Professional Documents
Culture Documents
ACC217 Notes 2
ACC217 Notes 2
SU1 .................................................................................................................... 2
Accounting information system AIS .............................................................................. 2
Enterprise resource planning ERP ................................................................................ 2
Management information system MIS .......................................................................... 3
SU2 .................................................................................................................... 6
BPR Business Process reengineering ............................................................................ 6
BPR vs BPI ................................................................................................................... 6
Ford case .................................................................................................................... 8
XEROX case ................................................................................................................ 9
IBM IT-enabled BPR ................................................................................................... 10
SU3 .................................................................................................................. 11
Internal controls ....................................................................................................... 11
COSO internal control framework .............................................................................. 11
Enterprise Risk Management (ERM) ............................................................................ 12
ERM vs COSO ............................................................................................................ 14
COBIT vs COSO ......................................................................................................... 15
BCP vs BCM vs DRP ................................................................................................... 16
SU3 Activity 3.3 Appropriate Internal Control Activities for the Scenarios..................... 17
Internal controls ....................................................................................................... 18
Factors for consideration for controls used ................................................................ 19
SOX (impact on corporate governance and financial reporting) .................................... 20
SU4 .................................................................................................................. 21
Class activity 4.2 (revenue cycle) ............................................................................... 21
Class activity 4.3 (expenditure cycle) ......................................................................... 22
VMI vs JIT: Advantages, Disadvantages, and Controls .................................................. 23
SU5 .................................................................................................................. 25
REA model ................................................................................................................ 25
SU5 Class activity 5.3 ................................................................................................ 26
RPA and BPR ............................................................................................................. 28
Potential RPA Use Cases in Various Business Functions .............................................. 29
SU6 .................................................................................................................. 30
Dempster’s triangle ................................................................................................... 31
SU1
Accounting information system AIS
Enterprise resource planning ERP
ERP stands for Enterprise Resource Planning. It's a software system that integrates and manages
many core business processes for an organization. Imagine it as a central hub that connects various
departments and functions within a company.
Here are some key features of ERP systems:
• Integration: ERP systems connect different departments like finance, accounting, human
resources, manufacturing, supply chain, customer relationship management (CRM), and
sales. This eliminates the need for separate software systems for each function, improving
data flow and reducing redundancy.
• Data Sharing: Information entered into one module of the ERP system is accessible to
authorized users in other departments. This allows for better collaboration and quicker
decision-making.
• Automation: ERP systems can automate many routine tasks, such as order processing,
inventory management, and payroll processing. This frees up employee time for more
strategic work.
• Real-time Data: Many ERP systems provide real-time data on various aspects of the
business. This allows managers to make informed decisions based on up-to-date
information.
Benefits of using an ERP system:
• Improved efficiency and productivity
• Reduced costs
• Better decision-making
• Enhanced collaboration
• Improved customer service
• Increased visibility into operations
Examples of ERP systems:
• SAP
• Oracle NetSuite
• Microsoft Dynamics 365
• Infor CloudSuite Industrial
Who uses ERP systems?
ERP systems are used by businesses of all sizes, from small and medium-sized enterprises (SMEs) to
large corporations. The specific features and functionalities of an ERP system will vary depending
on the size and needs of the business.
- Process redesign
- Single source of data
- Total customer experience
BPR vs BPI
Identifying the difference between Business Process Reengineering (BPR) and Business Process
Improvement (BPI) boils down to the depth and scope of change involved in improving a
business process. Here's a breakdown to help you distinguish between them:
Business Process Reengineering (BPR):
• Focus: Radical and fundamental change of a business process.
• Goal: Completely redesign the process to achieve dramatic improvements in efficiency,
cost reduction, or customer satisfaction.
• Approach: Starts from a clean slate, often questioning the very purpose and necessity of
existing steps.
• Impact: Significant disruption to the organization, potentially requiring changes in
technology, employee roles, and organizational structure.
• Example: A bank might completely overhaul its loan application process from paper-
based forms to a fully digital online system.
Business Process Improvement (BPI):
• Focus: Incremental improvements and optimizations to existing processes.
• Goal: Enhance efficiency, quality, or performance within the current framework.
• Approach: Analyzes existing processes, identifies bottlenecks and inefficiencies, and
implements targeted changes.
• Impact: Less disruptive, focuses on fine-tuning existing systems and workflows.
• Example: A company might streamline its order fulfillment process by implementing a new
inventory management system or automating repetitive tasks.
In Ford's case, the most likely rule or design principle that the managers changed is related to
production processes and standardization.
