Accounting Information Systems, Fifteenth Edition
By Marshall B. Romney, Paul John Steinbart, Scott L. Summers and David A. Wood
Contents:
Preface 19
PART I Conceptual Foundations of Accounting Information Systems 27
CHAPTER 1 Accounting Information Systems: An Overview 28
Introduction 29
Information Needs and Business Processes 31
Information Needs 32
Business Processes 33
Accounting Information Systems 36
How an AIS Can Add Value to an Organization 37
An AIS Can Use Artificial Intelligence and Data Analytics
to Improve Decision Making 38
The AIS and Blockchain 40
Cloud Computing, Virtualization, and the Internet of Things 44
The AIS and Corporate Strategy 44
The Role of the AIS in the Value Chain 45
Summary and Case Conclusion 46 ■ Key Terms 47
AIS IN ACTION: Chapter Quiz 47 ■ Discussion Questions 48 ■ Problems 49 ■
AIS IN ACTION SOLUTIONS: Quiz Key 54
CHAPTER 2 Overview of Transaction Processing and Enterprise
Resource Planning Systems 56
Introduction 57
Transaction Processing: The Data Processing Cycle 58
Data Input 58
Data Storage 59
Data Processing 65
Information Output 65
Transaction Processing: Blockchain 67
Enterprise Resource Planning (ERP) Systems 68
Summary and Case Conclusion 71 ■ Key Terms 71
AIS IN ACTION: Chapter Quiz 71 ■ Discussion Questions 72 ■ Problems 73
CASE 2-1 Bar Harbor Blueberry Farm 79
CASE 2-2 SDC 80
AIS IN ACTION SOLUTIONS: Quiz Key 81
CHAPTER 3 Systems Documentation Techniques 84
Introduction 85
Business Process Diagrams 86
Flowcharts 89
Types of Flowcharts 91
Program Flowcharts 94
Data Flow Diagrams 95
Subdividing the DFD 97
Summary and Case Conclusion 100 ■ Key Terms 100
AIS IN ACTION: Chapter Quiz 101 ■ Comprehensive Problem 102 ■
Discussion Questions 102 ■ Problems 102
CASE 3-1 Dub 5 107
AIS IN ACTION SOLUTIONS: Quiz Key 108 ■ Comprehensive Problem Solution 110
PART II Data Analytics 117
CHAPTER 4 Relational Databases 118
Introduction 118
Databases and Files 119
Using Data Warehouses for Data Analytics 121
The Advantages of Database Systems 121
The Importance of Good Data 122
Database Systems 122
Logical and Physical Views of Data 122
Schemas 123
The Data Dictionary 124
DBMS Languages 126
Relational Databases 126
Types of Attributes 127
Designing a Relational Database for S&S, Inc. 127
Basic Requirements of a Relational Database 129
Two Approaches to Database Design 131
Creating Relational Database Queries 131
Query 1 131
Query 2 134
Query 3 137
Query 4 137
Query 5 139
Database Systems and the Future of Accounting 140
Summary and Case Conclusion 142 ■ Key Terms 142
AIS IN ACTION: Chapter Quiz 142 ■ Comprehensive Problem 143 ■
Discussion Questions 144 ■ Problems 145
CASE 4-1 Research Project 153
AIS IN ACTION SOLUTIONS: Quiz Key 154 ■ Comprehensive Problem Solution 155
Appendix: Data Normalization 158 ■ Summary 161
CHAPTER 5 Introduction to Data Analytics in Accounting 162
Introduction 163
Ask the Right Questions 165
Extract, Transform, and Load Relevant Data 165
Extracting Data 166
Transforming Data 169
Loading Data 170
Apply Appropriate Data Analytic Techniques 171
Interpret and Share the Results with Stakeholders 172
Interpreting Results 172
Sharing Results 173
Additional Data Analytics Considerations 174
Automation 174
Data Analytics Is Not Always the Right Tool 176
Summary and Case Conclusion 176 ■ Key Terms 176
AIS IN ACTION: Chapter Quiz 177 ■ Discussion Questions 178 ■ Problems 178
CASE 5-1 Robotic Process Automation—Wood’s Amazing Woods Inc. 183
AIS IN ACTION SOLUTIONS: Quiz Key 185
CHAPTER 6 Transforming Data 188
Introduction 189
Attributes of High-Quality Data 190
Data Structuring 191
Aggregate Data 191
Data Joining 192
Data Pivoting 192
Data Standardization 193
Data Parsing and Data Concatenation 193
Cryptic Data Values 195
Misfielded Data Values 196
Data Formatting and Data Consistency 196
Data Cleaning 198
Data De-Duplication 198
Data Filtering 198
