Accounting Information System
Accounting Information System
Accounting Information System (“AIS”) plays a key function in enabling a company to collect and use information in a coordinated manner. AIS lays down a formal structure for an organization to assist the organization in collecting, storing, managing, and reporting its financial information. The formal structure comprises major components outlined as follows:
• Component 1: Data collected concerning an organization’s business activities;
• Component 2: Applicable software in the AIS that process the data;
• Component 3: The information technology (“IT”) infrastructure;
• Component 4: Applicable procedures to ensure accuracy, completeness, and proper cutoff of data collecting and processing;
• Component 5: User of AIS (e.g. employees, management, investors, creditors, auditors, regulators, and taxation authorities)
Our team is equipped with relevant knowledge and expertise in assisting the company with aspects of accounting information system (AIS) outlined below:
Processing
Important key questions to be asked by an organization in transaction processing mainly surround multiple aspects including the methods of channeling the data of business activities into AIS and methods of converting the data into relevant and useful information. In other words, this aspect of system operation deals with the flow of data into, through, and out of an AIS. The central to this function is the database that underlies an AIS and the AIS database is mainly comprised of general ledgers and supporting sub-ledgers. The accounting department plays a decisive role in deciding how data are organized with the AIS system mainly because the accounting department is primarily responsible for determining how the general and subsidiary ledgers are structured. The AIS structural decision made by Accounting Department is recommended to discuss with relevant departmental heads to establish their end output expectations and address the relevant concerns of the respective parties before finalizing the AIS structure. These structural decisions can have a long-term impact on how well data are handled by the system, so it pays to explore all possible options. Our team could assist with exploring and addressing specific issues concerning AIS structure designs, coding methodology, and account code structure before the coding methodology and account code structure are fully committed.
Documenting the System
System documentation is one of the key aspects of guaranteeing AIS and the system environment which AIS supports could operate at an optimal level. Proper system documentation ensures one can fully understand how the system works and naturally with this understanding, AIS can cater to meet the specific needs of the system which it primarily supports. The project of documenting the system requires the use of graphical and narrative descriptions, with a special focus on data flow diagrams, flowcharts, and business process diagrams. Our team could assist by working closely with the in-house system development team as assigned by the Company in this aspect.
Systems-Related Fraud
Our experiences suggest it is very likely that an organization’s AIS will be compromised at some point in its operation. The potential threats to AIS can be generally categorized as Intentional Acts, Natural Causes, System Failures, and Unintentional Acts. The primary focus of our team is the intentional acts and it comprises assets misappropriation, unauthorized disclosure of data, sabotage, cyber-attacks, and acts of terrorism. There are various ways in which someone from inside the company can intentionally commit fraud or steal assets through the AIS of the company. The better approach to preventing or minimizing this risk exposure is to develop a supportive employee environment coupled with a constant vigilant for a possible sign of fraud which according to our experience, it has a lower rate of system fraud from intentional acts. In terms of minimizing computer attacks from outsiders, we recommend introducing a continuous guarding system such as first-rate firewalls and virus detection systems to cater specifically to system intrusions. We could assist the management of the company in the aspect of developing a thorough understanding of the nature and types of fraud, potential computer-related fraud, and computer attacks of the AIS. Our service scopes also cover advising several fraud prevention and detection techniques which could potentially minimize the underlying risks.
Systems of Control
A party engaging in system fraud usually requires access to the company’s AIS to steal assets while covering his/ her tracks. Therefore, a comprehensive system of control is crucial as it primarily elevates the barrier and costs for the unauthorized party in committing system fraud. In most organizations, the typical points of access to the AIS are through personal computers which have opened out the massive opportunity for unauthorized actions. These system weaknesses potentially expose the organization to massive losses, and some are so large that they may financially paralyze a business. However, despite underlying concerns, our experience suggests businesses constantly ignore the need for comprehensive controls, primarily due to management’s lack of understanding of the nature and severeness of system frauds and the need for control, coupled with the refusal to incur up-front expenses associated with relevant controls in exchange for a perceived low level of loss. We specialize in advising management in the areas of control principles, introducing specific control procedures customized based on the operating environment of the company, developing control frameworks, and other various aspects.
Information System Controls
Despite AIS delivering abundant benefits to a company in the aspect of major improvement in processing power and data storage volumes, the associated benefits also present multiple challenges related to the aspect of control. Generally, the relevant controls associated with AIS comprise (i) Security Controls [restrict system and data access to authorized users], (ii) Confidentiality Controls [protect key information from access by unauthorized parties], and (iii) Processing Integrity Controls [ensure that data are processed accurately and promptly], (iv) Privacy Controls [protect personal information from unauthorized disclosure, ensure specified information is collected and used only by company policy and requirements from regulators], (v) Availability Controls [as the name has suggested, the objective is to keep the system constantly available for users’ usage]. Our team specializes in providing advice on a full suite of aforesaid controls, which improves the chances of enabling the company to benefit from a highly reliable AIS.
Auditing Accounting Information System
Auditing activities essentially involve examining the financial records of a company to conclude its accuracy and compliance with applicable accounting standards. The party that performs the auditing task is known as the Auditor. It is relevant to note the concept of auditing is also applicable to evidence collection regarding assertions about any type of performance.
