Your All-in-One AI-Powered Toolkit for Academic Success.

+13062052269

info@desklib.com

Available 24*7 on WhatsApp / Email

Company

Tools

Support

Accounting Information System and Control

Verified

Added on 2023/05/28

AI Summary

This article discusses the auditing procedures required for detecting fraud, the advantages and disadvantages of various authentication systems, system analysis and design problems, and steps that should be taken for improving system performance and user acceptance.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: ACCOUNTING INFORMATION SYSTEM AND CONTROL
Accounting information system and control
Name of the student
Name of the university
Student ID
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1ACCOUNTING INFORMATION SYSTEM AND CONTROL
Table of Contents
Answer 1.....................................................................................................................................2
a. List of the fraud symptoms..............................................................................................2
b. Audit procedures required to be followed.......................................................................2
Answer 2.....................................................................................................................................3
a. Types of authentication....................................................................................................3
b. Advantages and disadvantages of various authentication systems..................................4
Answer 3.....................................................................................................................................6
a. System analysis and design problems..............................................................................6
b. Steps that should be taken for improving system performance and the user acceptance 6
References...................................................................................................................................8

2ACCOUNTING INFORMATION SYSTEM AND CONTROL
Answer 1
Auditors are required to enter expanded arena of the procedures for detecting fraud.
Auditors are required to gather information for identifying risks associated with material
misstatement owing to fraud and assess the risks after analysing the company’s controls and
programmes. Further, the auditors are required to overcome the natural tendencies like
overreliance on the representation made by the client and approach the audit procedures with
questioning mind and sceptical attitude (Donelson, McInnis and Mergenthaler 2016). In the
given case, it is determined that management of the company Heavy Earth-Moving Vehicles
Resales do not comply with the policy made by its Head office that requires that the sealed
bids shall be used for selling obsolete vehicles. Though the management assured that
negotiating with the knowledgeable buyers led to better sales price, in most of the cases it is
found that the vehicles were sold to the employees at significantly low value as compared to
the market (Louwers et al. 2015).
a. List of the fraud symptoms
 The company was not following established policy that required using sealed bids
systems for selling obsolete vehicles. Under the sealed bids system bids are not
disclosed to the competitors. Under this system, the sales are more transparent as
compared to open sales.
 Vigorous justification provided by the management regarding un-following the
established policy. The management must adhere to the established policies by the
company. Where any violation takes place the management shall provide valid proof
of the reasons why it is being violated (Brazel and Schmidt 2018)
 Repairing the vehicles before selling the assets as salvage
b. Audit procedures required to be followed
 The auditor shall have reviewed all the documentation related to sales that will help in
identifying the purchaser of the vehicles and at what prices. It will further help in
comparing buyers with the list of the company employees.
 Sales register and associated documents should have been checked for determining
that the company received the fair values from the sales of vehicles. Comparisons can
be done with the help of comparing the ‘blue book’ with the sales price and sales
proceeds received from sealed bids. Further, actual values of the vehicles and their

3ACCOUNTING INFORMATION SYSTEM AND CONTROL
appraised values shall be checked (Public Company Accounting Oversight Board
(PCAOB) 2016).
 Reviewing the maintenance records for the salvaged vehicles and must look for the
recent changes that may indicate that the vehicles are repaired before they were sold.
 Asks the management to provide valid proof for not adhering to the established policy.
As the management told that they got better prices through selling to the
knowledgeable buyers, proof shall be there that shows the comparison of prices
through sealed bids and to knowledgeable buyers (DeZoort and Harrison 2018).
Answer 2
a. Types of authentication
Three factor authentications (3FA) is use of the identity that confirms the credentials
from 3 different categories for authentication factors including inherence, possession and
knowledge. Authentication is the 1st step while accessing control and 3 common factors those
are used for authentication are – (i) something that is known by the person accessing control
like password (ii) something that the person accessing control has like smart card and (iii)
something the person accessing control is like biometric method or fingerprint. Identification
takes place while the user acknowledges the identity like providing username and
authentication takes place while the user proves the identity (Singh, Agrawal and Khan 2018).
Users are authenticated upon providing both username as well as the password. After that the
rights, privileges and permissions are granted to the users on the basis of the proven identity.
Multifactor authentication provides security as the attackers is unlikely to steal or fake 3
elements included under 3FA as these are more secure for logging in. However, the 3 factor
authentication is generally used in government and business agencies requiring higher
security degree.
 Something that is known by the person accessing control – Knowledge factor is most
common factor that includes pin (personal identification number) or passwords.
However, this method is the easiest one to beat. While using the passwords it is crucial
to use the strong one. Strong password generally is the mixture of lower case, upper
case, special characters and numbers (Kiran, Mohapatra and Swamy 2015).
 Something that the person accessing control has – possession is referred to the items
like hand-held tokens or smart card. Smart card comes in the size of credit card that

