Boston, [Massachusetts] : , : Pearson, , 2015

©2015

1-292-06108-1

1 online resource (734 pages) : color illustrations

Always Learning

657

Accounting - Data processing

Information storage and retrieval systems - Accounting

Inglese

Includes index.

Cover -- Brief Contents -- Contents -- Preface -- Part I: Conceptual Foundations of Accounting Information Systems -- Chapter 1: Accounting Information Systems: An Overview -- Introduction -- Information Needs and Business Processes -- Information Needs -- Business Processes -- Accounting Information Systems -- How an AIS Can Add Value to an Organization -- The AIS and Corporate Strategy -- The Role of the AIS in the Value Chain -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- Case 1-1 Ackoff's Management Misinformation Systems -- AIS in Action Solutions -- Quiz Key -- Chapter 2: Overview of Transaction Processing and Enterprise Resource Planning Systems -- Introduction -- Transaction Processing: The Data Processing Cycle -- Data Input -- Data Storage -- Data Processing -- Information Output -- Enterprise Resource Planning (ERP) Systems -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- CASE 2-1 Bar Harbor Blueberry Farm -- AIS in Action Solutions -- Quiz Key -- Chapter 3: Systems Documentation Techniques -- Introduction -- Data Flow Diagrams -- Subdividing the DFD -- Flowcharts -- Types of Flowcharts -- Program Flowcharts -- Business Process Diagrams -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Comprehensive Problem -- Discussion Questions --

Problems -- Case 3-1 Dub 5 -- AIS in Action Solutions -- Quiz Key -- Comprehensive Problem Solution -- Chapter 4: Relational Databases -- Introduction -- Files Versus Databases -- Using Data Warehouses for Business Intelligence -- The Advantages of Database Systems -- The Importance of Good Data -- Database Systems -- Logical and Physical Views of Data -- Schemas -- The Data Dictionary -- DBMS Languages -- Relational Databases.

Types of Attributes -- Designing a Relational Database for S&S, Inc. -- Basic Requirements of a Relational Database -- Two Approaches to Database Design -- Creating Relational Database Queries -- Query 1 -- Query 2 -- Query 3 -- Query 4 -- Query 5 -- Database Systems and the Future of Accounting -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Comprehensive Problem -- Discussion Questions -- Problems -- Case 4-1 Research Project -- AIS in Action Solutions -- Quiz Key -- Comprehensive Problem Solution -- Appendix: Data Normalization1 -- Summary -- Second Normalization Example -- Part II: Control and Audit of Accounting Information Systems -- Chapter 5: Computer Fraud -- Introduction -- AIS Threats -- Introduction to Fraud -- Misappropriation of Assets -- Fraudulent Financial Reporting -- SAS No. 99: The Auditor's Responsibility to Detect Fraud -- Who Perpetrates Fraud and Why -- The Fraud Triangle -- Computer Fraud -- The Rise in Computer Fraud -- Computer Fraud Classifications -- Preventing and Detecting Fraud and Abuse -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- Case 5-1 David L. Miller: Portrait of a White-Collar Criminal -- Case 5-2 Heirloom Photo Plans -- AIS in Action Solutions -- Quiz Key -- Chapter 6: Computer Fraud and Abuse Techniques -- Introduction -- Computer Attacks and Abuse -- Social Engineering -- Malware -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- Case 6-1 Shadowcrew -- AIS in Action Solutions -- Quiz Key -- Chapter 7: Control and Accounting Information Systems -- Introduction -- Why Threats to Acc ounting Information Systems Are Increasing -- Overview of Control Concepts -- The Foreign Corrupt Practices and Sarbanes-Oxley Acts -- Control Frameworks.

COBIT Framework -- COSO's Internal Control Framework -- COSO's Enterprise Risk Management Framework -- The Enterprise Risk Management Framework versus the Internal Control Framework -- The Internal Environment -- Management's Philosophy, Operating Style, and Risk Appetite -- Commitment to Integrity, Ethical Values, and Competence -- Internal Control Oversight by the Board of Directors -- Organizational Structure -- Methods of Assigning Authority and Responsibility -- Human Resources Standards that Attract, Develop, and Retain Competent Individuals -- External Influences -- Objective Setting -- Event Identification -- Risk Assessment and Risk Response -- Estimate Likelihood and Impact -- Identify Controls -- Estimate Costs and Benefits -- Determine Cost/Benefit Effectiveness -- Implement Control or Accept, Share, or Avoid the Risk -- Control Activities -- Proper Authorization of Transactions and Activities -- Segregation of Duties -- Project Development and Acquisition Controls -- Change Management Controls -- Design and Use of Documents and Records -- Safeguard Assets, Records, and Data -- Independent Checks on Performance -- Information and Communication -- Monitoring -- Perform Internal Control Evaluations -- Implement Effective Supervision -- Use Responsibility Accounting Systems -- Monitor System Activities -- Track Purchased Software and Mobile Devices -- Conduct Periodic Audits -- Employ a Computer Security

Officer and a Chief Compliance Officer -- Engage Forensic Specialists -- Install Fraud Detection Software -- Implement a Fraud Hotline -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- CASE 7-1 The Greater Providence Deposit & Trust Embezzlement -- AIS in Action Solutions -- Quiz Key -- Chapter 8: Controls for Information Security -- Introduction.