Larger organizations, particularly publicly-held entities, usually employ a team of internal auditors, and they are primarily tasked with engaging in activities such as conducting internal process reviews and their report findings with improvements and recommendations to the management. Internal auditors often actively participate in the development and design of information systems since they are specifically equipped with strong familiarity, particularly with the strengths and weaknesses, of existing systems. Similarly, external auditors are also involved in reviewing the system of controls in addition to reviewing a company’s financial statements. The biggest difference between internal auditors is the audit opinions of external auditors will be highly valued by a large group of external users such as the investment community, creditors, and regulatory bodies, and in some industries, the users may also include the suppliers, customers, and/or business partners to the company, since their opinions are considered as an independent appraisal on the financial statements of the company. Therefore, any major flaws in the system of controls in the AIS will affect their opinions on the financial statements of the company. Needless to say, its imperative for the management of the company to be familiar with the auditing approaches to order to ensure major system flaws in the AIS are corrected before the formal execution of system review by the external auditors. Our IT audit team has acquired relevant experiences and expertise in assisting with specific auditing activities associated with AIS.
New Systems Analysis, Development, and Installation
Often time organizations update and/or replace their existing systems, and some factors contributing to the decision comprise the existing systems no longer being able to meet the organization’s requirements in line with business expansion, venture into new markets, new regulatory requirements, and many more. Management will reach a point at which they need to decide whether to update certain segments of the existing system or replace the entire system. From our experiences, the common driving factors to the decision of replacing the entire system are as follow:
(i) Business or Assets Mergers or Acquisitions. The common end output of acquiring or merging with another business is the sudden mass increase in transaction volumes and complexity since the existing system needs to deal with transactions from the newly acquired business or assets. If the management of the acquired opts to use the same system platform to accommodate all these transactions, a more sophisticated and robust system is therefore needed.
(ii) Aging Issue. Some existing systems may be too old and it begins to cause maintenance issues since finding the persons with the relevant experiences to maintain the system is becoming a major challenge.
(iii) Market Competition. Inevitably most businesses in the modern world are relying on new systems to provide new services to customers. Therefore, traditional companies are forced to install new systems to stay in the competition and provide similar services through new systems to their customers.
(iv) Higher Costs of Existing Systems. Existing systems with comparability capabilities but operating at a much higher cost may open room for cost reduction by replacing the existing systems with new ones. The same concept applies if the new systems can significantly lower costs whilst enhancing existing processes or improving productivity.
(v) Needs of Essential Features. Missing essential features in existing systems are often viewed as the driving factor to replacing existing systems if these essential features cannot be installed. The essential features are crucial to support the new business strategies and without these features, the entire strategy will be put to a halt.
(vi) Existing systems are not compatible with one another. The existing system may have been acquired on a separate basis to support individual distinct functions. As a result, the separate systems are incompatible with one another. Management may opt to acquire a new system to obtain an integrated solution.
(vii) Change in Regulatory Requirements. This driving factor applies to businesses operating in a highly regulated industry. With major changes in the relevant requirements from regulatory bodies, the existing systems of the company may not be able to meet these new requirements. A new system is therefore the only option.
When companies are experiencing the need for introducing system changes, our team could assist with the complete suits of the underlying mission, from the planning process, and design of an information system, to implementation, project oversight, and other related aspects.
Specific Business and Operational Cycle – Sales Cycle, Expenditure Cycle, Production Cycle, Human Resource Cycle
Our team is equipped with relevant knowledge and expertise in advising information system flows associated with each set of activities that comprise the Sales Cycle, Expenditure Cycle, Production Cycle, and Human Resource Cycle, including the most essential controls associated with each cycle.
Sales Cycle. The sales cycle primarily relates to the provision of goods and services to customers. Activities involved include but are not limited to receipt and processing of customer orders, preparing product shipments, customer billing, cash collection, and many more. A well-designed AIS could support all aspects of these activities. However, in the processing of updating or replacing the systems, our experiences suggest there is a high chance of business interruptions during the transitional phase. Our team could assist with minimizing the relevant risks of errors or customers not being able to be served promptly.
Expenditure Cycle. The scale of input to expenditure activities is largely driven by sales activities as the volume and types of customers will determine the types of goods and services to be purchased, and the purchasing volume. The expenditure cycle comprises a range of business activities which primarily comprise spending planning and analysis in determining what needs to be purchased and its volume, placing orders, goods and services receipt, payments to suppliers and/or service providers, discounts, refunds, and many more. Once again, a well-designed AIS could support each of the aforesaid activities. In this particular aspect, our team specializes in assisting the company with system review, planning, and implementation while minimizing the potential risk of interruptions in the production and purchasing process, as well as goods receipts.
Production Cycle. Naturally, the production cycle primarily relates to the manufacturing of goods. Ranges of activities comprise designing products, scheduling of production, operations, record keeping, bookkeeping, cost accounting, and reporting. Deliverables from a well-designed AIS that support these activities include a smooth flowing of products into a manufacturing process and adequate cost information generated from the manufacturing process which is crucial for product pricing purposes. In addition, it is relevant to note the production cycle correlates to the expenditure cycle, particularly AIS functions in the expenditure cycle support the process of processing a multitude of requisitions for raw materials coming from the production cycle. Furthermore, AIS in the expenditure cycle also provides updates about the arrival of the raw materials which will be loaded into the production scheduling function of the AIS promptly.
Human Resources Cycle. Employees represent one of the key assets of most organizations. Activities associated with the human resources cycle primarily deal with the management of the personnel resources of a business. These activities may include but are not limited to candidate assessment, review and recruiting, employee hiring and onboarding, employee training, coaching and mentoring, employee compensation, employee performance review, and terminating employee.
These preceding activities are generally the primary responsibilities of the human resources department, except for compensation activities which are usually managed by the payroll function of the accounting department. A well-designed and implemented AIS could support a range of activities associated with payroll function although it does not usually support other activities as mentioned above.
Encountering Business Challenges?
Let’s talk about how we can assist and raise together.
Let us together build a flourishing business
When connected with us, you aren’t growing your business alone. We have your back and put in our best to contribute to the growth of your entire team and organization. So, if you are looking for the right consultant that’ll help you overcoming business and operational challenges, and bring in more conversions and revenue, we are right here!