Data Contradiction Errors 199
Data Threshold Violations 199
Violated Attribute Dependencies 200
Data Entry Errors 200
Data Validation 200
Visual Inspection 201
Basic Statistical Tests 201
Audit a Sample 201
Advanced Testing Techniques 202
Summary and Case Conclusion 202 ■ Key Terms 202
AIS IN ACTION: Chapter Quiz 203 ■ Discussion Questions 204 ■ Problems 204
CASE 6-1 Hotel Data Cleaning Case 209
AIS IN ACTION SOLUTIONS: Quiz Key 210
CHAPTER 7 Data Analysis and Presentation 214
Introduction 215
Data Analysis 215
Descriptive Analytics 215
Diagnostic Analytics 217
Predictive Analytics 219
Prescriptive Analytics 220
Common Problems with Data Analytics 220
Data Presentation 222
Choosing the Right Visualization 222
Designing High-Quality Visualizations 225
Summary and Case Conclusion 235 ■ Key Terms 235
AIS IN ACTION: Chapter Quiz 236 ■ Discussion Questions 237 ■ Problems 237
CASE 7-1 Analyzing Gamified Training 241
CASE 7-1 Appendix 242
ANALYTICS MINDSET Gamification 243
AIS IN ACTION SOLUTIONS: Quiz Key 244
PART III Control of Accounting Information Systems 247
CHAPTER 8 Fraud and Errors 248
Introduction 249
AIS Threats 249
Natural and Political Disasters 249
Software Errors and Equipment Malfunctions 251
Unintentional Errors 251
Intentional Acts 252
Introduction to Fraud 253
Misappropriation of Assets 254
Fraudulent Financial Reporting 255
SAS No. 99 (AU-C Section 240): The Auditor’s Responsibility to Detect Fraud 255
Who Perpetrates Fraud and Why 256
The Fraud Triangle 256
Computer Fraud 261
The Rise in Computer Fraud 261
Computer Fraud Classifications 262
Preventing and Detecting Fraud and Abuse 264
Using Data Analytics to Prevent and Detect Fraud 266
Summary and Case Conclusion 268 ■ Key Terms 269
AIS IN ACTION: Chapter Quiz 269 ■ Discussion Questions 270 ■ Problems 271
CASE 8-1 David L. Miller: Portrait of a White-Collar Criminal 276
CASE 8-2 Heirloom Photo Plans 277
AIS IN ACTION SOLUTIONS: Quiz Key 279
CHAPTER 9 Computer Fraud and Abuse Techniques 282
Introduction 282
Computer Attacks and Abuse 283
Social Engineering 292
Malware 296
Summary and Case Conclusion 305 ■ Key Terms 306
AIS IN ACTION: Chapter Quiz 306 ■ Discussion Questions 307 ■ Problems 308
CASE 9-1 Shadowcrew 318
AIS IN ACTION SOLUTIONS: Quiz Key 319
CHAPTER 10 Control and Accounting Information Systems 322
Introduction 323
Why Threats to Accounting Information Systems Are Increasing 323
Overview of Control Concepts 324
The Foreign Corrupt Practices and Sarbanes–Oxley Acts 325
Control Frameworks 326
COBIT Framework 326
COSO’S Internal Control Framework 328
The Control Environment 330
Management’s Philosophy, Operating Style, and Risk Appetite 331
Commitment to Integrity, Ethical Values, and Competence 331
Internal Control Oversight by the Board of Directors 332
Organizational Structure 332
Methods of Assigning Authority and Responsibility 332
Human Resources Standards That Attract, Develop, and Retain Competent Individuals 333
External Influences 334
Risk Assessment and Risk Response 335
Estimate Likelihood and Impact 335
Identify Controls 335
Estimate Costs and Benefits 335
Determine Cost/Benefit Effectiveness 336
Implement Control or Accept, Share, or Avoid the Risk 337
Control Activities 337
Proper Authorization of Transactions and Activities 337
Segregation of Duties 338
Project Development and Acquisition Controls 341
Change Management Controls 342
Design and Use of Documents and Records 342
Safeguard Assets, Records, and Data 342
Independent Checks on Performance 343
Communicate Information and Monitor Control
Processes 344
Information and Communication 344
Monitoring 345
Summary and Case Conclusion 347 ■ Key Terms 348
AIS IN ACTION: Chapter Quiz 348 ■ Discussion Questions 350 ■ Problems 350
CASE 10-1 The Greater Providence Deposit & Trust Embezzlement 356
AIS IN ACTION SOLUTIONS: Quiz Key 357
CHAPTER 11 Controls for Information Security 360