Here's a breakdown of the potential changes and BPR principles involved:
Change in Rule/Design Principle:
• Old: Traditional manufacturing relied on skilled workers performing a variety of tasks for
each car, making production less efficient and consistent.
• New: Ford implemented standardized production lines with interchangeable parts. This
involved:
o Division of labor: Breaking down car assembly into simpler, repetitive tasks that
could be efficiently performed by less-skilled workers.
o Standardized parts: Manufacturing interchangeable parts ensured consistent
quality and assembly across all cars.
o Moving assembly line: The car chassis would move along a conveyor belt,
allowing workers to focus on their specific tasks as the car progressed through the
line.
BPR Principles Illustrated:
This decision by Ford's managers exemplifies several principles of Business Process Reengineering
(BPR):
• Fundamental Rethinking: Ford challenged the traditional, craft-based approach to car
assembly and completely redesigned the process for maximum efficiency.
• Dramatic Improvement: The new production line aimed for significant improvements in
production speed and output, enabling Ford to produce cars at a much faster rate and
lower cost.
• Focus on Customers: Increased production volume translated to more affordable cars,
making them accessible to a wider range of customers.
Additionally:
• Process Simplification: Complex tasks were broken down into simpler, more manageable
steps.
• IT and Automation (not necessarily implemented by Ford at the time, but relevant to
BPR): While Ford might not have had advanced technology at the time, BPR principles
often consider the potential for automation and IT integration to further streamline
processes.
By implementing these BPR principles, Ford revolutionized car production and established the
assembly line as a dominant manufacturing method. It exemplifies how a fundamental change in
approach can lead to dramatic improvements in efficiency, cost reduction, and ultimately, increased
customer reach.
RECAP:
Risk Management Frameworks
- ERM
- COBIT
- COSO
Scenario 2: Mr. Lim prides himself on hiring quality workers who require little supervision. As
office manager, Mr. Lim gives his employees full discretion over their tasks and for years has
seen no reason to perform independent reviews of their work.
Risk: Employee errors or fraud could go undetected due to lack of supervision and review.
Internal Control Activities:
• Regular Performance Reviews: Implement regular performance reviews for all
employees, including evaluations of their work accuracy and adherence to procedures.
• Independent Reviews: Periodically conduct independent reviews of employee work, such
as reconciliations, data entry checks, or surprise audits.
• Established Procedures: Develop and document clear procedures for key tasks, ensuring
all employees understand their responsibilities and how to complete tasks accurately.
• Internal Audit Function: Consider establishing an internal audit function to conduct
independent and objective reviews of financial controls and overall operational
effectiveness.
Scenario 3: Your shoeshop was a typical Singapore SME dealing with sportswear. Its accounts
clerk, who was hired year ago, ran off after the company’s manager discovered that a large
sum of money had disappeared over the past six months. An audit disclosed that the
accounts clerk had written and signed several cheques made payable to her fiancé and then
recorded the cheques as salaries expense. The fiancé, who cashed the cheques but never
worked for the company, left town with the accounts clerk. As a result, the company incurred
a loss of $16,000
Lessons Learned:
• Background Checks: Implement thorough background checks for new hires, which might
include verifying employment history and references.
• Dual Signature for Cheques: Require two authorized signatures on all company cheques,
reducing the risk of unauthorized issuance.
• Reconciliations: Regularly reconcile bank statements with internal accounting records to
identify discrepancies and potential fraud.
• Vacation or Sick Leave Procedures: Establish clear procedures for handling employee
vacations or sick leave, ensuring continuity of tasks and preventing lapses in internal
controls during employee absences.
Internal controls
There are several ways to categorize controls, but three commonly used types are:
1. Preventive Controls: These controls aim to stop errors or unwanted actions from
happening in the first place. Examples include:
o Access controls (passwords, firewalls) to prevent unauthorized access to data or
systems.
o Approval processes for transactions to ensure they meet specific criteria before
being finalized.
o Automated data validation checks to catch errors in data entry.
2. Detective Controls: These controls help to identify errors or unwanted actions after they
have occurred. Examples include:
o Reconciliation of accounts to identify discrepancies or missing information.
o Performance monitoring to detect unusual activity or potential fraud.
o Variance analysis to compare actual results to planned budgets and identify
deviations.
3. Corrective Controls: These controls address the situation after an error or unwanted
action has been identified. Examples include:
o Taking corrective action to fix errors in data or transactions.
o Disciplinary action for employees who violate policies or procedures.
o Implementing new controls or revising existing ones to prevent similar occurrences
in the future.
Preferred Type of Control:
The preferred type of control is preventive control. Here's why:
• Proactive Approach: Preventive controls stop issues from happening in the first place,
leading to fewer errors, reduced costs, and improved efficiency.
