.1: Description of E-commerce Work Flow Diagram
The consumers may not own the infrastructure, software, or platform in the cloud based schemes, leading
to lower up-fronts, capital, and operating expenses. End users may not need to care about how servers and
networks are maintained in the cloud, and can access multiple servers anywhere on the globe without
knowing ‘which ones and where they are located’ .
(i) Characteristics of Cloud Computing
The following is a list of characteristics of a cloud-computing environment. Not all characteristics may be
present in a specific cloud solution. However,
Q-28 Explain some of the key characteristics of Cloud computing?
• Elasticity and Scalability: Cloud computing gives us the ability to expand and reduce resources according
to the specific service requirement. For example, we may need a large number of server resources for
the duration of a specific task. we can then release these server resources after we complete our task.
Navkar Institute | CA Intermediate | Paper 7 : Enterprise Information Systems 169
• Pay-per-Use: We pay for cloud services only when we use them, either for the short term (for example,
for CPU time) or for a longer duration (for example, for cloudbased storage or vault services).
• On-demand: Because we invoke cloud services only when we need them, they are not permanent
parts of the IT infrastructure: this is a significant advantage for cloud use as opposed to internal IT
services. With cloud services there is no need to have dedicated resources waiting to be used, as is the
case with internal services.
• Resiliency: The resiliency of a cloud service offering can completely isolate the failure of server and
storage resources from cloud users. Work is migrated to a different physical resource in the cloud with
or without user awareness and intervention.
• Multi Tenancy: Public cloud service providers often can host the cloud services for multiple users
within the same infrastructure. Server and storage isolation may be physical or virtual depending upon
the specific user requirements.
• Workload Movement: This characteristic is related to resiliency and cost considerations. Here, cloud-
computing providers can migrate workloads across servers both inside the data center and across data
centers (even in a different geographic area).
This migration might be necessitated by cost (less expensive to run a workload in a data center in
another country based on time of day or power requirements) or efficiency considerations (for example,
network bandwidth). A third reason could be regulatory considerations for certain types of workloads.
(ii) Q-29 Explain Advantages of Cloud Computing?
If used properly and to the extent necessary, working with data in the cloud can vastly benefit all types of
businesses. Mentioned below are some of the advantages of this technology:
• Advantages of Cloud Computing
• Achieve economies of scale: Volume output or productivity can be increased even with fewer
systems and thereby reduce the cost per unit of a project or product.
• Reduce spending on technology infrastructure: Data and information can be accessed with minimal
upfront spending in a payas-you-go approach, which is based on demand.
• Globalize the workforce: People worldwide can access the cloud with Internet connection.
• Streamline business processes: Getting more work done in less time with less resources are possible.
• Reduce capital costs: Not required to spend huge money on hardware, software, or licensing fees.
• Pervasive accessibility: Data and applications can be accesses anytime, anywhere, using any smart
computing device, making our life so much easier.
• Monitor projects more effectively: It is feasible to confine within budgetary allocations and can be
ahead of completion cycle times.
• Less personnel training is needed: It takes fewer people to do more work on a cloud, with a minimal
learning curve on hardware and software issues.
Minimize maintenance and licensing software: As there is no too much of nonpremise computing
resources, maintenance becomes simple and updates and renewals of software systems rely on the
cloud vendor or provider.
• Improved flexibility: It is possible to make fast changes in our work environment without serious
issues at stake.
(iii) Q-30 Explain Drawback of cloud computing ?
• If Internet connection is lost, the link to the cloud and thereby to the data and applications is lost.
I. Application Server
All the transactions of the customer are processed by the data center. The Application Server performs
necessary operations and this updates the account of the customer “A” in the database server. It would
be observed that whatever operations a customer may do at any of the branches of the bank the
accounting process being centralized at the centralized data center is updated at the centralized
database.
(c) Q-16 Explain Process Flow of Clearing & Settlement process of Credit Card Facility?(as shown
in the Fig. 5.3.3)
(i) The transaction data from the merchant is transferred to the merchant’s bank. Merchant’s bank
clears settlement amount to Merchant after deducting Merchant fees. Merchant’s bank, in turn
now provides the list of settlement transactions to the credit card network which then provides
the list of transactions made by the customer to the credit card issuing bank.
(ii) The credit card issuing bank basis the transactions made, clears the amount to Merchant’s bank
but after deducting interchange transaction fees.
(iii) At the end of billing cycle, card issuing company charges the customer’s credit card account with
those transactions in CBS.
(d) Risks and Controls around the Credit Card Process (Refer Table 5.3.2) Table 5.3.2:
2. Layering
Layering involves the separation of proceeds from illegal source using complex transactions designed
to obscure the audit trail and hide the proceeds. Layering involves sending the money through various
financial transactions to change its form and make it difficult to follow. Layering may consist of several
banks to bank transfers or wire transfers between different accounts in different names in different
countries making deposit and withdrawals to continually vary the amount of money in the accounts
changing the money’s currency purchasing high value items (boats, houses cars, diamonds) to change
the form of money-making it hard to trace.
3. Integration
Integration involves conversion of illegal proceeds into apparently legitimate business earnings through
normal financial or commercial operations. Integration creates the illusion of a legitimate source for
criminally derived funds and involves techniques as numerous and creative as those used by legitimate