Knowt
Note
Studied by 24 peopleNoteStudied by 6 peopleNoteStudied by 16 peopleNoteStudied by 23 peopleNoteStudied by 13 peopleNoteStudied by 91 people
Untitled Flashcards Set
Chapter 1:
How does accounting help a business and society?
- Accounting measures and communicates the financial outcomes of a company’s decisions, which can be used by management. Positive business decisions ultimately lead to a prosperous society and a healthy economy
What is an information system and what functions does it perform?
- Interrelated components including physical hardware, software, databases, networks, and people who use and maintain the system
- Functions
o Captures raw data (input)
o Processes the data
o Reports information in formats that are useful (output)
Define a business process and list the three basic business processes.
- A group of interrelated business events designed to accomplish the objectives of a business
- 3 types of business processes
o Acquisitions & payments
§ …For resources the business needs
o Conversion
§ … into goods & services that customers can buy (adding value!!)
o Marketing, sales, & collection
§ Finding & keeping customers, selling & delivering goods, collecting payments
Define a business event and list the four types of business events.
- Single business activity that takes place during normal operations of business
- 4 types
o Operating events
§ Day-to-day operations
§ Relate to company’s creation of good/service & selling to customers
o Financing events
§ Help company operate by acquiring incoming cash flows to fund operating events
o Investing events
§ Provide long-term value by purchasing long-term assets that will deliver value in the future
o Information events
§ Exchange of information, never involve the exchange of economic resources
What are the management’s responsibilities for overseeing business processes?
- Planning
o Develop plan to create competitive advantage
o Design business processes for achieving goals
o Identify performance indicators & their benchmarks
o Identify opportunities & assess risk
o Forecast future performance
- Implementing
o Implementing the plan
o Dividing objectives into smaller processes & events
o Assigning employees to activities
o Motivate employees
o Embedding internal controls to prevent & detect errors & fraud
- Monitoring
o Evaluate operating results & financial position
o Assess whether objectives are being attained
- Changing & improving processes
o Changing designs of processes or events so that actual result meets expectations
o Improve design & correcting issues
o Prosecuting operational fraudsters
o Improving internal controls
What are the fundamental characteristics of useful information?
- Relevance
o Predictive value
o Confirmatory value
o Materiality
- Faithful representation
o Complete
o Neutral
o Error free
List some of the data analytics skills needed for new accounting professionals.
- Identify data that can be used
- Recognize data quality issues
- Know how data is stored & how to retrieve it
- Collect, clean, & prepare data
- Utilize software like excel, tableau
- Perform data visualization & report results of analysis
Chapter 2:
Define Risk and provide some examples in a business context.
- The likelihood of an unfavorable event occurring
- Examples: risk of…
o Workplace injuries
o Running out of raw materials
o Theft
o Natural disasters
What is Risk Assessment?
Assessment that identifies, categorizes, prioritizes individual risks in a company
Provide examples of risks in each of the business processes. Identify the business
function and the individual business process for each risk.
- Purchases & payments
o Risk: unauthorized access to employee data
o Business function: human resources
o Individual business process: onboarding a new employee
- Conversion
o Risk: excess inventory
o Business function: production
o Individual business process: manufacturing raw cookie dough
- Marketing, sales, collections
o Risk: customer dissatisfaction
o Business function: customer relations
o Individual business process: face-to-face sales
What is Enterprise Risk Management (ERM) and why is it important?
- Comprehensive process of identifying, categorizing, prioritizing, & responding to a company’s risks
- Helps companies identify, assess, & mitigate potential risks
What is a Risk Statement? Give two examples.
- Statement that summarizes a potential problem that needs to be addressed
- Contains the issue & the possible outcome
- Ex: drivers not receiving road safety training may result in injuries to drivers & others in an accident
Give examples of Internal (Operational, Financial, Reputational) risks.
- Operational --- technology interruption
- Financial --- failed investments
- Reputational --- data breach making the news
Give examples of External (Compliance, Strategic, Physical) risks.
- Compliance --- regulatory fines
- Strategic --- beaten by competitor
- Physical --- natural disasters
Define Likelihood, and Impact in the context of Risk Severity.
- Likelihood: estimated probability of risk occurrence
- Impact: estimation of damage that could be caused if risk occurs
What is a risk matrix and how is it used?
- Diagram that helps paint a picture of risk by helping users visualize variations in risk scores
- Impact on y axis, likelihood on x.
What are the four traditional risk responses?
- Accept, mitigate, transfer, avoid
Distinguish between inherent risk and residual risk.
- Inherent: natural level of risk in a business process or activity if there are no risk responses in place
- Residual: remaining risk posed by a process or activity once a risk response is in place
-
Chapter 3: (Omit COSO ERM Framework)
Define internal control.
- Process that mitigates risk to the company’s financial information.
- Focuses on providing info to internal decision makers & external stakeholders
Distinguish among preventive, detective, and corrective controls. Give an example for each.
- Preventive
o Prevent problems BEFORE they occur
o Ex: firewall
- Detective
o Alert management to an issue DURING or AFTER it has occurred
o Ex: count cash & reconcile w/ sales record
- Corrective
o Change undesirable outcomes AFTER outcome of risk
o Ex: police being called to recover stolen assets
Define segregation of duties. What three types of duties should be separated?
- Type of preventative control that ensures different employees are responsible for separate parts of a business activity
- Duties that should be separated
o Authorizing… business transactions & decisions
o Recording… data about business activities
o Custody… of business assets
Define General Controls. Give examples.
