AIS822S - ACCOUNTING INFORMATION SYSTEMS - 2ND OPP - JAN 2020 :: NUST past examination papers between 2020 and 2024

Expand document

Collapse document

AIS822S - ACCOUNTING INFORMATION SYSTEMS - 2ND OPP - JAN 2020

1 Pages 1-10

1.1 Page 1

1.2 Page 2

1.3 Page 3

1.4 Page 4

1.5 Page 5

1.6 Page 6

1.7 Page 7

1.8 Page 8

1.9 Page 9

1.10 Page 10

2 Pages 11-20

2.1 Page 11

2.2 Page 12

2.3 Page 13

2.4 Page 14

2.5 Page 15

2.6 Page 16

2.7 Page 17

2.8 Page 18

AIS822S - ACCOUNTING INFORMATION SYSTEMS - 2ND OPP - JAN 2020

1 Pages 1-10

▲back to top

1.1 Page 1

▲back to top

NAMIBIA UNIVERSITY

OF SCIENCE AND TECHNOLOGY

Faculty of Computing and Informatics

Department of Informatics

QUALIFICATION : POSTGRADUATE CERTIFICATE IN INFORMATICS (INFORMATION SYSTEMS AUDIT)

QUALIFICATION CODE: O8PGCl

COURSE: ACCOUNTING INFORMATION SYSTEMS

LEVEL: 8

COURSE CODE: AIS822S

DATE: JANUARY 2020

PAPER: THEORY

DURATION: 3 Hours

MARKS: 100

SECOND OPPORTUNITY/SUPPLEMENTARY EXAMINATION QUESTION PAPER

EXAMINER(S)

Mr Munyaradzi Maravanyika

MODERATOR:

Ms Valerie Garises

INSTRUCTIONS

Answer ALL the questions.

Write clearly and neatly.

Number the answers clearly.

Do not use additional materials

Cross out any work which should not be marked.

No pencil work allowed except for diagrams where requested.

THIS QUESTION PAPER CONSISTS OF 3 PAGES

(Excluding this front page)

1.2 Page 2

▲back to top

Case Scenario

Read the following case carefully and use it to answer Section A of this paper.

Namib CC., has the following processes related to purchasing:

When it is determined that an item should be ordered, the purchasing department prepares a

three - copy PO. The first copy is mailed to the vendor, the second copy is filed by PO number in the

purchasing department, and the third copy is forwarded to inventory control. Inventory control

updates the inventory ledger with the quantities that were ordered and files the PO copy by date.

When ordered items arrive at the receiving dock, the packing slip is inspected and a two - copy

receiving report is prepared. The first copy is forwarded to the purchasing department, where it is

filed with the PO. The second copy is filed in the receiving department by date. The packing slip is

forwarded to the accounts payable department.

Suppliers mail invoices directly to the accounts payable department. The accounts payable

department reviews the invoice and related packing slip, prepares a cash disbursement voucher,

updates the accounts payable ledger, and files the invoice by date. The cash disbursement voucher

is forwarded to the cash disbursements department.

The packing slip is returned to the receiving department. The cash disbursements department prepares

a two - copy check, mails the first copy to the vendor, and forwards the second copy to the general

ledger department. The cash disbursement voucher is forwarded to the accounts payable department

where it is filed with the invoice.

The general ledger department updates the general ledger accounts, using the second copy of the

check, and then forwards the check copy to cash disbursements to be filed by check number.

SECTION A: CASE STUDY QUESTIONS

[60 MARKS]

Question 1

[10 marks]

Prepare a process diagram of the first three paragraphs of Namib CC. processes scenario (the bold

section).

Question 2

[5 marks]

Explain how using a group coding scheme to design the supplier number may benefit Namib CC. in terms

of effectiveness and efficiency of its internal processes.

Question 3

[15 marks]

Discuss the concept of internal computer fraud and how internal computer fraud may be perpetrated

within Namib CC. using input manipulation, program manipulation and output manipulation.

1.3 Page 3

▲back to top

Question 4

[10 marks]

Explain why an enforced code of ethics may have more impact in deterring upper-level management fraud

than the implementation of internal controls.

Question 5

[20 marks]

Identify any weaknesses in internal controls within the purchase processes of Namib CC. and indicate the

improvements you would suggest.

