chapter 3 ethics, fraud, and internal control accounting information systems, 5 th edition james a....
TRANSCRIPT
![Page 1: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/1.jpg)
Chapter 3Ethics, Fraud, and Internal
Control
Accounting Information Systems, 5th edition
James A. Hall
COPYRIGHT © 2007 Thomson South-Western, a part of The Thomson Corporation. Thomson, the Star logo,
and South-Western are trademarks used herein under license
![Page 2: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/2.jpg)
5: Control Activities
• Policies and procedures to ensure that the appropriate actions are taken in response to identified risks
• Fall into two distinct categories:– IT controls—relate specifically to the
computer environment– Physical controls—primarily pertain to human
activities
![Page 3: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/3.jpg)
Two Types of IT Controls
• General controls—pertain to the entitywide computer environment– Examples: controls over the data center,
organization databases, systems development, and program maintenance
• Application controls—ensure the integrity of specific systems – Examples: controls over sales order
processing, accounts payable, and payroll applications
![Page 4: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/4.jpg)
Six Types of Physical Controls
• Transaction Authorization
• Segregation of Duties
• Supervision
• Accounting Records
• Access Control
• Independent Verification
![Page 5: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/5.jpg)
Physical Controls
Transaction Authorization• used to ensure that employees are
carrying out only authorized transactions
• general (everyday procedures) or specific (non-routine transactions) authorizations
![Page 6: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/6.jpg)
Segregation of Duties• In manual systems, separation between:
– authorizing and processing a transaction– custody and recordkeeping of the asset– subtasks
• In computerized systems, separation between:– program coding– program processing– program maintenance
Physical Controls
![Page 7: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/7.jpg)
Physical ControlsSupervision• a compensation for lack of segregation;
some may be built into computer systems
Accounting Records• provide an audit trail
![Page 8: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/8.jpg)
Access Controls• help to safeguard assets by restricting
physical access to them
Independent Verification• reviewing batch totals or reconciling
subsidiary accounts with control accounts
Physical Controls
![Page 9: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/9.jpg)
Authorization
Authorization
Authorization
Processing
Custody Recording
Task 1 Task 2 Task 2Task 1
Nested Control Objectives for Nested Control Objectives for TransactionsTransactions
ControlObjective 1
ControlObjective 2
Control Objective 3
Custody Recording
![Page 10: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/10.jpg)
Physical Controls in IT Contexts
Transaction Authorization• The rules are often embedded within
computer programs.– EDI/JIT: automated re-ordering of
inventory without human intervention
![Page 11: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/11.jpg)
Segregation of Duties
• A computer program may perform many tasks that are deemed incompatible.
• Thus the crucial need to separate program development, program operations, and program maintenance.
Physical Controls in IT Contexts
![Page 12: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/12.jpg)
Supervision
• The ability to assess competent employees becomes more challenging due to the greater technical knowledge required.
Physical Controls in IT Contexts
![Page 13: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/13.jpg)
Accounting Records
• ledger accounts and sometimes source documents are kept magnetically– no audit trail is readily apparent
Physical Controls in IT Contexts
![Page 14: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/14.jpg)
Access Control • Data consolidation exposes the organization
to computer fraud and excessive losses from disaster.
Physical Controls in IT Contexts
![Page 15: Chapter 3 Ethics, Fraud, and Internal Control Accounting Information Systems, 5 th edition James A. Hall COPYRIGHT © 2007 Thomson South-Western, a part](https://reader034.vdocuments.us/reader034/viewer/2022042500/56649ce55503460f949b2adc/html5/thumbnails/15.jpg)
Independent Verification
• When tasks are performed by the computer rather than manually, the need for an independent check is not necessary.
• However, the programs themselves are checked.
Physical Controls in IT Contexts