Introduction 361
Three Fundamental Information Security Concepts 362
Security Is a Management Issue, Not Just a Technology Issue 362
People: The Critical Factor 364
The Time-Based Model of Information Security 365
Protecting Information Resources 367
Physical Security: Access Controls 367
Process: User Access Controls 368
IT Solutions: Antimalware Controls 372
IT Solutions: Network Access Controls 372
IT Solutions: Device and Software Hardening Controls 377
IT Solutions: Encryption 379
Detecting Attacks 379
Log Analysis 379
Intrusion Detection Systems 380
Honeypots 380
Continuous Monitoring 380
Responding to Attacks 381
Computer Incident Response Team (CIRT) 381
Chief Information Security Officer (CISO) 381
Monitor and Revise Security Solutions 382
Penetration Testing 382
Change Controls and Change Management 382
Security Implications of Virtualization, Cloud Computing,
and the Internet of Things 383
Summary and Case Conclusion 384 ■ Key Terms 384
AIS IN ACTION: Chapter Quiz 385 ■ Discussion Questions 386 ■ Problems 386
CASE 11-1 Assessing Change Control and Change Management 391
CASE 11-2 Research Project 391
AIS IN ACTION SOLUTIONS: Quiz Key 391
CHAPTER 12 Confidentiality and Privacy Controls 394
Introduction 395
Protecting Confidentiality and Privacy 395
Identify and Classify Information to Be Protected 396
Protecting Sensitive Information with Encryption 396
Controlling Access to Sensitive Information 396
Training 398
Privacy Regulations and Generally Accepted Privacy Principles 398
The EU’s GDPR and U.S. Laws 398
Generally Accepted Privacy Principles 399
Encryption 402
Factors That Influence Encryption Strength 403
Types of Encryption Systems 403
Virtual Private Networks (VPNs) 405
Hashing 406
Digital Signatures 407
Digital Certificates and Public Key Infrastructure 408
Blockchain 409
Summary and Case Conclusion 412 ■ Key Terms 412
AIS IN ACTION: Chapter Quiz 412 ■ Discussion Questions 414 ■ Problems 414
CASE 12-1 Protecting Privacy of Tax Returns 418
CASE 12-2 Generally Accepted Privacy Principles 419
AIS IN ACTION SOLUTIONS: Quiz Key 419
CHAPTER 13 Processing Integrity and Availability Controls 422
Introduction 422
Processing Integrity 423
Input Controls 423
Processing Controls 425
Output Controls 426
Illustrative Example: Credit Sales Processing 427
Processing Integrity Controls in Spreadsheets 429
Availability 429
Minimizing Risk of System Downtime 429
Recovery and Resumption of Normal Operations 430
Summary and Case Conclusion 435 ■ Key Terms 436
AIS IN ACTION: Chapter Quiz 436 ■ Discussion Questions 437 ■ Problems 438
CASE 13-1 Ensuring Systems Availability 447
CASE 13-2 Ensuring Process Integrity in Spreadsheets 447
AIS IN ACTION SOLUTIONS: Quiz Key 448
PART IV Accounting Information Systems Applications 451
CHAPTER 14 The Revenue Cycle: Sales to Cash Collections 452
Introduction 454
Revenue Cycle Information System 456
Process 456
Threats and Controls 456
Sales Order Entry 459
Taking Customer Orders 460
Credit Approval 462
Checking Inventory Availability 464
Responding to Customer Inquiries 465
Shipping 467
Pick and Pack the Order 467
Ship the Order 469
Billing 471
Invoicing 472
Maintain Accounts Receivable 474
Cash Collections 477
Process 477
Threats and Controls 478
Summary and Case Conclusion 480 ■ Key Terms 481
AIS IN ACTION: Chapter Quiz 481 ■ Discussion Questions 482 ■ Problems 482
CASE 14-1 Research Project: The Use of RFID in Retail 491
AIS IN ACTION SOLUTIONS: Quiz Key 491
CHAPTER 15 The Expenditure Cycle: Purchasing to Cash
Disbursements 494
Introduction 495
Expenditure Cycle Information System 496
Process 496
Threats and Controls 499
Ordering Materials, Supplies, and Services 503
Identifying What, When, and How Much to Purchase 503
Choosing Suppliers 505
Receiving 509
Process 510
Threats and Controls 511
Approving Supplier Invoices 512
Process 512
Threats and Controls 515
