Nội dung

www.ebook3000.com Accounting Information Systems Eleventh Edition George H. Bodnar William S. Hopwood Florida Atlantic University Boston Columbu Indianapolis New York San Francisco Upper Saddle River Amsterdam Cape Town Dubai London Madrid Milan Munich Paris Montreal Toronto Delhi Mexico City Sao Paulo Sydney Hong Kong Seoul Singapore Taipei Tokyo Editorial Director: Sally Yagan Editor in Chief: Donna Battista AVP/Executive Editor: Stephanie Wall Editorial Project Managers: Christina Rumbaugh, Nicole Sam Editorial Assistants: Jane Avery, Lauren Zanedis Director of Marketing: Maggie Moylan Leen Marketing Assistants: Ian Gold, Kimberly Lovato Project Manager: Renata Butera Operations Specialist: Renata Butera Creative Art Director: Jayne Conte Cover Designer: Anthony Gemmellaro Manager, Rights and Permissions:   Hessa Albader Cover Art: Getty Images, Inc. Full-Service Project Management: Abinaya Rajendran Composition: Integra Software Services, Pvt., Ltd. Printer/Binder: R.R. Donnelley/Willard Cover Printer: Lehigh-Phoenix Color Text Font: 10/12 Times LT Std Roman Credits and acknowledgments borrowed from other sources and reproduced, with permission, in this textbook appear on appropriate page within text. Copyright © 2013 Pearson Education, Inc., publishing as Prentice Hall, One Lake Street, Upper Saddle River, New Jersey 07458. All rights reserved. Manufactured in the United States of America. This publication is protected by Copyright, and permission should be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission(s) to use material from this work, please submit a written request to Pearson Education, Inc., Permissions Department, One Lake Street, Upper Saddle River, New Jersey 07458. Many of the designations by manufacturers and seller to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed in initial caps or all caps. Library of Congress Cataloging-in-Publication Data Bodnar, George H. Accounting information systems/George H. Bodnar, William S. Hopwood.—11th ed. p. cm. ISBN-13: 978-0-13-287193-8 ISBN-10: 0-13-287193-9 1. Accounting—Data processing. 2. Information storage and retrieval systems—Accounting. I. Hopwood, William S. II. Title. HF5679.B59 2013 657.0285—dc23 2011037960 10 9 8 7 6 5 4 3 2 1 ISBN 10: 0-13-287193-9 ISBN 13: 978-0-13-287193-8 www.ebook3000.com Dedication To my wife Donna —George H. Bodnar Dedicated to all the great people I work with in the Florida Atlantic University School of Accounting —William S. Hopwood Contents Preface xvii List of Acronyms Part I xx Introduction to Accounting Information Systems 1 Chapter 1 Accounting Information Systems: An Overview Accounting Information Systems and Business Organizations Information and Decisions 1 Users of Accounting Information 1 Characteristics of Information 2 Information Systems 3 Data Processing 3 Management Information Systems 4 Decision Support Systems 4 Expert Systems 4 Executive Information Systems 4 Accounting Information Systems 4 Accounting Information Systems and Application Architecture 5 Evolution of Applications Architecture 5 Enterprise Resource Planning (ERP) 6 Business Processes 8 Business Process Reference Models 8 The ERP Functional Model 9 The Value Chain Model 9 The Supply Chain Model 10 The Operations Process Model 10 The Transaction Cycle Model 10 Internal Control Process 12 Elements of Internal Control Process 12 Segregation of Accounting Functions 13 Internal Audit Function 14 Accounting and Information Technology 15 The Information System Function 15 Organizational Location 15 Functional Specializations 16 End-User Computing 17 Cloud Computing 17 Quick-Response Technology 19 Lean Manufacturing 20 Just-in-Time 20 Web Commerce 21 Electronic Data Interchange 21 Extensible Business Reporting Language Electronic Payment Systems 22 21 The Accountant and Systems Development 23 iv     The Nature of Systems Development 23 Business Process Blueprinting 24 Behavioral Considerations in Systems Development www.ebook3000.com 25 1 1 Contents    v  Green IT: Designing for Sustainability Energy Usage 25 E-Waste 26 25 Summary 26 • Glossary 26 • Webliography 28 • Chapter Quiz 28 Questions 29 • Discussion Questions and Problems 29 • Web Research Assignments 33 • Answers to Chapter Quiz 34 Chapter 2 • Review Systems Techniques and Documentation 35 Users of Systems Techniques 35 Use of Systems Techniques in Auditing 35 Internal Control