Information system about accounting
Accounting Information Systems (AISs) combine the study and practice of accounting with the design, implementation, and monitoring of information systems. Such systems use modern information technology resources together with traditional accounting controls and methods to provide users the financial information necessary to manage their organizations.
AISs cover all business functions from backbone accounting transaction processing systems to sophisticated financial management planning and processing systems.
Financial reporting starts at the operational levels of the organization, where the transaction processing systems capture important business ...view middle of the document...
For example, after a large insurance company installed software to detect abnormal system activity, it found computers hidden under the floor if its data center. Further investigation revealed that several employees were using the computers and the insurance company’s system to run an illegal gambling web site.
Computer instruction fraud—
Computer fraud can be accomplished by tampering with the software that processed company data. This may include modifying the software, copying software illegally, using software in an unauthorized manner, or developing software to carry out an unauthorized activity.
The greatest exposure to data fraud comes from employees with access to the data. The exposure to outsiders is very real but much less likely to occur. The most frequent type of data fraud is the illegal use of company data, typically by copying it, using it or searching it without permission.
Computer output, displayed on monitors or printed on paper, can be stolen or misused. Unless properly safeguard, output is subject to prying eyes and unauthorized copying. Fraud perpetrators also can use computers and output devices to forge authentic looking outputs. For example, a fraud perpetrator could use a personal computer and a scanner to scan in a company’s paycheck and the use desktop publishing software to erase the payee and amount and the print as many fictitious paychecks as desired in check paper sold in office supply stores.
Information about auditing
The purpose of an information systems audit is to review and evaluate the internal controls that protect the system. When performing an information system audit, auditors should ascertain that the following objectives are met:
Objective 1: overall security: security provisions protect computer equipment, programs, communications, and data from unauthorized access, modification, or destruction.
Objective2: program development and acquisition: program development and acquisition are performed in accordance with management’s general and specific authorization.
Objective3: program modification: program modifications have management’s authorization and approval.
Objective4: computer processing: processing of transactions, files, reports, and other computer records is accurate and complete.
Objective5: source data: source data that are inaccurate or improperly authorized are identified and handled according to prescribed managerial policies.
Objective 6: data files: computer data files are accurate, complete, and confidential.
Auditing tests of controls
The basic auditing approach was to follow the audit trail up to the point at which accounting data entered the computer and pick these data up again...