Professional Documents
Culture Documents
1. Information Process
ACCOUNTING INFORMATION SYSTEM 2. Operations Process - a system consisting of the
people, equipment, organization, policies, and
Systems and Subsystems procedures whose objective is to accomplish
the work of the organization.
System - a set of interdependent elements that
3. Management Process - a system consisting of
together accomplish specific objectives. A system must
the people, authority, organization, policies,
have organization, interrelationships, integration, and
and procedures whose objective is to plan and
central objectives.
control the operations of the organization.
central objectives: natural, biological, or man-
made
Data vs. Information Simultaneously achieving a maximum level for all the
qualities of information is virtually impossible. In fact,
Information - data presented in a form that is useful in a
for some of the qualities, an increased level of one
decision-making activity. It has value to the decision
generally requires a reduced level of another.
maker because it reduces uncertainty and increases
knowledge about a particular area of concern. Management Decision Making
Data - facts or figures in raw form. Data represent the Decision making is the process of making choices, which
measurements or observations of objects and events. is the central activity of all management. Managers
make decisions or choices that include what products to
To become useful to a decision maker, data must be
sell, in which markets to sell those products, what
transformed into information.
organizational structure to use, and how to direct and
motivate employees.
Three-step process:
Best-of-Breed Approach - combines modules from 1. Capturing Data During Business Events
various vendors to create an information system that 4 W’s = who, what, when, where
better meets an organization’s needs than a standard
ERP system. 2. Enterprise Systems Data Facilitate Functioning of the
Organization’s Operations
Application Program Interface (API) - which is a means
for connecting to a system or application provided by Basic Type of Data
the developer of that application. (a type of
Master Data (Entity Type Data)
middleware)
Business Event Data (Event Type Data)
Middleware - a software product that connects two or
Hierarchy of Data
more separate applications or software modules.
Character – basic unit of data
Field – collection of related characters that
Enterprise application integration (EAI) is a chain of comprise and attribute
activities performed by the organization to transform Record – collection of related data fields
inputs into outputs valued by the customer. Table – collection of related records
Enterprise Systems Support for Major Business Event Periodic Mode - is the processing mode in which a delay
Processes exists between the various data processing step.
Order-to-Cash - includes the events surrounding the Immediate mode - the data processing mode in which
sale of goods to a customer, the recognition of the little or no delay occurs between any two data
revenue, and the collection of the customer payment. processing steps.
Automating AIS
CHAPTER 4: DOCUMENTING INFORMATION SYSTEMS
After the lesson, we should be able to: Operations: having Effective and efficient use of its
resources.
Learning Objectives:
Reliability of reporting.
Summarize the eight elements of COSO’s
Enterprise Risk Management—Integrated Compliance with applicable laws and regulations.
Framework.
Components of Enterprise Risk Management
Understand that management employs internal
control systems as part of organizational and IT The ERM process starts with the first component, the
governance initiatives.
1. Internal environment: The internal environment
Describe how internal control systems help
encompasses the tone of an organization and
organizations achieve objectives and respond to
sets the basis for how risk is viewed and
risks.
addressed by an entity’s people, including risk
Describe fraud, computer fraud, and computer
management philosophy and risk appetite,
abuse.
integrity and ethical values, and the
Enumerate control goals for operations and
environment in which they operate.
information processes.
2. Objective setting: Objectives such as mentioned
Describe the major categories of control plans
a while ago, the strategic and related objectives,
Organizational Governance must exist before management can identify
potential events affecting their achievement.
ERM ensures that management has a process in
place to set objectives and that the chosen
objectives support and align with the entity’s management activities, separate evaluations, or
mission and are consistent with its risk appetite. both.
3. Event identification: Internal and external
events affecting achievement of an entity’s
objectives must be identified, distinguishing
between risks and opportunities.