Evaluation 35 Compliance Testing 36 Working Papers 36 Use of Systems Techniques in Systems Development 36 Systems Analysis 36 Systems Design 36 Systems Implementation 37 Use of Systems Techniques by Sarbanes–Oxley Act Compliance Participants 37 Systems Techniques 38 Flowcharting Symbols 38 Symbol Use in Flowcharting 41 IPO and HIPO Charts 42 Systems and Program Flowcharts 43 Logical Data Flow Diagrams 43 Logical Data Flow Diagrams and Structured Analysis 44 Analytic, Document, and Forms Distribution Flowcharts Analytic Flowcharting Illustration 48 Planning the Flowchart 48 Symbol Selection 48 System Analysis 48 Drawing the Flowchart 49 Sandwich Rule 50 Using the Connector Symbol 50 Entity-Column Relations 50 Unified Modeling Language™ (UML®) 52 Business Process Diagrams 54 Narrative Techniques 60 Resource Utilization Analysis 60 Work Measurement 61 Work Distribution Analysis 62 Decision Analysis Techniques 62 Branching and Decision Tables 62 Matrix Methods 64 Software for Systems Techniques 64 Microsoft Office® Applications 65 Computer-Aided Software Engineering UML Modeling Tools 65 BPMN Modeling Tools 65 46 65 Summary 65 • Glossary 67 • Webliography 67 • Chapter Quiz 68 • Review Problem 68 • Review Questions 69 • Discussion Questions and Problems 69 • Web Research Assignments 79 • Answers to Chapter Quiz 79 vi    Contents Chapter 3 eBusiness and eCommerce 80 Introduction: Electronic Business and Electronic Commerce 80 The Internet 80 Client and Servers 81 Types of Servers 81 eBusiness and Enterprise Architecture 83 The Business Architecture 84 The Data Architecture 85 Databases 85 The Corporate Information Factory 86 The Applications Architecture 87 ERP and EAS Architectures 88 Service-Oriented Architecture 88 Benefits of SOA 89 Middleware 89 The Technical Architecture 90 Enterprise Architecture Frameworks 91 Business Process Frameworks and Reference Models Value Chain Frameworks 91 Supply Chain Frameworks 92 eBusiness Architectures 92 91 Electronic Commerce Technologies 93 Electronic Payment Systems 93 Digital Cash 93 Virtual Cash 93 Virtual Cash in Electronic Cards 93 The Internet Store 94 Trust in eCommerce: Privacy, Business Practices, and Transaction Integrity 95 Summary 96 • Glossary 96 • Webliography 98 • Chapter Quiz 98 Questions 99 • Discussion Questions and Problems 99 • Web Research Assignments 102 • Answers to Chapter Quiz 102 • Review Chapter 4 Transaction Processing and the Internal Control Process 103 The Necessity for Controls 103 Enterprise Risk Management 103 Controls and Exposures 104 Common Exposures 104 Excessive Costs 104 Deficient Revenues 105 Loss of Assets 105 Inaccurate Accounting 105 Business Interruption 105 Statutory Sanctions 105 Competitive Disadvantage 105 Fraud and Embezzlement 105 Fraud and White-Collar Crime 105 Forensic Accounting 107 Seriousness of Fraud 107 Control Objectives and Transaction Cycles 107 Components of the Internal Control Process 108 External Influences Concerning an Entity and Internal Control 109 The Sarbanes–Oxley Act 110 Compliance with Sox Section 404 111 www.ebook3000.com Contents    vii  The Impact of the Business Environment on Internal Control 113 Control Environment 113 Integrity and Ethical Values 113 Commitment to Competence 115 Management Philosophy and Operating Style 115 Organizational Structure 116 Functions of the Board of Directors and Its Committees 116 Manner of Assigning Authority and Responsibility 117 Human Resource Policies and Practices 118 Risk Assessment 119 Control Activities 119 Segregation of Duties 119 Adequate Documents and Records 120 Restricted Access to Assets 120 Independent Accountability Checks and Reviews of Performance 121 Information Processing Controls 121 Information and Communication 122 Documentation of the Accounting System 122 Double-Entry System of Accounting 122 Communication 123 Monitoring 123 A Model for Monitoring 124 Transaction Processing Controls 124 General Controls 124 The Plan of Data Processing Organization and Operation 125 General Operating Procedures 125 Equipment Control Features 126 Equipment and Data-Access Controls 126 Application Controls 126 Input Controls 126 Processing Controls 128 Output Controls 129 Preventative, Detective, and Corrective Controls 130 Communicating the Objectives of Internal Control 130 Goals and Behavior Patterns 131 Analysis of Internal Control Processes 133 Analytic Techniques 133 Internal