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4ACCOUNTING INFORMATION SYSTEM AND CONTROL
has embedded certificate that can be used for identifying the holder. Card can be
inserted by the user into the reader for authentication of the individual.
 Something the person accessing control is – It is also called as inherence factors.
Whereas the biometric system provides “Something you are” factor, some of the
biometric systems use fingerprints, iris or retinal scans, hand geometry, voice analysis
and handwriting for authentication. Handprints and fingerprints are most commonly
used methods among all (Yin et al. 2016).
b. Advantages and disadvantages of various authentication systems
“Something you know” –
Advantages –
 It is easy to use as the operating system provides the user with the user accounts and
the password, no additional configuration is required.
 Application is universal as no special hardware is required for applying password
 It is recoverable as the user can cancel and create new credentials if required.
Disadvantages –
 Security is completely based on the password strength and confidentiality
 It does not offer strong check for identity and based on the password only.
 Likelihood is there that the user may forget the password and keep on guessing
 It is not verifiable who is actually providing credentials
 Compromise may not be noticed immediately (Song et al. 2016).
“Something you have” –
Advantages –
 This is more secure as compared to those using the encryption technology
 It is adaptable as the smart card reader can be plugged into the machines through USB
supported machine that can be operated seamlessly with the inventory and sales
software. It also allows easier tracking of time for the customer purchases. Further, the
card can be linked with the customer database for carrying out research on the
customer’s purchase and figuring out which items are in demand.
 It is easy to use as the operating system provides the user with the user accounts and
the password, no additional configuration is required (Kuballa et al. 2016).

5ACCOUNTING INFORMATION SYSTEM AND CONTROL
 It is recoverable as the user can cancel and new credentials can be re-issued, if
required.
 If the card is stolen or lost that can be noticed quickly.
Disadvantages –
 It may require the special hardware for reading the card. For instance, if the card is not
USB token then card reader will be required for reading the card.
 It is not verifiable who is actually providing credentials
 As the card stores large amount of the sensitive information, if it is lost or stolen
security issues will be there
 Cost involvement is high as the smart card readers are somewhat costly.
“Something you are” –
Advantages –
 It provides strong proof regarding who is providing the credentials
 This type of authentication is almost impossible to copy or mimic
 Medium used for this type of authentication cannot be forgotten, stolen or lost
Disadvantages –
 Cost involvement is high as the smart card readers are somewhat costly
 Requires special hardware and hence are not applicable universally
 It may create threat to the privacy. For example, scan of retina may reveal the
conditions of health
 It is user resistance. For instance, some persons may object in using the fingerprints or
particular cultural group may decline to face recognition (Gage et al. 2016).
 It may lead to false rejection owing to change in the biometric character. For instance,
fingerprint may not be matched if there is a cut in the finger or voice may not be
recognised if the person has cold.
 If biometric template is anyway compromised, it will not be possible to reissue it. For
instance, a person cannot be assigned new voice or fingerprint.

6ACCOUNTING INFORMATION SYSTEM AND CONTROL
Answer 3
As per the given case study the security officers at local government offices file out
the paper forms for processing the reports regarding the range of security violations.
However, they have no experience or very little experience regarding the usage of computers.
Local governments decided to implement the relational database systems which is capable of
processing large amount of the data for giving the officers required information for
identifying targeted perpetrators of the violations (Arasu et al. 2016).
a. System analysis and design problems
 The officers were not properly trained on new system to their satisfaction level.
Further, they were not comfortable in using the system as they did not understand the
way to use the system. Training is required for any kind of new system
implementation as it involves various changes like business process, job
responsibilities and utilization of technological devices. In absence of proper training
the project may get delays, lower the effectiveness of the system, increase the manual
process, increase the project costs and loss of the ability for maintaining the software
(Hughes 2015).
 Approval from the supervisors was complicated and it involved multiple screens.
Time consumption in approval system will lead to delay of the sequential jobs and
delays in the project accomplishment. Apparently, officers were not satisfied as they
were not getting what they were asking from the new system. For instance, they
required to open multiple screens while going through the approval process.
b. Steps that should be taken for improving system performance and the user
acceptance
 If before implementing the system the department involved the officers in the early
planning, design and analysis stage it could have helped the system analysts to identify
their preferences, designing new system and providing constructive feedback
regarding the new system (Colombo and Ferrari 2014).
 The department shall increase competence of information system group. As they had a
good team but lacked in training aspects for managing the project to its magnitude,
proper training shall be provided to the officers so that they can be well versed with
the new system. Further the people with correct experience and skills can be recruited
for using the systems successfully (Elmasri and Navathe 2016).