• Focus on Prevention: Fixing errors after they occur can be time-consuming and expensive.
Preventive controls aim to avoid these problems altogether.
• Enhanced Security: Strong preventive controls can significantly improve data security and
reduce the risk of fraud or unauthorized activity.
However, a combination of all three control types is often necessary for a robust control
environment. Here's why:
• No Single Control is Perfect: No single preventive control can eliminate all risks. Detective
and corrective controls are essential for catching and addressing any issues that slip
through preventive measures.
• Layered Defense: A layered approach with different types of controls provides a more
comprehensive defense against potential threats.
• Continuous Improvement: By using detective controls to identify weaknesses,
organizations can continuously improve their preventive controls and overall risk
management strategy.
In conclusion, while preventive controls are the most desirable, a well-designed control
environment typically utilizes a combination of all three types to proactively prevent errors,
identify issues promptly, and take corrective actions when necessary.
Here are the various considerations you need to make when evaluating a new ERP/AIS system for
your company:
1. Software Functionalities:
• Match your needs: Analyze your current business processes and identify your specific
requirements. Ensure the ERP/AIS system can handle core functionalities like:
o Accounting (General Ledger, Accounts Payable/Receivable, Fixed Assets)
o Inventory Management (Purchasing, Stock Control)
o Sales & Order Management (Quoting, Order Processing)
o Human Resources (Payroll, Benefits Management)
o Reporting & Analytics (Financial reports, Sales dashboards)
o (Optional) Industry-specific features relevant to your business
• Scalability: Consider future growth and choose a system that can scale to meet your
expanding needs.
• Integration capabilities: Evaluate how well the system integrates with existing software
like CRM or e-commerce platforms.
• Customization: Assess the level of customization possible to adapt the system to your
specific workflows.
2. Technical Requirements:
• System compatibility: Ensure the system is compatible with your existing hardware and
operating systems.
• Deployment options: Consider cloud-based, on-premise, or hybrid deployment options
based on your IT infrastructure and security needs.
• Security features: Evaluate the system's security protocols for data protection, access
control, and disaster recovery.
• Implementation and training: Assess the level of support offered by the vendor for
system implementation, user training, and ongoing maintenance.
3. Vendor Characteristics:
• Financial stability: Research the vendor's financial health to ensure ongoing support and
system updates.
• Industry experience: Evaluate the vendor's experience in your specific industry and their
understanding of your business needs.
• Customer service: Assess the vendor's reputation for customer service, including technical
support and user training resources.
• Implementation track record: Consider the vendor's experience in successful ERP/AIS
implementations for companies similar to yours.
4. Costs:
• Licensing fees: Consider the upfront cost of software licenses for the required number of
users.
• Implementation costs: Factor in the costs associated with system implementation, data
migration, and customization.
Dempster’s triangle
The Dempster's Triangle, also sometimes called the Project Triangle or Triple Constraint, is a
concept used in project management to represent the three key factors that influence the success
of a project:
• Scope: This refers to the features, functionalities, and deliverables that are included in the
project.
• Schedule (Time): This refers to the timeframe allocated for completing the project,
including deadlines and milestones.
• Cost: This refers to the financial resources required to complete the project, including
labor, materials, and other expenses.
These three factors are interrelated, and any changes made to one will likely impact the others.
Dempster's Triangle is depicted as a triangle with these three factors at the corners, visually
representing the interconnectedness:
Cost
/ \
Schedule --- Scope
Here's how the factors interact:
• Increasing the scope: Adding features or functionalities to the project will likely increase
the time and cost required to complete it.
• Tightening the schedule: Reducing the time allotted for the project may require reducing
the scope or increasing the cost (e.g., by adding more resources).
• Reducing the cost: Trying to complete the project with a lower budget might require
reducing the scope or extending the schedule.
Project managers use the Dempster's Triangle to understand the trade-offs involved in project
management. They need to balance these three constraints to achieve project goals successfully.
Effective project management involves setting realistic goals, managing expectations, and making
informed decisions when changes are necessary.
Here are some additional points to consider:
• The Dempster's Triangle is a simplified model, and other factors like resource availability,
risk management, and stakeholder expectations can also influence project success.
• Some project management methodologies prioritize specific constraints. For example,
Agile methodologies might prioritize flexibility in scope to adapt to changing
requirements, while Waterfall methodologies might prioritize a fixed scope with a defined
schedule and cost.
By understanding the Dempster's Triangle and its implications, project managers can make
informed decisions, communicate effectively with stakeholders, and increase the chances of project
success.