Page 218 - Accounting Information Systems
P. 218

CHAPT E R 4        The Revenue Cycle  189

                       destroy the remittance advice. This risk exists in both manual systems and computer-based systems where
                       manual mail room procedures are in place.
                         In a POS system, where both inventory and cash are at risk, supervision is particularly important. Cus-
                       tomers have direct access to inventory in the POS system, and the crime of shoplifting is of great concern
                       to management. Surveillance cameras and shop floor security personnel can reduce the risk. These tech-
                       niques are also used to observe sales clerks handling cash receipts from customers. In addition, the cash
                       register’s internal tape is a form of supervision. The tape contains a record of all sales transactions pro-
                       cessed at the register. Only the clerk’s supervisor should have access to the tape, which is used at the end
                       of the shift to balance the cash drawer.


                       Access Control
                       In computerized systems, digital accounting records are vulnerable to unauthorized and undetected
                       access. This may take the form of an attempt at fraud, an act of malice by a disgruntled employee, or an
                       honest accident. Additional exposures exist in real-time systems, which often maintain accounting
                       records entirely in digital form. Without physical source documents for backup, the destruction of com-
                       puter files can leave a firm with inadequate accounting records. To preserve the integrity of accounting
                       records, Sarbanes-Oxley legislation requires organization management to implement controls that restrict
                       unauthorized access. Also at risk are the computer programs that make programmed decisions, manipu-
                       late accounting records, and permit access to assets. In the absence of proper access controls over pro-
                       grams, a firm can suffer devastating losses from fraud and errors. Thus, current laws require management
                       to implement such controls.
                         Because POS systems involve cash transactions, the organization must restrict access to cash assets.
                       One method is to assign each sales clerk to a separate cash register for an entire shift. When the clerk
                       leaves the register to take a break, the cash drawer should be locked to prevent unauthorized access. This
                       can be accomplished with a physical lock and key or by password. At the end of the clerk’s shift, he or
                       she should remove the cash drawer and immediately deposit the funds in the cash room. When clerks
                       need to share registers, responsibility for asset custody is split among them and accountability is reduced.
                         Inventory in the POS system must also be protected from unauthorized access and theft. Both physical
                       restraints and electronic devices are used to achieve this. For example, steel cables are often used in cloth-
                       ing stores to secure expensive leather coats to the clothing rack. Locked showcases are used to display
                       jewelry and costly electronic equipment. Magnetic tags are attached to merchandise, which will sound an
                       alarm when removed from the store.

                       Accounting Records
                       DIGITAL JOURNALS AND LEDGERS. Digital journals and master files are the basis for financial
                       reporting and many internal decisions. Accountants should be skeptical about accepting, on face value,
                       the accuracy of computer-produced hard-copy printouts of digital records. The reliability of hard-copy
                       documents for auditing rests directly on the quality of the controls that protect them from unauthorized
                       manipulation. The accountant should, therefore, be concerned about the quality of controls over the pro-
                       grams that update, manipulate, and produce reports from these files.

                       FILE BACKUP. The physical loss, destruction, or corruption of digital accounting records is a serious
                       concern. The data processing department should perform separate file-backup procedures (discussed in
                       Chapter 2). Typically these are behind-the-scenes activities that may not appear on the system flowchart.
                       The accountant should verify that such procedures are, in fact, performed for all subsidiary and general
                       ledger files. Although backup requires significant time and computer resources, it is essential in pre-
                       serving the integrity of accounting records.

                       Independent Verification

                       The consolidation of many accounting tasks under one computer program removes some of the traditional
                       independent verification control from the system. Independent verification is restored somewhat by
   213   214   215   216   217   218   219   220   221   222   223