- Controls that apply to the entire operation of the system & its environment
- Ex: antivirus controls, network activity monitoring programs
Define Application Controls. Give examples.
- Control that only apply to a specific application & all business processes & accounts that are linked to it
- Ex: validity check that checks if entered data is formatted correctly
What are Manual Controls? Give examples.
- Control that is executed by people or physical interaction
- Ex: physical inventory counts, supervisor review & sign-off, employee training
What are Automated Controls? Give examples.
- Control that uses technology & requires no human intervention
- Ex: calculations embedded in spreadsheets, continuous monitoring & data analytics
Discuss continuous monitoring and its purpose.
- Data analytics technology used to create detective controls that use rules-based programming to monitor a business’s data for red flags of risk.
What is a maturity model and what purpose does it serve?
- Shows how far along a company is on its journey to reach the ideal state
- Used to judge current performance & create a roadmap for continuous improvement
-
Distinguish between internal and external audits.
- Internal
o Tests internal controls to provide assurance of their effectiveness to executive management & the BoD.
o Independent function of company that reports both to executive management and to the BoD
- External
o Provide additional assurance to company’s shareholders & management regarding effectiveness of risk mitigation
Discuss some of the most significant SOX requirements.
- Financial statements must be signed off by CEO, CFO
- Internal control report should be attached to annual report & certified by auditors
- Formal security policies should be installed
- Limits on what services the external auditors can provide to their clients
What are the Control Objectives of COSO Internal Control framework?
- Financial (reporting), operational, compliance
What are the five components of the COSO Internal Control?
- Control environment
- Risk assessment
- Control activities
- Information & communication
- Monitoring
What are some of the factors that influence control environment?
- Risk appetite, risk management, business maturity, management, SOX regulations
Chapter 4: (Omit the sections on Software Sourcing, What Are the Characteristics of Information Systems for Growing Companies, and Implementing an ERP System)
Discuss the two types of online processing systems (OLTP and OLAP).
- Online transaction processing (OLTP)
o Supports core business functions by handling sales, accounting, purchasing, & more
- Online analytical processing (OLAP)
o Focuses on leveraging data for information
Distinguish between the four levels of information systems.
- Executive support systems
o Used by executive leadership to make strategic decisions
o Provide customized info & have smallest group of users
- Decision support systems
o Used by upper-level management for nonroutine decisions
o Use data, do simulations, perform “what if” analysis, AI.
- Management information systems
o Used by middle management for routine decisions
o Use data to support structured tactical & operational decision making
- Transactional processing systems
o Used by workers to capture data
o Many result in accounting transactions
Distinguish between batch processing and real-time processing. Give examples.
- Bach processing
o Data is collected as it is generated & then is processed at a later scheduled time
o Most suitable for transactions that are not time sensitive
o Ex: payroll
- Real-time processing
o Transaction is processed as it occurs
o best for time-sensitive data
o Ex: Venmo transactions
What are the three types of systems software?
- Database management system (DBMS)
o Used to define, manipulate, retrieve, manage data in a software
o Ex: MySQL, Oracle, Microsoft Access
- Data Communication Software
o Used to provide remote access to exchange data btwn computers & users
o Ex: messaging & email software, file transfer protocol (FTP) client
- Utility programs
o Software used for analyzing, configuring, optimizing, & maintaining a computer
o Ex: network manager, antivirus software, backup software, disk cleaners, file compression software (zip)
What is an application software?
- Application software
o Allows end users to perform specific functions
Discuss the cloud computing service models.
- Software as a service (SaaS)
o Utilizes internet to provide customers w/ application that are managed by third-party providers
o Ex: google drive, microsoft office 365, tableau server
- Platform as a service (PaaS)
o Provides platform for software development that is delivered remotely
o Ex: google app engine, openshift, apache stratos
- Infrastructure as a service (IaaS)
o Provides fully self-service computers, networking, storage & OS thru virtualized environments
o Ex: amazon web services, Microsoft Azure, Rackspace
Discuss some of the technologies used by startups and small businesses.
- Square
o Payment processing
o Businesses pay flat rate for each payment that is processed
- MS Excel
o Data processing
o Can be purchased as locally installed software or thru SaaS subscription w/ Office 365
- MS Access
o Data storage
o Can be purchased as locally installed software or thru SaaS subscription
- QuickBooks
o Accounting
o Can be purchased as locally installed software or thru SaaS subscription
Discuss some of the Control Activity Considerations for Small Businesses.
- Segregation of duties
o Expensive for small businesses w/ few employees
o Should only used where it makes financial sense & implement compensating controls like manager supervision
- Physical access
o Controls prevent unauthorized individuals from accessing physical resources
o Enforcing controls can be difficult as small businesses often use personal devices for work
o Company data should be saved on company’s secure network, not on personal hard drives
- Logical access
o Controls prevent unauthorized individuals from accessing systems on a network
o Require employees to use strong usernames and passwords that are tied to the functions they are allowed to access
What is an ERP system and what are its benefits?
- Solution that offers a single system w/ aggregated parts that meet the needs of each business function
- Integrates multiple systems into a single, cohesive communication system
- Benefits
o Improved data transparency & quality
o Future cost savings
o Increased business efficiency
o Quality improvement
o Automation of routine business processes
NoteStudied by 24 peopleNoteStudied by 6 peopleNoteStudied by 16 peopleNoteStudied by 23 peopleNoteStudied by 13 peopleNoteStudied by 91 people