Strategic Information Systems for Business and Enterprise Assignment

Verified

Added on 2023/01/10

AI Summary

This assignment explores various aspects of Strategic Information Systems (SIS) within a business and enterprise context. It begins by identifying and analyzing the risks inherent in the conversion cycle of a manufacturing company, Central Production Limited, and proposes internal control measures to mitigate these risks. The assignment then discusses internal control weaknesses and associated risks within a financial reporting system, emphasizing the importance of data security, technical and operational controls, and authorization procedures. Further, the assignment depicts the association and cardinality for car sales using the REA (Resource-Event-Agent) model. It also examines the role of an auditor, including the use of data warehouses and computer-based auditing. Finally, it presents a scenario where the CIO and MD have differing viewpoints on system analysis, and the student provides their perspective, along with the rationale for adopting computer-based auditing methods in this context. This assignment provides a thorough exploration of SIS concepts and their practical application in business settings.

STRATEGIC INFORMATION SYSTEMS FOR BUSINESS AND
ENTERPRISE

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Q1. Identify the risks exist in the conversion cycle of Central Production Limited.
The term conversion cycle refers to the time required for the completion of a manufacturing
organization starting from the need for a stock of raw materials up to the collection of a finished
product. Nowadays, there are different types of transformation cycles such as the cash
conversion cycle, the inventory exchange cycle and so on, which the company uses to achieve
efficiency and performance level. It is also useful in identifying risks that are harmful to society
and that help implement operational control measures to reduce the bad luck caused by these
risks. In the given scenario of the creation of a limited vehicle, since the physical development of
the stocks is distributed among various departments and agents, it is essential to have significant
internal control measures.
The following are some of the risks that exist in the conversion cycle:-
1) Authorization of transactions: There is a risk of entering an exchange more than once due to
unclear subscription. To mitigate this, all producers should follow the accumulated rules for
different exchanges, such as following a list of fixed values, to ensure the least amount of error.
Likewise, a pair of designated employees should rely on the important companies identified by
their areas of expertise as the creator of this position, who is responsible for the bill of products
on- line and course charts updated to reflect the human error.
In addition, there are some exchanges that require clear approval and unambiguous observation
and should be managed in this way by an experienced supervisor.
2) Segregation of Duties (SOD): It is a basic structural square of the risk of support for operators
and controls within a company. The SOD rule is based on the shared functionality of a key
approach that spreads the basic elements of that approach to multiple people or departments.
Without this distinction in the main procedures, the risks of extortion and error are much more
realistic. Each company has a unique ability to grasp. Risks for effective efforts have particular
"bias loops", risks of misfortune caused by hatred or error, show risks and legal risks in some
random companies.

Q2. Discuss the internal control weaknesses and risks associated with the above process.
Financial reporting system: a diagram of the financial details framework (FRS) of the
association's budgetary activity. The data on the society's cash position is also released by the
FRS.
Customers out there want financial information that FRS will bring in. This is because the data
reflects the entirety of society's presentation.
The weakness of control is a disappointment regarding the performance or operational feasibility
of internal controls. Infectious entertainment can use a lack of internal control to circumvent
even the most sincere security efforts. The wide range of internal controls, the new innovations
are incredible, and the level at which malware advances must keep an eye on information
security checks. Authorization checking usually allows associations to test the operational
feasibility of their internal controls and find flaws in their performance - before terrorists can
abuse them.
The internal weaknesses and risks associated with the above process have been discussed below:
 The above process is unable to maintain data security controls to keep file safe and make
backup of the same.
 Another loop hole in the process is technical control weakness which sometimes can
result in configuration failures and loss of important information’s from the system.
 Operational control weakness has also been seen in the process due to which failure can
be seen while establishing standards and policies.
 Administrators and owners do not see the need to make complex agreements and
procedures or even basic flowcharts that reflect key business formats, given that some
independent companies have some ways to gives the impression that they are simple. Be
that as it may, it is probably one of the most underused control devices where the greatest
value can be brought in with a little effort.