SECTION B: STRUCTURED QUESTIONS

[40 MARKS]

Question 6

[15 marks]

A manger suspects that certain employees are ordering merchandise for themselves over the Internet

without recording the purchase or receipt of the merchandise. When vendor’s invoices arrive, one of the

employees approves the invoices for payment. After the invoices are paid, the employee destroys the

invoices and related vouchers. The manager has been advised it would be best to begin tracing from the

cash disbursements to trace whether this is actually happening. Do you agree with this advice? Support

your answer.

Question 7

[25 marks]

Ozongejama Engineering Corp (OEC) operates in five SADC countries. OEC faced a crucial decision:

choosing network software that would maximize functionality, manageability, and end-user acceptance

of the system. OEC developed and followed a four-step approach:

Step 1.

Develop evaluation criteria. OEC organised a committee that interviewed users and developed the

following evaluation criteria:

- Ease of use

- Scope of vendor support

- Ease of network management and administration

- Cost, speed, and performance

- Ability to access other computing platforms

- Security and control

- Fault tolerance and recovery abilities

- Ability to connect workstations to the network

- Global naming services

- Upgrade and enhancement options

- Vendor stability

OEC organized the criteria into the following four categories and prioritized them. Criteria vital to short-

term and long-term business goals were given a 5. “Wish list” criteria were weighted a 3. Inapplicable

criteria were given a 1.

1. Business criteria: overall business, economic, and competitive issues

2. Operational criteria: tactical issues and operating characteristics

3. Organizational criteria: networks’ impact on the information systems structure

1.4 Page 4

▲back to top

4. Technical criteria: hardware, software, and communications issues

Step 2.

Define the operating environment. Several data-gathering techniques were used to collect information

from which an information systems model was developed. The model revealed the need to share

accounting, sales, marketing, and engineering data at three organizational levels: district, division, and

home office. District offices needed access to centralized financial information to handle payroll. OEC

needed a distributed network that allowed users throughout the organization to access company data.

Step 3.

Identify operating alternatives. Using the criteria from step 1, committee members evaluated each

package and then compared notes during a roundtable discussion.

Step 4.

Test the software. The highest-scoring products were tested, and the product that fit the organization’s

needs the best was selected.

a. Discuss the committee’s role in the selection process.

[5]

b. What are the pros and cons of using a committee to make the selection?

[5]

c. What data-gathering techniques could WEC use to assess user needs and select a supplier?

[5]

d. What is the benefit of analysing the operating environment before selecting the software?

[5]

e. Justify whether a purchase decision be made on the point scoring process alone?

[5]

End of question paper

1.5 Page 5

▲back to top

NAMIBIA UNIVERSITY

OF SCIENCE AND TECHNOLOGY

FACULTY OF COMPUTING AND INFORMATICS

DEPARTMENT OF INFORMATICS

QUALIFICATION CODE: O08PGCl

“COURSE CODE: AIS8225 _

SESSION:

JANUARY 2020

DURATION:

3 HOURS

| LEVEL: 8

| COURSE NAME: ACCOUNTING INFORMATION SYSTEMS

| PAPER:

THEORY

| MARKS:

100

| EXAMINER(S)

mOnedon

MS VALERIE GARISES

INSTRUCTIONS

Please use the memorandum or sample solutions to guide your marking.

Use the marks allocated as a guide to mark

3. Reasonable, in depth and innovative correct solutions provided by the

students should be allocated marks even if not provided in the

memorandum.

._ Take note of the marks allocated to each question.

PERMISSIBLE MATERIALS

None

THIS QUESTION PAPER CONSISTS OF 8 PAGES (Including this front page)

1.6 Page 6

▲back to top

Case Scenario

Read the following case carefully and use it to answer Section A of this paper.

Namib CC., has the following processes related to purchasing:

When it is determined that an item should be ordered, the purchasing department prepares a three - |

copy PO. The first copy is mailed to the vendor, the second copy is filed by PO number in the purchasing

department, and the third copy is forwarded to inventory control. Inventory control updates the

inventory ledger with the quantities that were ordered and files the PO copy by date.

