Accounting Information Systems (AIS) Overview

MODULE 1:
Accounting Information Systems (AIS) Overview
Accounting Information Systems

Elden T. Vergara
Lecturer
Learning Objectives:
This lesson aims to help the student:
- Be familiar with the different business ethical
issues.
- Evaluate and formulate various designs and
techniques in resolving ethical issues in a
computerized environment.
LESSON 3:
Ethics, Fraud and Internal Control
Accounting Information Systems

Elden T. Vergara
Lecturer
Ethical Issues in Business
Business Ethics
1) How do managers decide what is right in
conducting their business?
2) Once managers have recognized what is right,
how do you achieve it?
Ethics - pertain to the principles of conduct an individuals use in
making choices and guiding their behavior in situations that
involve the concepts of right and wrong.
Illustration 3-1: ETHICAL ISSUES IN BUSINESS
Making Ethical Decisions
Proportionality - the benefit from a decision must outweigh the
risks.
Justice: The benefits of the decision should be distributed fairly to
those who share risks. Those who do not benefit should not
carry the burden of risk.
Minimize Risk: Even if judged acceptable by the principles, the decision
should be implemented so as to minimize all of the risks and
avoid any unnecessary risks.
Computer Ethics - is the analysis of the nature and social impact
of computer technology and the corresponding formulation and
justification of policies for the ethical use of such technology.
Privacy – Should the privacy of individuals be protected through policies and systems?
What information about oneself does the individual own? Should firms that are
unrelated to individuals buy and sell information about these individuals without their
permission?
Security (Accuracy and Confidentiality):
- computer security is an attempt to avoid such undesirable events as a loss of
confidentiality and data integration.
- security systems attempt to prevent fraud and other misuse of computer systems;
they act to protect and further the legitimate interests of the systems’ constituencies.
- Which is most important: security, accuracy, or confidentiality?
Ownership of Property - laws designed to preserve real property rights have
been extended to cover what is referred to as intellectual property – software.
Equity in Access - How can hardware and software be designed with consideration
for differences in physical and cognitive skills? What is the cost of providing equity in
access? For what groups of society should equity in access become a priority?
Environmental Issues – Should organizations limit nonessential
hardcopies? Can nonessential be defined? Who can and should
define it? Should proper recycling be required? How can it be
enforced?
Artificial Intelligence - Who is responsible for the completeness
and appropriateness of the knowledge base? Who is responsible for
a decision made by an expert system that causes harm when
implemented? Who owns the expertise once it is coded into a
knowledge base?
Unemployment and Displacement – Should employee be
responsible for retraining workers who are displaced as a result of
computerization of their functions?
Misuse of Computers - copying proprietary software, using a
company’s computer for personal benefit, and snooping through
other people’s files are just few examples of misusing computers.
Sarbanes-Oxley Act (SOX) and Ethical Issues: Section
Code of Ethics for Senior Financial Officers
- Conflicts of interest
- Full and fair disclosures
- Legal compliance
- Internal reporting of code violations
- Accountability
Fraud - denotes a false representation of a material fact made by one
party to another party with the intent to deceive and induce the other
party to justifiably rely on the fact to his or her detriment.
Five (5) Conditions for a fraudulent act:
1. False representation
2. Material fact
3. Intent
4. Justifiable reliance
5. Injury or loss
Employee Fraud - is generally designed to directly convert cash or other
assets to the employee’s personal benefit.
6. Stealing something of value (an asset)
7. Converting the asset to a usable form (cash)
8. Concealing the crime to avoid detection
Management Fraud - is more insidious than employee fraud because it
often escapes detection until the organization has suffered
irreparable damage or loss.
1. The fraud is perpetuated at levels of management above the one to
which internal control structures generally relate.
2. The fraud frequently involves using the financial statements to
create an illusion that an entity is healthier and more prosperous
than , in fact, it is.
3. If the fraud involves misappropriation of assets, it frequently is
shrouded in a maze of complex business transactions, often
involving related third parties.
The Fraud Triangle
1. Situational pressure – includes personal or job-related stresses that could coerce
an individual to act dishonestly.
2. Opportunity - involves direct access to assets and/or access to information that
controls assets.
3. Ethics - pertains to one’s character and degree of moral opposition to acts of
dishonesty.
Illustration 3-2: FRAUD TRIANGLE
Pressure Opportunity Pressure Opportunity
No Fraud
Fraud
Ethics
Ethics
Fraud Schemes
Fraudulent statements - are associated with management
fraud. Whereas all fraud involves some form of financial
statements, to meet the definition under this class of
fraud scheme the statement itself must bring direct or
indirect financial benefit to the perpetuator.
The underlying problems:
1. Lack of auditor independence
2. Lack of director independence
3. Questionable executive compensation schemes
4. Inappropriate accounting practices
Corruption
- Involves and executive, manager, or employee of the