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

7ACCOUNTING INFORMATION SYSTEM AND CONTROL
 Training for all the professional starting from the entry level developers to the senior
managers shall be provided.
 The system shall be sent to field for at least 6 weeks for documenting the user’s
problems and issues.
 Instituted design sessions for joint application with the teams including users,
technical staffs and management shall be conducted
 Existing officers shall be used for providing training in the same field that will made
huge difference to the new employees (Krishnamurthy et al. 2014)
 Approval system shall be simple so that officers can get the approval in less time
interval in case the approval is required in urgent basis.

8ACCOUNTING INFORMATION SYSTEM AND CONTROL
References
Arasu, A., Babcock, B., Babu, S., Cieslewicz, J., Datar, M., Ito, K., Motwani, R., Srivastava,
U. and Widom, J., 2016. Stream: The stanford data stream management system. In Data
Stream Management (pp. 317-336). Springer, Berlin, Heidelberg.
Brazel, J.F. and Schmidt, J.J., 2018. Do Auditors and Audit Committees Lower Fraud Risk by
Constraining Inconsistencies between Financial and Nonfinancial Measures?. Auditing: A
Journal of Practice and Theory.
Colombo, P. and Ferrari, E., 2014. Enforcement of purpose based access control within
relational database management systems. IEEE Transactions on Knowledge and Data
Engineering, 26(11), pp.2703-2716.
DeZoort, F.T. and Harrison, P.D., 2018. Understanding auditors’ sense of responsibility for
detecting fraud within organizations. Journal of Business Ethics, 149(4), pp.857-874.
Donelson, D.C., McInnis, J. and Mergenthaler, R.D., 2016. The effect of governance reforms
on financial reporting fraud. Journal of Law, Finance, and Accounting, 1(2), pp.235-274.
Elmasri, R. and Navathe, S., 2016. Fundamentals of database systems. London: Pearson.
Gage, J., Slak, A. and Ting, D.M., Imprivata Inc, 2016. Device-agnostic user authentication.
U.S. Patent 9,246,902.
Hughes, B., Oracle International Corp, 2015. Temporal relational database management
system. U.S. Patent 9,015,107.
Kiran, S., Mohapatra, A. and Swamy, R., 2015, August. Experiences in performance testing
of web applications with Unified Authentication platform using Jmeter. In Technology
Management and Emerging Technologies (ISTMET), 2015 International Symposium on (pp.
74-78). IEEE.
Krishnamurthy, S., Thombre, N., Conway, N., Li, W.H. and Hoyer, M., Cisco Technology
Inc, 2014. Addition and processing of continuous SQL queries in a streaming relational
database management system. U.S. Patent 8,812,487.

9ACCOUNTING INFORMATION SYSTEM AND CONTROL
Kuballa, T., Brunner, T.S., Thongpanchang, T., Walch, S.G. and Lachenmeier, D.W., 2018.
Application of NMR for authentication of honey, beer and spices. Current Opinion in Food
Science, 19, pp.57-62.
Louwers, T.J., Ramsay, R.J., Sinason, D.H., Strawser, J.R. and Thibodeau, J.C.,
2015. Auditing & assurance services. McGraw-Hill Education.
Public Company Accounting Oversight Board (PCAOB), 2016. Consideration of Fraud in a
Financial Statement Audit. AS 2401.
Singh, N., Agrawal, A. and Khan, R.A., 2018. Voice Biometric: A Technology for Voice
Based Authentication. Adv. Sci, 10, pp.1-6.
Song, C., Wang, A., Ren, K. and Xu, W., 2016, April. Eyeveri: A secure and usable approach
for smartphone user authentication. In Computer Communications, IEEE INFOCOM 2016-
The 35th Annual IEEE International Conference on (pp. 1-9). IEEE.
Yin, D.B.M., Kamal, M.I., Azmanuddin, N.S., Ali, S.H.S., Othman, A.T. and Wan-Chik,
R.Z., 2016, January. Electronic Door Access Control using MyAccess Two-Factor
Authentication Scheme featuring Near-Field Communication and Eigenface-based Face
Recognition using Principal Component Analysis. In IMCOM (pp. 1-1).

1 out of 10

+13062052269

info@desklib.com

Accounting Information System and Control

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Secure Best Marks with AI Grader

Related Documents

Auditing and Assurance Services - Assignment

Auditing and Assurance Service

Financial Statements of Organization

Discussion and meeting with the Board

Auditors' Report on Financial Statements

Audit Assignment: Key Assertions, Substantive Audit Procedures, and Key Audit Matters