When ordered items arrive at the receiving dock, the packing slip is inspected and a two - copy |

receiving report is prepared. The first copy is forwarded to the purchasing department, where it is filed

with the PO. The second copy is filed in the receiving department by date. The packing slip is forwarded

to the accounts payable department.

Suppliers mail invoices directly to the accounts payable department. The accounts payable department |

reviews the invoice and related packing slip, prepares a cash disbursement voucher, updates the

accounts payable ledger, and files the invoice by date. The cash disbursement voucher is forwarded to

the cash disbursements department.

The packing slip is returned to the receiving department. The cash disbursements department prepares

a two - copy check, mails the first copy to the vendor, and forwards the second copy to the general

ledger department. The cash disbursement voucher is forwarded to the accounts payable department

where it is filed with the invoice.

The general ledger department updates the general ledger accounts, using the second copy of the

check, and then forwards the check copy to cash disbursements to be filed by check number.

SECTION A: CASE STUDY QUESTIONS

[60 MARKS]

Question 1

[10 marks]

Prepare a process diagram of the first three paragraphs of Namib CC. processes scenario (the bold

section).

1.7 Page 7

▲back to top

{a }

{

Prepare 3-copy PO }i

soso

Silvke

Repu

rancced

)

i FieCony2

}

| Receive coopf yPO!

}

Matinveceto |

Accounts Payare

Dex

Pim

jms

9 P> m zecer yt i

4—— Fecenvelmoxe |

seuvecoms

ovennt es

—.

Receve Covy 3 of

{

\\| Receve pacting sip -

——————

ff orse mete) |

" - toamacurutae |

| Update Invertory

l lecger

posit

[ re pFurochrasaingard cocoxpy taond

—

Receve PackngSip:

Question 2

[5 marks]

Explain how using a group coding scheme to design the supplier number may benefit Namib CC. in terms

of effectiveness and efficiency of its internal processes.

Solution

Group codes - Two or more subgroups of digits that are used to code an item.

A group code is often used in conjunction with a block code.

Example:

DIGIT POSITION

MEANING

j-2

Product ling, size, style

Color

_—

Year of manufacture

Optional features

There are four sub-codes in the product code, each with a different meaning.

Users can sort, summarize, and retrieve information using one or more sub-codes.

This technique is often applied to general ledger account numbers.

Question 3

[15 marks]

Discuss the concept of internal computer fraud and how internal computer fraud may be perpetrated

within Namib CC. using input manipulation, program manipulation and output manipulation.

Solution

Input manipulation usually involves altering data that is input into the computer.

- For example, altering payroll timecards to be entered into a computerized payroll system is a type

of input manipulation.

Other examples of input manipulation would be creating false or fictitious data inputs, entering

data without source documents, or altering payee addresses of vendors or employees.

1.8 Page 8

▲back to top

Program manipulation occurs when a program is altered in some fashion to commit a fraud.

Examples of program manipulation include the salami technique, Trojan horse programs, and trap

door alterations.

A fraudster may use the salami technique to alter a program to slice a small amount from several

accounts and then credit those small amounts to the perpetrator’s benefit.

For example, a program that calculates interest earned can be altered to round down to the lower

10-cent amount; that small excess of interest earned can be deposited to the perpetrator’s

account. Although it would take many transactions of this type to be of much benefit, the nature

of interest calculation is such that it occurs frequently on many accounts; therefore, the amount

of the fraud benefit could build quickly.

A Trojan horse program is a small, unauthorized program within a larger, legitimate program,

used to manipulate the computer system to conduct a fraud.

For example, the rogue program might cause a certain customer’s account to be written off each

time a batch of sales or customer payments are processed.

A trap door alteration is a valid programming tool that is misused to commit fraud.

As programmers write software applications, they may allow for unusual or unique ways to enter

the program to test small portions, or modules, of the system.

These entranceways can be thought of as hidden entrances, or trap doors.

Before the program is placed into regular service, the trap doors should be removed, but a

programmer may leave a trap door in place in order to misuse it to commit fraud.

Computer systems generate many different kinds of output, including checks and reports.

If a person alters the system’s checks or reports to commit fraud, this is known as output

manipulation.