Cash Disbursements 515
Process 515
Threats and Controls 515
Summary and Case Conclusion 518 ■ Key Terms 519
AIS IN ACTION: Chapter Quiz 519 ■ Discussion Questions 520 ■ Problems 520
CASE 15-1 Group Case Analysis: School District Expenditure Fraud 529
CASE 15-2 Anatomy of a Multi-Million Dollar Embezzlement at ING Bank 529
AIS IN ACTION SOLUTIONS: Quiz Key 530
CHAPTER 16 The Production Cycle 532
Introduction 533
Production Cycle Information System 535
Process 536
Threats and Controls 536
Product Design 537
Process 537
Threats and Controls 539
Planning and Scheduling 539
Production Planning Methods 539
Key Documents and Forms 539
Threats and Controls 543
Production Operations 544
Threats and Controls 544
Cost Accounting 546
Process 546
Threats and Controls 547
Summary and Case Conclusion 552 ■ Key Terms 553
AIS IN ACTION: Chapter Quiz 553 ■ Discussion Questions 554 ■ Problems 555
CASE 16-1 The Accountant and CIM 559
AIS IN ACTION SOLUTIONS: Quiz Key 559
CHAPTER 17 The Human Resources Management and Payroll Cycle 562
Introduction 563
HRM/Payroll Cycle Information System 564
Overview of HRM Process and Information Needs 564
Threats and Controls 566
Payroll Cycle Activities 569
Update Payroll Master Database 570
Validate Time and Attendance Data 571
Prepare Payroll 573
Disburse Payroll 577
Calculate and Disburse Employer-Paid Benefits, Taxes, and Voluntary Employee
Deductions 579
Outsourcing Options: Payroll Service Bureaus and Professional Employer
Organizations 579
Summary and Case Conclusion 580 ■ Key Terms 581
AIS IN ACTION: Chapter Quiz 581 ■ Discussion Questions 582 ■ Problems 583
CASE 17-1 Excel Project: Sorting and Grouping Data 589
AIS IN ACTION SOLUTIONS: Quiz Key 589
CHAPTER 18 General Ledger and Reporting System 592
Introduction 593
General Ledger and Reporting System 594
Process 595
Threats and Controls 595
Update General Ledger 597
Process 597
Threats and Controls 598
Post Adjusting Entries 600
Process 601
Threats and Controls 602
Prepare Financial Statements 602
Process 602
Threats and Controls 609
Produce Managerial Reports 610
Process 610
Threats and Controls 610
Summary and Case Conclusion 614 ■ Key Terms 614
AIS IN ACTION: Chapter Quiz 615 ■ Discussion Questions 616 ■ Problems 616
CASE 18-1 Exploring iXBRL Viewers 621
CASE 18-2 Evaluating a General Ledger Package 621
AIS IN ACTION SOLUTIONS: Quiz Key 622
PART V The REA Data Model 625
CHAPTER 19 Database Design Using the REA Data Model 626
Introduction 626
Database Design Process 627
Entity-Relationship Diagrams 628
The REA Data Model 629
Three Basic Types of Entities 630
Structuring Relationships: The Basic REA Template 630
Developing an REA Diagram 633
Step 1: Identify Relevant Events 633
Step 2: Identify Resources and Agents 635
Step 3: Determine Cardinalities of Relationships 636
What an REA Diagram Reveals About an Organization 640
Business Meaning of Cardinalities 640
Uniqueness of REA Diagrams 641
Summary and Case Conclusion 642 ■ Key Terms 643
AIS IN ACTION: Chapter Quiz 643 ■ Comprehensive Problem 646 ■
Discussion Questions 646 ■ Problems 647
CASE 19-1 REA Data Modeling Extension 651
AIS IN ACTION SOLUTIONS: Quiz Key 652 ■ Comprehensive Problem Solution 656
CHAPTER 20 Implementing an REA Model in a Relational
Database 660
Introduction 661
Integrating REA Diagrams Across Cycles 661
Merging Redundant Resource Entities 664
Merging Redundant Event Entities 665
Validating the Accuracy of Integrated REA Diagrams 666
Implementing an REA Diagram in a Relational Database 666
Step 1: Create Tables for Each Distinct Entity and M:N Relationship 666
Step 2: Assign Attributes to Each Table 668
Step 3: Use Foreign Keys to Implement 1:1 and 1:N Relationships 669
Completeness Check 670
Using REA Diagrams to Retrieve Information from a Database 671
Creating Journals and Ledgers 671
Generating Financial Statements 672
Creating Managerial Reports 673
