Page 35 - Encyclopedia of Business and Finance
P. 35
eobf_A 7/5/06 2:54 PM Page 12
Accounting Information Systems
variety of scheduled and on-demand reports. The reports database security is enabled to protect the organizational
can be tabular, showing data in a table or tables; graphic, data from theft, corruption, and other threats. Lastly,
using images to convey information in a picture format; application security is used to keep unauthorized persons
or matrices, to show complex relationships in multiple from performing operations within the AIS.
dimensions. Testing. Testing is performed at four levels. Stub or
There are numerous characteristics to consider when unit testing is used to ensure the proper operation of indi-
defining reporting requirements: The reports must be vidual modifications. Program testing involves the inter-
accessible through the system’s interface. They should action between the individual modification and the
convey information in a proactive manner. They must be program it enhances. System testing is used to determine
relevant. Accuracy and reliability must be considered. that the program modifications work within the AIS as a
Lastly, reports must meet the information processing whole. Acceptance testing ensures that the modifications
(cognitive) style of the audience they were meant to meet user expectations and that the entire AIS performs as
inform and meet applicable reporting standards. designed.
Management reports come in three basic types: Conversion. Conversion entails the method used to
change from an old to a new AIS. Several methods are
• Filter reports—separate selected data from a data-
available to achieve this goal. One is to run the new and
base, such as a monthly check register
old systems in parallel for a specified period. A second
• Responsibility reports—such as a weekly sales report method is to directly cut over to the new system at a spec-
for a regional sales manager ified time. A third method is to phase in the system, either
• Comparative reports—created to show period differ- by location or system function. A fourth method is to
pilot the new system at a specific site before converting
ences, percentage breakdowns and differences (vari-
the rest of the organization.
ances) between actual and budgeted expenditures,
such as a report showing the expenses from the cur-
rent year and the prior year as a percentage of sales Support. The support phase has two objectives. The first
is to update and maintain the AIS. This includes fixing
problems and updating the system for business and envi-
Implementation. The implementation phase consists of
ronmental changes. For example, changes in generally
two primary parts, construction and delivery. Construc-
tion includes the selection of hardware, software, and ven- accepted accounting principles (GAAP) or new regula-
dors for the implementation; building and testing the tions such as the Sarbanes-Oxley Act of 2002 might
necessitate changes to the AIS. The second objective of
network communication systems; building and testing the
support is to continue development by continuously
databases; writing and testing the new program modifica-
tions; and installing and testing the total system from a improving the business through adjustments to business
technical standpoint. Delivery is the process of conduct- and environmental changes. These changes might result
ing final system and user acceptance testing, preparing the in future problems, new opportunities, or management or
governmental directives requiring additional system mod-
conversion plan, installing the production database, train-
ing the users, and converting all operations to the new sys- ifications.
tem.
Tool sets. Tool sets are a variety of application develop- ASSURANCE, AUDIT, AND
ment aids that are vendor specific and used for customiza- ATTESTATION
tion of delivered systems. They allow the addition of fields Quality control of AISs involves many activities, includ-
and tables to the database along with ability to create ing the services of both external auditors (public account-
screen and other interfaces for data capture. In addition, ants) and internal auditors. External auditors can provide
they help set accessibility and security levels for adequate a variety of services, including providing assurance that
internal control within the accounting applications. the controls over external financial reporting are adequate
Security. Security exists in several forms, including and attestations that the external financial statement are
physical security. In typical AISs the equipment is located “fairly presented” in accordance with GAAP. Internal
in a locked room with access granted only to technicians. auditors focus on providing assurance that AISs are effec-
Software access controls are set at several levels, depending tive and efficient in providing information to assist man-
on the size of AIS. The first level of security occurs at the agerial decision making.
network level, which protects the organization’s commu- Continuous improvement of AISs change the way
nication systems. Next is the operating system level secu- internal controls are implemented and the types of audit
rity, which protects the computing environment. Then trails that exist within a modern organization. The lack of
12 ENCYCLOPEDIA OF BUSINESS AND FINANCE, SECOND EDITION