This kind of fraud is often successful simply because humans tend to trust the output of a computer

and do not question its validity or accuracy as much as they might if the output were manually

produced

Question 4

[10 marks]

Explain why an enforced code of ethics may have more impact in deterring upper-level management fraud

than the implementation of internal controls.

Solution

A code of ethics is a set of documented guidelines for moral and ethical behaviour within the

organization.

It is management’s responsibility to establish, enforce, and exemplify the principles of ethical

conduct valued in the organization.

Upper-level managers are above the level of internal controls;

Therefore, internal control systems, matching documents, or segregating duties have little impact

on the prevention of fraud by upper-level management.

Having and enforcing a code of ethics sets the proper “tone at the top” and makes it more difficult

for upper-level managers to conduct fraud.

As has become obvious with the flood of accounting fraud scandals at companies such as Enron,

WorldCom, Global Crossing, and others, top management does not always exhibit ethical

behaviour.

If management does not demonstrate ethical behaviour, employees at all levels are much more

likely to follow suit in their disregard for ethical guidelines.

. Management that emphasizes and madels ethical behaviour is more likely to encourage ethical

behaviour in employees.

1.9 Page 9

▲back to top

Question 5

[20 marks]

Identify any weaknesses in internal controls within the purchase processes of Namib CC. and indicate the

improvements you would suggest.

Authorization

Transaction authorization in real-time processing systems is an automated task.

Management and accountants should be concerned about the correctness of the computer-

programmed decision rules and the quality of the data used in this decision.

In POS systems, the authorization process involves validating credit card charges and establishing

that the customer is the valid user of the card.

After receiving online approval from the credit card company, the clerk should match the

customer’s signature on the sales voucher with the one on the credit card.

Segregation of Duties

Tasks that would need to be segregated in manual systems are often consolidated within

computer programs.

For example, a computer application may perform such seemingly incompatible tasks as inventory

control, AR updating, billing, and general ledger posting.

In such situations, management and auditor concerns are focused on the integrity of the computer

programs that perform these tasks.

They should seek answers to such questions as: Is the logic of the computer program correct? Has

anyone tampered with the application since it was last tested? Have changes been made to the

program that could have caused an undisclosed error?

Answers to the questions lie, in part, in the quality of the general controls over segregation of

duties related to the design, maintenance, and operation of computer programs.

Programmers who write the original computer programs should not also be responsible for

making program changes.

Both of these functions should also be separate from the daily task of operating the system.

Supervision

In an earlier discussion, we examined the importance of supervision over cash-handling

procedures in the mail room.

The individual who opens the mail has access both to cash (the asset) and to the remittance

advice (the record of the transaction).

A dishonest employee has an opportunity to steal the check and manual mail room procedures

are in place.

In a POS system, where both inventory and cash are at risk, supervision is particularly important.

Customers have direct access to inventory in the POS system, and the crime of shoplifting is of

great concern to management.

Surveillance cameras and shop floor security personnel can reduce the risk.

These techniques are also used to observe sales clerks handling cash receipts from customers. In

addition, the cash register’s internal tape is a form of supervision.

The tape contains a record of all sales transactions processed at the register. Only the clerk’s

supervisor should have access to the tape, which is used at the end of the shift to balance the cash

drawer.

Access Control

In computerized systems, digital accounting records are vulnerable to unauthorized and

undetected access.

1.10 Page 10

▲back to top

This may take the form of an attempt at fraud, an act of malice by a disgruntled employee, or an

honest accident.

Additional exposures exist in real-time systems, which often maintain accounting records entirely

in digital form.

Without physical source documents for backup, the destruction of computer files can leave a firm

with inadequate accounting records.

To preserve the integrity of accounting records, Sarbanes-Oxley legislation requires organization

management to implement controls that restrict unauthorized access.

Also at risk are the computer programs that make programmed decisions, manipulate accounting

records, and permit access to assets.

In the absence of proper access controls over programs, a firm can suffer devastating losses from

fraud and errors. Thus, current laws require management to implement such controls.

Because POS systems involve cash transactions, the organization must restrict access to cash

assets.

One method is to assign each sales clerk to a separate cash register for an entire shift. When the

clerk leaves the register to take a break, the cash drawer should be locked to prevent unauthorized

access.

This can be accomplished with a physical lock and key or by password.