Summary and Case Conclusion 673 ■ Key Term 674
AIS IN ACTION: Chapter Quiz 674 ■ Comprehensive Problem 675 ■
Discussion Questions 675 ■ Problems 676
CASE 20-1 Practical Database Design 678
AIS IN ACTION SOLUTIONS: Quiz Key 679 ■ Comprehensive Problem Solution 681
CHAPTER 21 Special Topics in REA Modeling 684
Introduction 685
Additional Revenue and Expenditure Cycle Modeling Topics 685
Additional Revenue Cycle Events and Attribute Placement 685
Additional Expenditure Cycle Events and Attribute Placement 687
Sale of Services 690
Acquisition of Intangible Services 690
Digital Assets 691
Rental Transactions 691
Additional REA Features 693
Employee Roles 693
M:N Agent–Event Relationships 693
Locations 693
Relationships Between Resources and Agents 693
Production Cycle REA Model 694
Additional Entities—Intellectual Property 694
Production Cycle Events 696
New REA Feature 696
Combined HR/Payroll Data Model 697
HR Cycle Entities 697
Tracking Employees’ Time 698
Financing Activities Data Model 699
Summary and Case Conclusion 700
AIS IN ACTION: Chapter Quiz 703 ■ Discussion Questions 704 ■ Problems 705
CASE 21-1 Practical Database Assignment 710
AIS IN ACTION SOLUTIONS: Quiz Key 710
Appendix: Extending the REA Model to Include Information About Policies 714
PART VI The Systems Development Process 717
CHAPTER 22 Introduction to Systems Development and
Systems Analysis 718
Introduction 719
Systems Development 721
The Systems Development Life Cycle 721
The Players 722
Planning Systems Development 723
Planning Techniques 725
Feasibility Analysis 725
Capital Budgeting: Calculating Economic Feasibility 726
Behavioral Aspects of Change 727
Why Behavioral Problems Occur 728
How People Resist Change 728
Preventing Behavioral Problems 729
Systems Analysis 730
Initial Investigation 730
Systems Survey 732
Feasibility Study 733
Information Needs and Systems Requirements 733
Systems Analysis Report 735
Summary and Case Conclusion 736 ■ Key Terms 737
AIS IN ACTION: Chapter Quiz 738 ■ Comprehensive Problem 739 ■
Discussion Questions 739 ■ Problems 740
CASE 22-1 Audio Visual Corporation 749
AIS IN ACTION SOLUTIONS: Quiz Key 750 ■ Comprehensive Problem Solution 752
CHAPTER 23 AIS Development Strategies 754
Introduction 755
Purchasing Software 755
Selecting a Vendor 756
Acquiring Hardware and Software 756
Evaluating Proposals and Selecting a System 757
Development by In-House Information Systems Departments 759
End-User-Developed Software 759
Advantages and Disadvantages of End-User Computing 760
Managing and Controlling End-User Computing 761
Outsourcing the System 762
Advantages and Disadvantages of Outsourcing 762
Methods for Improving Systems Development 763
Business Process Management 764
Prototyping 765
Agile Methodologies 767
Computer-Aided Software Engineering 770
Summary and Case Conclusion 771 ■ Key Terms 771
AIS IN ACTION: Chapter Quiz 772 ■ Comprehensive Problem 773 ■
Discussion Questions 773 ■ Problems 774
CASE 23-1 Wong Engineering Corp. 778
AIS IN ACTION SOLUTIONS: Quiz Key 779 ■ Comprehensive Problem Solution 782
CHAPTER 24 Systems Design, Implementation, and Operation 784
Introduction 785
Conceptual Systems Design 785
Evaluate Design Alternatives 785
Prepare Design Specifications and Reports 787
Physical Systems Design 787
Output Design 788
File and Database Design 788
Input Design 789
Program Design 790
Procedures and Controls Design 791
Systems Implementation 792
Implementation Planning and Site Preparation 792
Selecting and Training Personnel 793
Complete Documentation 794
Testing the System 794
Systems Conversion 795
Operation and Maintenance 796
Summary and Case Conclusion 797 ■ Key Terms 798
AIS IN ACTION: Chapter Quiz 798 ■ Comprehensive Problem 799 ■
Discussion Questions 800 ■ Problems 801
CASE 24-1 Citizen’s Gas Company 807
AIS IN ACTION SOLUTIONS: Quiz Key 807 ■ Comprehensive Problem Solution 809
Glossary 812
Index 829