Two Fundamental Information Security Concepts -- Security is a Management Issue, Not Just a Technology Issue -- Defense-in-Depth and the Time-Based Model of Information Security -- Understanding Targeted Attacks -- Preventive Controls -- People: Creation of a "Security-Conscious" Culture -- People: Training -- Process: User Access Controls -- IT Solutions: Antimalware Controls -- IT Solutions: Network Access Controls -- IT Solutions: Device and Software Hardening Controls -- IT Solutions: Encryption -- Physical Security: Access Controls -- Change Controls and Change Management -- Detective Controls -- Log Analysis -- Intrusion Detection Systems -- Penetration Testing -- Continuous Monitoring -- Corrective Controls -- Computer Incident Response Team (CIRT ) -- Chief Information Security Officer (CISO) -- Patch Management -- Security Implications of Virtualization and the Cloud -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- Case 8-1 Assessing Change Control and Change Management -- CASE 8-2 Role-Play: Designing an Effective Information Security Program -- AIS in Action Solutions -- Quiz Key -- Chapter 9: Confidentiality and Privacy Controls -- Introduction -- Preserving Confidentiality -- Identify and Classify Information to be Protected -- Protecting Confidentiality with Encryption -- Controlling Access to Sensitive Information -- Training -- Privacy -- Privacy Controls -- Privacy Concerns -- Privacy Regulations and Generally Accepted Privacy Principles -- Encryption -- Factors that Influence Encryption Strength -- Types of Encryption Systems -- Hashing -- Digital Signatures -- Digital Certificates and Public Key Infrastructure -- Virtual Private Networks (VPNs) -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems.

CASE 9-1 Confidentiality of Examination Question Papers -- CASE 9-2 Generally Accepted Privacy Principles -- AIS in Action Solutions -- Quiz Key -- Chapter 10: Processing Integrity and Availability Controls -- Introduction -- Processing Integrity -- Input Controls -- Processing Controls -- Output Controls -- Illustrative Example: Credit Sales Processing -- Processing Integrity Controls in Spreadsheets -- Availability -- Minimizing Risk of System Downtime -- Recovery and Resumption of Normal Operations -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- CASE 10-1 Ensuring Systems Availability -- CASE 10-2 Ensuring Process Integrity in Spreadsheets -- AIS in Action Solutions -- Quiz Key -- Chapter 11: Auditing Computer-Based Information Systems -- Introduction -- The Nature of Auditing -- Overview of the Audit Process -- The Risk-Based Audit Approach -- Information Systems Audits -- Objective 1: Overall Security -- Objective 2: Program Development and Acquisition -- Objective 3: Program Modification -- Objective 4: Computer Processing -- Objective 5: Source Data -- Objective 6: Data Files -- Audit Software -- Operational Audits of an AIS -- Summary and Case Conclusion -- Key Terms -- AIS in Action -- Chapter Quiz -- Discussion Questions -- Problems -- CASE 11-1 Preston Manufacturing -- AIS in Action Solutions -- Quiz Key -- Part III: Accounting Information Systems Applications -- Chapter 12: The Revenue Cycle: Sales to Cash Collections -- Introduction -- Revenue

Cycle Information System -- Process -- Threats and Controls -- Sales Order Entry -- Taking Customer Orders -- Credit Approval -- Checking Inventory Availability -- Responding to Customer Inquiries -- Shipping -- Pick and Pack the Order -- Ship the Order -- Billing -- Invoicing -- Maintain Accounts Receivable -- Cash Collections.

Process.

For undergraduate and graduate courses in AIS      The market-leading text with the most comprehensive, flexible coverage of AIS available.    This market-leading text delivers the most comprehensive and flexible coverage of the our major approaches to teaching AIS, while allowing instructors the flexibility to reorder chapters and focus the material to suit their individual course needs. This new edition has been updated to cover all of the most recent developments in AIS and to show AIS has changed the roles of an accountant.   Teaching and Learning Experience  This texts presents a better teaching and learning experience-for you and your students. Here's how:     Students see the concepts in action  Up-to-date information covers critical topics  Students get numerous opportunities to practice and hone their skills  Instructors get the flexibility to tailor the material to fit their individual course needs.