At the end of the clerk’s shift, he or she should remove the cash drawer and immediately deposit

the funds in the cash room.

When clerks need to share registers, responsibility for asset custody is split among them and

accountability is reduced.

Inventory in the POS system must also be protected from unauthorized access and theft. Both

physical restraints and electronic devices are used to achieve this.

For example, steel cables are often used in clothing stores to secure expensive leather coats to the

clothing rack. Locked showcases are used to display jewelry and costly electronic equipment.

Magnetic tags are attached to merchandise, which will sound an alarm when removed from the

store.

Accounting Records

DIGITAL JOURNALS AND LEDGERS.

Digital journals and master files are the basis for financial reporting and many internal decisions.

Accountants should be skeptical about accepting, on face value, the accuracy of computer-

produced hard-copy printouts of digital records.

The reliability of hard-copy documents for auditing rests directly on the quality of the controls that

protect them from unauthorized manipulation.

The accountant should, therefore, be concerned about the quality of controls over the programs

that update, manipulate, and produce reports from these files.

FILE BACKUP.

The physical loss, destruction, or corruption of digital accounting records is a serious concern.

The data processing department should perform separate file-backup procedures .

Typically these are behind-the-scenes activities that may not appear on the system flowchart.

The accountant should verify that such procedures are, in fact, performed for all subsidiary and

general ledger files.

Although backup requires significant time and computer resources, it is essential in preserving the

integrity of accounting records.

Independent Verification

The consolidation of many accounting tasks under one computer program removes some of the

traditional independent verification control from the system.

2 Pages 11-20

▲back to top

2.1 Page 11

▲back to top

- Independent verification is restored somewhat by performing batch control balancing after each

run and by producing management reports and summaries for end users to review.

SECTION B: STRUCTURED QUESTIONS

[40 MARKS]

Question 6

[15 marks]

A manger suspects that certain employees are ordering merchandise for themselves over the Internet

without recording the purchase or receipt of the merchandise. When vendor’s invoices arrive, one of the

employees approves the invoices for payment. After the invoices are paid, the employee destroys the

invoices and related vouchers. The manager has been advised it would be best to begin tracing from the

cash disbursements to trace whether this is actually happening. Do you agree with this advice? Support

your answer.

Support

- The record of payment

- Since these fraudsters

invoices and vouchers

would be the only option for possibly uncovering this scheme.

are not recording the receipt of merchandise and they are

destroying

Question 7

[25 marks]

Ozongejama Engineering Corp (OEC) operates in five SADC countries. OEC faced a crucial decision:

choosing network software that would maximize functionality, manageability, and end-user acceptance

of the system. OEC developed and followed a four-step approach:

Step 1.

Develop evaluation criteria. OEC organised a committee that interviewed users and developed the

following evaluation criteria:

- Ease of use

- Scope of vendor support

- Ease of network management and administration

- Cost, speed, and performance

Ability to access other computing platforms

Security and control

Fault tolerance and recovery abilities

Ability to connect workstations to the network

Global naming services

Upgrade and enhancement options

Vendor stability

OEC organized the criteria into the following four categories and prioritized them. Criteria vital to short-

term and long-term business goals were given a 5. “Wish list” criteria were weighted a 3. Inapplicable

criteria were given a 1.

1. Business criteria: overall business, economic, and competitive issues

2. Operational criteria: tactical issues and operating characteristics

3. Organizational criteria: networks’ impact on the information systems structure

4. Technical criteria: hardware, software, and communications issues

Step 2.

Define the operating environment. Several data-gathering techniques were used to collect information

from which an information systems model was developed. The model revealed the need to share

2.2 Page 12

▲back to top

accounting, sales, marketing, and engineering data at three organizational levels: district, division, and

home office. District offices needed access to centralized financial information to handle payroll. OEC

needed a distributed network that allowed users throughout the organization to access company data.

Step 3.

Identify operating alternatives. Using the criteria from step 1, committee members evaluated each

package and then compared notes during a roundtable discussion.

Step 4.

Test the software. The highest-scoring products were tested, and the product that fit the organization’s

needs the best was selected.

a. Discuss the committee’s role in the selection process.

[5]

An executive level committee to plan and oversee the information systems function.