Control and Compliance in Small Business and Small Public Companies 135 Illustration of an Internal Control Analysis 137 Summary 138 • Glossary 138 • Webliography 140 • Chapter Quiz 141 Review Problem 141 • Solution to Review Problem 142 • Review Questions 142 • Discussion Questions and Problems 142 • Web Research Assignments 149 • Answers to Chapter Quiz 149 Chapter 5 Fraud Examination and Fraud Management The Fraud Management Process 150 Fraud Prevention 151 Fraud Detection 151 Optimal Fraud Detection Systems 153 Fraud Investigation Process 153 The Fraud Engagement Process 154 The Evidence Collection Process 156 Physical, Document, and Observation Evidence 158 150 • viii    Contents The Fraud Report 163 Loss Recovery and Litigation Expert Testimony 164 163 Fraud Schemes 165 Financial Statement Fraud 165 Who Commits Financial Statement Fraud and Why How to Prevent Financial Statement Fraud 167 Employee Fraud 167 Revenue Cycle Fraud 168 Expenditure Cycle Fraud 169 Production Cycle Fraud 171 Vendor Fraud 171 166 Computer Forensics 171 Evidence Gathering with Computers 172 Preliminary Steps 172 Collecting Computer-Related Evidence 172 Pull the Plug 173 Don’t Pull the Plug 173 Device Processing 174 Content Investigation 174 Deleted or Corrupted Data Recovery 174 Location Analysis 174 Password Cracking 176 Surreptitious User Monitoring and Reporting 176 Summary 177 • Glossary 178 • Webliography 178 • Chapter Quiz 179 • Review Problem 179 • Solution to Review Problem 179 • Review Questions 180 Discussion Questions and Problems 180 • Web Research Assignments 186 • Answers to Chapter Quiz 186 Chapter 6 Information Security 187 An Overview of Information Security 187 The Information Security Management System Life Cycle 188 International Standards for Information Security 188 The Information Security System in the Organization 189 Analyzing Vulnerabilities and Threats 189 Vulnerabilities and Threats 190 The Seriousness of Information Systems Fraud 190 Individuals Posing a Threat to the Information System 191 Computer and Information Systems Personnel 191 Users 192 Intruders and Hackers 192 Methods of Attack by Information Systems Personnel and Users 198 Input Manipulation 198 Program Alteration 199 Direct File Alteration 199 Data Theft 199 Sabotage 200 Misappropriation or Theft of Information Resources 200 The Information Security Management System 201 The Control Environment 201 Management Philosophy and Operating Style Organizational Structure 201 www.ebook3000.com 201 • Contents    ix  Board of Directors and Its Committees 201 Methods of Assigning Authority and Responsibility 202 Management Control Activities 202 Internal Audit Function 202 Personnel Policies and Practices 202 External Influences 203 Controls for Active Threats 203 Site-Access Controls 203 System-Access Controls 205 File-Access Controls 206 Controls for Passive Threats 207 Fault-Tolerant Systems 207 Correcting Faults: File Backups 207 Internet Security—Special System and Configuration Considerations 208 Operating System Vulnerabilities 208 Web Server Vulnerabilities 209 Private Network Vulnerabilities 209 Vulnerabilities from Various Server and Communications Programs 209 Cloud Computing 210 Grid Computing 210 General Security Procedures 211 Disaster Risk Management 211 Preventing Disasters 211 Contingency Planning for Disasters 211 Assess the Company’s Critical Needs 212 List Priorities for Recovery 212 Recovery Strategies and Procedures 212 Compliance Standards 213 Information Security Standards 213 Business Continuity Planning and Disaster Recovery Standards 214 Summary 215 • Glossary 215 • Webliography 217 • Chapter Quiz 217 • Review Problem 218 • Solution to Review Problem 218 • Review Questions 218 Discussion Questions and Problems 219 • Web Research Assignments 226 • Answers to Chapter Quiz 226 Part II Business Processes Chapter 7 227 Electronic Data Processing Systems 227 The Input System 227 Manual Input Systems 227 Preparation and Completion of the Source Document 227 Transfer of Source Documents to Data Processing 227 Electronic Input Systems 232 The Processing System 233 Types of Files 233 Generic File Processing Operations 234 Batch-Processing Systems 234 Batch Processing with Sequential File Updating 235 Batch Processing with Random-Access File Updating 241 Illustration of Batch Processing with Random-Access File Updating 242 Real-Time Processing Systems 244 •