Unformatted text preview: Systems, Business Processes, Risk, and Internal Control Lecture 1 Why does an organization exist? How does an organization meet its goals and objectives? How Does An Organization Create Value?
To achieve its goals, everything an organization does should create value. Value is created through a series of transactions and business processes. Risk is inherent in each transaction and is attempted to be mitigated through controls. Transactions
Financial transactions economic events that affect the assets, liabilities, and/or equity of the organization e.g., sell inventory Nonfinancial transactions all other events processed by the organization's information system e.g., sales call on customer Similar types of transactions are grouped together the expenditure cycle, the conversion cycle, and the revenue cycle. Relationship between Transaction Cycles Each Cycle has Two Subsystems
Expenditure Cycle: time lag between the two results from credit relations with suppliers: physical component (acquisition of goods) financial component (cash disbursements to the supplier) Conversion Cycle : the production system (planning, scheduling, and control of the physical product through the manufacturing process) the cost accounting system (monitors the flow of cost information related to production) Revenue Cycle: time lag between the two results from credit relations with customers : physical component (sales order processing) financial component (cash receipts) What is a business process?
A business process is a series of activities that accomplishes a business objective. Acquisition/Payment Process Conversion Process Sales/Collection Process Types of Business Processes
Suppliers Requested input resources Payment for input resources Customers Goods and services for customers Payment for Goods and services Organization
Acquisition / Payment Process Provides input resources to the organization Conversion Process Provides Finished Goods and Services to Customers Sales/ Collectio n Process What is AIS?
AIS is the organizational component that accumulates, classifies, analyzes, and communicates relevant financial and nonfinancial decision making information to a company's internal and external parties. AIS Provides Information
Other Other Stakeholders Stakeholders Functions of AIS
Collect and store data about the activities in an organization's business processes. Transform the data into information. Provide assurance that the organization's data is accurate and reliable, the organization's assets are safeguarded, the organization is operating as managers intend. AIS Subsystems
Transaction processing system (TPS) supports daily business operations General Ledger/ Financial Reporting System (GL/FRS) produces financial statements and reports Management Reporting System (MRS) produces special-purpose reports for internal use The General AIS Model The AIS Model focuses on collecting, processing and generating information from business transactions. Characteristics of Useful Information
Regardless of physical form or technology, useful information has the following characteristics: -relevant, timely, accurate, complete, summarized, and material Risk
Risk is any exposure to the chance of injury or loss. Risk is the chance that something will go wrong to hurt the company. Risks arise from the business environment, the business strategy, and the business processes. Risks related to business processes include financial performance risk, operational risk, compliance risk, and financial reporting risks. Internal Controls
Business establish internal controls to mitigate risks. SUA project focuses on internal controls over business processes and AIS. Controls can be classified into three major types: Preventative: prevent an error Detective: indentify an error or irregularity Corrective: recovering from, repairing the damage from, or minimizing the cost of an error or irregularity Sarbanes-Oxley Act of 2002 and AIS
Management must design and implement internal controls over its financial reporting system Management must assess these controls. External auditors must attest to management's assessment. ...
View Full Document