It consists of high-level management, such as the controller and systems and user-department

management.

The steering committee sets AIS policies; ensures top-management participation, guidance, and

control; and facilitates the coordination and integration of systems activities.

What are the pros and cons of using a committee to make the selection?

[5]

What data-gathering techniques could WEC use to assess user needs and select a supplier?

[5]

- Interviews

- Questionnaires

- Observation

- Systems Documentation

What is the benefit of analysing the operating environment before selecting the software?

[5]

- Helps in Achieving Objectives

- Identification of Threats and opportunities

- Forecasting the Future

Justify whether a purchase decision be made on the point scoring process alone?

[5]

- Evaluating the overall merits of vendor proposals by assigning a weight to each evaluation

criterion based on its importance.

Benchmarking

Performance testing

requirements costing

End of question paper

2.3 Page 13

▲back to top

NAMIBIA UNIVERSITY

OF SCIENCE AND TECHNOLOGY

Faculty of Computing and Informatics

Department of Informatics

QUALIFICATION : POSTGRADUATE CERTIFICATE IN INFORMATICS (INFORMATION SYSTEMS AUDIT)

QUALIFICATION CODE: O8PGCl

LEVEL: 8

COURSE: ACCOUNTING INFORMATION SYSTEMS

COURSE CODE: AIS822S

DATE: JANUARY 2020

PAPER: THEORY

DURATION: 3 Hours

MARKS: 100

SECOND OPPORTUNITY/SUPPLEMENTARY EXAMINATION QUESTION PAPER

EXAMINER(S)

Mr Munyaradzi Maravanyika

MODERATOR:

Ms Valerie Garises

INSTRUCTIONS

Answer ALL the questions.

Write clearly and neatly.

Number the answers clearly.

Do not use additional materials

Cross out any work which should not be marked.

No pencil work allowed except for diagrams where requested.

F7 a

]

THIS QUESTION PAPER CONSISTS OF -PAGES

(Excluding this front page)

2.4 Page 14

▲back to top

Identify any weaknesses in internal controls within the purchase processes of Namib CC. and indicate the

__improvements you would suggest.

——SECTION B: STRUCTURED QUESTIONS

€ Yep. AQ

[40 MARKS]

Question 6

[15 marks]

—m—a—nger suspects that certain. employees are orderin. g merchandis. e for themselves over the Internet

without recording the purchase or receipt of the merchandise. When vendor’s invoices arrive, one of the

employees approves the invoices for payment. After the invoices are paid, the employee destroys the

invoices and related vouchers. The manager has been advised it would be best to begin tracing from the

cash disbursements to trace whether this is actually happening. Do you agree with this advice? Support

your answer.

Question 7

[25 marks]

2 _—Ooozr Ongeja. ma Engi.neerin. g Corp (OEC) operates .in fi* ve SADC countrie. s. OEC faced a crucia. l deciseoison:

choosing network software that would maximize functionality, manageability, and end-user acceptance

of the system. OEC developed and followed a four-step approach:

Step 1.

Develop evaluation criteria. OEC organised a committee that interviewed users and developed the

following evaluation criteria:

- Ease of use

- Scope of vendor support

- Ease of network management and administration

- Cost, speed, and performance

- Ability to access other computing platforms

- Security and control

- Fault tolerance and recovery abilities

- Ability to connect workstations to the network

- Global naming services

- Upgrade and enhancement options

- Vendor stability

OEC organized the criteria into the following four categories and prioritized them. Criteria vital to short-

term and long-term business goals were given a 5. “Wish list” criteria were weighted a 3. Inapplicable

criteria were given a 1.

1. Business criteria: overall business, economic, and competitive issues

2. Operational criteria: tactical issues and operating characteristics

3. Organizational criteria: networks’ impact on the information systems structure

4. Technical criteria: hardware, software, and communications issues

Step 2.

Define the operating environment. Several data-gathering techniques were used to collect information

from which an information systems model was developed. The model revealed the need to share

accounting, sales, marketing, and engineering data at three organizational levels: district, division, and

home office. District offices needed access to centralized financial information to handle payroll. OEC

needed a distributed network that allowed users throughout the organization to access company data.

Step 3.