 Purchases should be authorized before assigning the activities. Depending on the size of
the business, power levels can be informed to better eliminate the risk of inconvenient
costs.
 It does not take much time to check earnings on a monthly basis, use reports, inventory
reports, actual versus actual amounts and difference reports. Using an additional hands-
on approach gives the owner a valuable contribution to how the company is doing and
where potentially problematic departments or horror show areas might be located.
Checking cash registers is a key component and contributes to better dynamics.
Q3. Depict the association and cardinality for the sales of cars at Elegant Limited based on
REA model.
The REA model represents the Resource-Event-Agent model. It is a procedure to intellectualize
financial exercises, for example, deals and bookkeeping exchanges. The model is an ISO
standard that guarantees quality and unwavering quality. The REA model can be comprehended
in the most ideal manner by understanding its three-factor "R", "E", and "A".
R-Resource: Resources are supposed to be items or occasions that are under the purview of a
financial operator. Financial assets incorporate things like products, administrations, rights,
commitments, claims. So in this, we can say that the asset is the turn old style vehicles which are
being sold by Elegant constrained.
E-Event: DIO (Days of Inventory Outstanding): The normal number of days expected to clear
the stock.
A- Agents: Elegamt limited, customers and suppliers
Q4.
However an auditor allowed to do auditing work in accordance with his terms and manner as
well as there should be generally no pressure for this on him, but herein that case, if auditor
may work independently to grab data through data warehouse, after which that it's more
advantageous for him, this also reveals the trust that the corporation has in auditor as the access

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

to their data warehouse is provided. Therefore, there must be no auditing-end concerns to accept
such terms of reference. The auditing agreement will be approved only after auditor is able to
fulfil his positions. An auditor must be unbiased and no burden should be placed upon him.
In the nature of data warehouse, massive information collection, which is utilized to
gather within same organization from either number of sources. Here, DTC is also used like an
analytics tool (OLAP structures), since data structure could be based on a transition. Ending
things or evaluation is also presently simpler for companies and determining best information
mostly with total data through one location.
Creating a full warehouse: Furthermore, it is impossible that any auditor will obtain information
at same location would appear to be greatest versatility to include specific server for database.
Major benefits of the data storage are laid out below:
Saving time: In corporation's convenience of retrieving data from multiple sources at data centre,
which means no time is wasted to get information through other channels.
Better trust: Mostly information or data is automatically transmitted to data centre in orderly
system, instead of being substituted by human intervention, because one would be more assured
that information is good and tidy, full and precise.
Growing knowledge: Warehouse models information in data, and thus can be evaluated easily.
Increasing quality: If an organization role is incorporated, it will be much simpler to handle
individuals who enter the results. Data warehouse provides maximum versatile storage, enabling
users to open and release all systems.
Following is its particular approach to creation of data centre that you'll require to establish in 3
phases core architecture:
 The store algorithm,
 Technology and Feature
 HR

Q5a. The CIO and MD have different views on how the system analysis should be
performed. Comment on whose position you sympathies with the most.
I sympathies with CIO according to whom analysis is to first examine the old system rather than
MD’s suggestion to directly modifying the old system. The reason behind this is Systematic
analysis is guided to consider a structure or its components to identify its objectives. It is a
critical thinking approach that develops the framework and ensures that all sections of the
framework will work effectively to meet motivation. A powerful system development lifecycle
(SDLC) should produce a broad framework that meets user expectations, culminating in time and
cost assessments and functions in a sustainable and productive way in the current and organized
foundation for information technology.
Hence, analysis of older system by the employees who is well versed with it could be better
option; than directly modifying it without knowing the reason where it gone wrong. But at the
same time MD’s suggestion for considering list of requirements of the company according to set
goals and objectives is also appreciable; as it will explore more alternatives to make amendment
in old system in such a way that it would fulfill the needs of company.
Q5b.
Here in given case, auditor should adopt computer-based auditing to do system analysis as in
illustrious company they are adopting new system based on their own requirements so there are
chances of risk. Computer-based auditing defines the different measures undertaken by
auditing personnel to analyze company hardware and software components to assess the
efficiency of procedures that are difficult for naturally human eyes after seeing, and to check the
operational efficacy of relevant computer controls, such as access control. Computer auditing
refers to common in practice nowadays because most corporations / enterprises make utilization
of computer-controlled information systems as well as these in switch have important controls
embedded in them. Ignoring those computer controls would then result in audit team not having
the necessary insight into effectiveness and rationality of internal control of client. And does not
disclose as per applicable laws and legislation regulating auditing as practice.