organization in collusion with an outsider.
Bribery
- Involves giving, offering, soliciting, or receiving things
of value to influence an official in the performance of
his or her lawful duties.
Illegal gratuity
- Involves giving, receiving, offering, or soliciting
something of value because of an official act that has
been taken.
Conflict of interest
- occurs when an employee acts on behalf of a third
party during the discharge of his or her duties or has
self-interest in the activity being performed.
Economic extortion
- is the use (or threat) of force (including economic
sanctions) by an individual or organization to obtain
something of value.
Asset misappropriation
- assets are either directly or indirectly diverted to the
perpetuator’s benefit.
Types of asset misappropriation schemes
Skimming
- involves stealing cash from an organization before it is recorded
on the organization’s books and records.
Cash Larceny
- Involves schemes in which cash receipts are stolen from an
organization after they have been recorded in the organization’s
books and records.
Billing Schemes
- Also known as vendor fraud, are perpetuated by employee who
causes their employer to issue a payment to a false suppliers or
vendor by submitting invoices for fictitious goods or services,
inflated invoices, or invoices for personal purchases.
Examples of billing scheme
1) Shell company fraud - first requires that the
perpetuator establish a false supplier on the books
of the victim company.
2) Pass through fraud - is similar to the shell
company fraud with the exception that a
transaction actually takes place.
3) Pay-and-return - typically involves a clerk with
checkwriting authority who pays a vendor twice for
the same products (inventory or supplies) received.
Check Tampering
- Involves forging or changing in some material way a
check that the organization has written to a
legitimate payee.
Payroll fraud
- Is a distribution of fraudulent paychecks to existent
and/or nonexistent employees.
Expense reimbursements
- Are schemes in which an employee makes a claim for
reimbursement fictitious or inflated business
expenses.
Thefts of cash
- Are schemes that involve the direct theft of cash
on hand in the organization.
Non-cash misappropriations
- Involve the theft or misuse of the victim
organization’s non-cash assets.
Computer fraud
- Fraudulent statements, corruption, and asset
misappropriations.
Internal Control Concepts and Techniques
Internal Control System - comprises policies,
practices, and procedures employed by the
organization to achieve four (4) objectives:
1) To safeguard assets of the firm.
2) To ensure the accuracy and reliability of
accounting records and information.
3) To promote efficiency in the firm’s
operations.
4) To measure compliance with management’s
prescribed policies and procedures.
Modifying Assumptions
1) Management responsibility – is the establishment and
maintenance of a system of internal control.
2) Reasonable assurance - the cost of achieving improved
control should not outweigh its benefits.
3) Methods of data processing - the control techniques used
to achieve the four objectives vary with different types of
technology.
4) Limitations:
- possibility of error-no system is perfect
- circumvention
- management override
Illustration 3-3: INTERNAL CONTROL SHIELD
Exposure - is the absence or weakness of a control
Types of risks
1) Destruction of assets (both physical assets and
information)
2) Theft of assets
3) Corruption of information or the information
system
4) Disruption of the information system
Illustration 3-4: THE PREVENTIVE, DETECTIVE, AND CORRECTIVE INTERNAL CONTROL MODEL
Preventive Controls
- are passive techniques designed to reduce the frequency
of occurrence of undesirable events.
Defective Controls
- are devices, techniques, and procedures designed to identify
and expose undesirable events that elude preventive
controls.
Corrective Controls
- are actions taken to reverse the effects of errors detected in
the previous step.
SAS78/COSO Internal Control Framework
1) Control environment - is the foundation for
the other four components. It sets the tone
for the organization and influences the
control awareness of its management and
employees.
2) Risk assessment - to identify, analyze, and
manage risks relevant to financial reporting.
3) Information and communication
Accounting information system - consists of
the records and methods used to initiate,
identify, analyze, classify, and record the
organization’s transactions and to account for
the related assets and liabilities.
4) Monitoring
- is the process by which the quality of internal
control design and operation can be assessed.
5) Control activities
- are the policies and procedures used to ensure that
appropriate actions are taken to deal with the
organization’s identified risks.
1) IT controls - relate specifically to the computer
environment.
a) General controls - pertain to entity-wide
concerns such as controls over the data center.
b) Application controls - ensure the integrity of
specific systems such as sales order processing,
accounts payable, and payroll applications.
5) Control activities
2) Physical control – relates primarily to the
human activities employed in accounting
system.
End of LESSON 3
End of MODULE 1
Rather fail with honor than succeed by fraud

- Sophocles

Accounting Information Systems (AIS) Overview

Uploaded by

Accounting Information Systems (AIS) Overview

Uploaded by

MODULE 1:

Accounting Information Systems (AIS) Overview

Accounting Information Systems

Ethics, Fraud and Internal Control

Accounting Information Systems

Rather fail with honor than succeed by fraud

You might also like