Identify operating alternatives. Using the criteria from step 1, committee members evaluated each

package and then compared notes during a roundtable discussion.

2.5 Page 15

▲back to top

NAMIBIA UNIVERSITY

OF SCIENCE AND TECHNOLOGY

FACULTY OF COMPUTING AND INFORMATICS

DEPARTMENT OF INFORMATICS

QUALIFICATION : POSTGRADUATE CERTIFICATE IN INFORMATICS (INFORMATION SYSTEMS AUDIT)

QUALIFICATION CODE: O8PGCl

COURSE CODE: AIS822S

| LEVEL: 8

COURSE NAME: ACCOUNTING INFORMATION SYSTEMS

SESSION:

JANUARY 2020

PAPER:

THEORY

DURATION:

3 HOURS

| MARKS:

100

SECOND OPPORTUNITY/SUPPLEMENTARY MEMORANDUM

‘EXAMINER(S)

~ MRMUNYARADZI MARAVANYIKA

MODERATOR:

—

MS VALERIE GARISES

INSTRUCTIONS

Please use the memorandum or sample solutions to guide your marking.

Use the marks allocated as a guide to mark

Reasonable, in depth and innovative correct solutions provided by the

students should be allocated marks even if not provided in the

memorandum.

. Take note of the marks allocated to each question.

PERMISSIBLE MATERIALS

None

THIS QUESTION PAPER CONSISTS OF 8 PAGES (Including this front page)

2.6 Page 16

▲back to top

This technique is often applied to general ledger account numbers.

Question 3

[15 marks]

Discuss the concept of internal computer fraud and how internal computer fraud may be perpetrated

within Namib CC. using input manipulation, program manipulation and output manipulation.

Solution

Input manipulation usually involves altering data that is input into the computer.

- For example, altering payroll timecards to be entered into a computerized payroll system is a type

of input manipulation.

- Other examples of input manipulation would be creating false or fictitious data inputs, entering

data without source documents, or altering payee addresses of vendors or employees.

Program manipulation occurs when a program is altered in some fashion to commit a fraud.

- Examples of program manipulation include the salami technique, Trojan horse programs, and trap

door alterations.

- A fraudster may use the salami technique to alter a program to slice a small amount from several

accounts and then credit those small amounts to the perpetrator’s benefit.

- Forexample, a program that calculates interest earned can be altered to round down to the lower

10-cent amount; that small excess of interest earned can be deposited to the perpetrator’s

account. Although it would take many transactions of this type to be of much benefit, the nature

of interest calculation is such that it occurs frequently on many accounts; therefore, the amount

of the fraud benefit could build quickly.

- A Trojan horse program is a small, unauthorized program within a larger, legitimate program,

used to manipulate the computer system to conduct a fraud.

- For example, the rogue program might cause a certain customer’s account to be written off each

time a batch of sales or customer payments are processed.

- Atrap door alteration is a valid programming tool that is misused to commit fraud.

- As programmers write software applications, they may allow for unusual or unique ways to enter

the program to test small portions, or modules, of the system.

- These entranceways can be thought of as hidden entrances, or trap doors.

- Before the program is placed into regular service, the trap doors should be removed, but a

programmer may leave a trap door in place in order to misuse it to commit fraud.

Computer systems generate many different kinds of output, including checks and reports.

- If a person alters the system’s checks or reports to commit fraud, this is known as output

manipulation.

- This kind of fraud is often successful simply because humans tend to trust the output of a computer

and do not question its validity or accuracy as much as they might if the output were manually

produced

Question 4

[10 marks]

Explain why an enforced code of ethics may have more impact in deterring upper-level management fraud

than the implementation of internal controls.

Solution

- Acode of ethics is a set of documented guidelines for moral and ethical behaviour within the

organization.

- It is management’s responsibility to establish, enforce, and exemplify the principles of ethical

conduct valued in the organization.

- Upper-level managers are above the level of internal controls;

2.7 Page 17

▲back to top

In a POS system, where both inventory and cash are at risk, supervision is particularly important.

Customers have direct access to inventory in the POS system, and the crime of shoplifting is of

great concern to management.

Surveillance cameras and shop floor security personnel can reduce the risk.

These techniques are also used to observe sales clerks handling cash receipts from customers. In

addition, the cash register’s internal tape is a form of supervision.

The tape contains a record of all sales transactions processed at the register. Only the clerk’s

supervisor should have access to the tape, which is used at the end of the shift to balance the cash

drawer.

Access Control

In computerized systems, digital accounting records are vulnerable to unauthorized and

undetected access.

This may take the form of an attempt at fraud, an act of malice by a disgruntled employee, or an

honest accident.

Additional exposures exist in real-time systems, which often maintain accounting records entirely

in digital form.

Without physical source documents for backup, the destruction of computer files can leave a firm

with inadequate accounting records.

To preserve the integrity of accounting records, Sarbanes-Oxley legislation requires organization

management to implement controls that restrict unauthorized access.

Also at risk are the computer programs that make programmed decisions, manipulate accounting

records, and permit access to assets.

In the absence of proper access controls over programs, a firm can suffer devastating losses from

fraud and errors. Thus, current laws require management to implement such controls.

Because POS systems involve cash transactions, the organization must restrict access to cash

assets.

One method is to assign each sales clerk to a separate cash register for an entire shift. When the

clerk leaves the register to take a break, the cash drawer should be locked to prevent unauthorized

access.

This can be accomplished with a physical lock and key or by password.

At the end of the clerk’s shift, he or she should remove the cash drawer and immediately deposit

the funds in the cash room.

When clerks need to share registers, responsibility for asset custody is split among them and

accountability is reduced.

Inventory in the POS system must also be protected from unauthorized access and theft. Both

physical restraints and electronic devices are used to achieve this.

For example, steel cables are often used in clothing stores to secure expensive leather coats to the

clothing rack. Locked showcases are used to display jewelry and costly electronic equipment.

Magnetic tags are attached to merchandise, which will sound an alarm when removed from the

store.

Accounting Records

DIGITAL JOURNALS AND LEDGERS.

Digital journals and master files are the basis for financial reporting and many internal decisions.

Accountants should be skeptical about accepting, on face value, the accuracy of computer-

produced hard-copy printouts of digital records.

The reliability of hard-copy documents for auditing rests directly on the quality of the controls that

protect them from unauthorized manipulation.

The accountant should, therefore, be concerned about the quality of controls over the programs

that update, manipulate, and produce reports from these files.

2.8 Page 18

▲back to top

- Vendor stability

OEC organized the criteria into the following four categories and prioritized them. Criteria vital to short-

term and long-term business goals were given a 5. “Wish list” criteria were weighted a 3. Inapplicable

criteria were given a1.

1. Business criteria: overall business, economic, and competitive issues

2. Operational criteria: tactical issues and operating characteristics

3. Organizational criteria: networks’ impact on the information systems structure

4. Technical criteria: hardware, software, and communications issues

Step 2.

Define the operating environment. Several data-gathering techniques were used to collect information

from which an information systems model was developed. The model revealed the need to share

accounting, sales, marketing, and engineering data at three organizational levels: district, division, and

home office. District offices needed access to centralized financial information to handle payroll. OEC

needed a distributed network that allowed users throughout the organization to access company data.

Step 3.

Identify operating alternatives. Using the criteria from step 1, committee members evaluated each

package and then compared notes during a roundtable discussion.

Step 4.

Test the software. The highest-scoring products were tested, and the product that fit the organization’s

needs the best was selected.

a. Discuss the committee’s role in the selection process.

[5]

An executive level committee to plan and oversee the information systems function.

It consists of high-level management, such as the controller and systems and user-department

management.

The steering committee sets AIS policies; ensures top-management participation, guidance, and

control; and facilitates the coordination and integration of systems activities.

What are the pros and cons of using a committee to make the selection?

[5]

What data-gathering techniques could WEC use to assess user needs and select a supplier?

[5]

- Interviews

- Questionnaires

- Observation

- Systems Documentation

What is the benefit of analysing the operating environment before selecting the software?

[5]

- Helps in Achieving Objectives

- Identification of Threats and opportunities

- Forecasting the Future

Justify whether a purchase decision be made on the point scoring process alone?

[5]

- Evaluating the overall merits of vendor proposals by assigning a weight to each evaluation

criterion based on its importance.

- Benchmarking

- Performance testing