Skip to main content

Accounting Information Systems: Controls and Processes, 3rd Edition

Accounting Information Systems: Controls and Processes, 3rd Edition

Leslie Turner, Andrea B. Weickgenannt, Mary Kay Copeland

ISBN: 978-1-119-30211-7

Oct 2016

672 pages



TRY (FREE for 14 days), OR RENT this

Realizing the importance of accounting information systems and internal controls in today’s business environment, the updated 3rd edition of Accounting Information Systems makes the world of systems and controls accessible to today’s student. It enhances opportunities for learning about AIS and its day-to-day operation and is written for the business or accounting major required to take an AIS course. Keeping the student in mind, this text focuses on the business processes and the related controls, as well as the essential topics of ethics and corporate governance.

Related Resources

About the Authors v

Preface vii

Acknowledgments xi

To the Students xiii

A List of Real-World Examples in This Textbook xv

1 Introduction to AIS 1

Overview of Business Processes (Study Objective 1), 1

Overview of an Accounting Information System (Study Objective 2), 4

Business Process Linkage Throughout the Supply Chain (Study Objective 3), 5

IT Enablement of Business Processes (Study Objective 4), 7

Basic Computer and IT Concepts (Study Objective 5), 10

Basic Computer Data Structures, 10

File Access and Processing Modes, 11

Data Warehouse and Data Mining, 12

Structured, Unstructured, and Big Data, 13

Networks and the Internet, 14

Examples of IT Enablement (Study Objective 6), 15

E-Business, 15

Electronic Data Interchange, 15

Point of Sale System, 16

Automated Matching, 16

Evaluated Receipt Settlement, 16

E-Payables and Electronic Invoice Presentment and Payment, 16

Enterprise Resource Planning Systems, 17

The Internal Control Structure of Organizations (Study Objective 7), 17

Enterprise Risk Management, 18

A Code of Ethics, 20

Coso Accounting Internal Control Structure, 20

IT Controls, 20

Corporate Governance, 20

IT Governance, 21

The Importance of Accounting Information Systems to Accountants (Study Objective 8), 22

Users of the AIS, 22

Design or Implementation Team, 22

Auditors of the AIS, 22

The Relation of Ethics to Accounting Information Systems (Study Objective 9), 22

Summary of Study Objectives, 24

Key Terms, 25

End of Chapter Material, 26

Solutions to Concept Check, 29

2 Foundational Concepts of the AIS 31

Interrelationships of Business Processes and the AIS (Study Objective 1), 32

Types of Accounting Information Systems (Study Objective 2), 34

Manual Systems, 35

Legacy Systems, 36

Modern, Integrated Systems, 38

Client-Server Computing (Study Objective 3), 38

Cloud Computing (Study Objective 4), 39

Accounting Software Market Segments (Study Objective 5), 43

Input Methods Used in Business Processes (Study Objective 6), 46

Source Documents and Keying, 46

Bar Codes, 47

Point of Sale Systems, 47

Electronic Data Interchange, 48

E-Business and E-Commerce, 48

Processing Accounting Data (Study Objective 7), 48

Batch Processing, 48

Online and Real-Time Processing, 50

Outputs From the AIS Related to Business Processes (Study Objective 8), 50

Documenting Processes and Systems (Study Objective 9), 51

Process Maps, 51

System Flowcharts, 52

Document Flowcharts, 53

Data Flow Diagrams, 55

Entity Relationship Diagrams, 55

Ethical Considerations at the Foundation of Accounting Information Systems(Study Objective 10), 59

Summary of Study Objectives, 60

Key Terms, 61

End of Chapter Material, 62

Solutions to Concept Check, 66

3 Fraud, Ethics, and Internal Control 67

Introduction to the Need for a Code of Ethics and Internal Controls (Study Objective 1), 67

Accounting-Related Fraud (Study Objective 2), 70

Categories of Accounting-Related Fraud, 72

The Nature of Management Fraud (Study Objective 3), 72

The Nature of Employee Fraud (Study Objective 4), 74

The Nature of Customer Fraud (Study Objective 5), 75

The Nature of Vendor Fraud (Study Objective 6), 76

The Nature of Computer Fraud (Study Objective 7), 76

Internal Sources of Computer Fraud, 76

External Sources of Computer Fraud, 77

Policies to Assist in the Avoidance of Fraud and Errors (Study Objective 8), 79

Maintenance of a Code of Ethics (Study Objective 9), 79

Maintenance of Accounting Internal Controls (Study Objective 10), 80

The Details of the COSO Report, 82

Reasonable Assurance of Internal Controls, 90

Maintenance of Information Technology Controls (Study Objective 11), 91

The Sarbanes–Oxley Act of 2002 (Study Objective 12), 93

Section 404—Management Assessment of Internal Controls, 93

Section 406—Code of ethics for senior financial officers, 94

Summary of Study Objectives, 94

Key Terms, 96

End of Chapter Material, 96

Solutions to Concept Check, 102

4 Internal Controls and Risks in IT Systems 103

An Overview of Internal Controls for IT Systems (Study Objective 1), 103

General Controls for IT Systems (Study Objective 2), 105

Authentication of Users and Limiting Unauthorized Users, 106

Hacking and Other Network Break-Ins, 109

Organizational Structure, 112

Physical Environment and Security, 113

Business Continuity, 114

General Controls from an AICPA Trust Services Principles Perspective (Study Objective 3), 115

Risks in not Limiting Unauthorized Users, 116

Risks from Hacking or Other Network Break-Ins, 119

Risks from Environmental Factors, 119

Physical Access Risks, 120

Business Continuity Risks, 120

Hardware and Software Exposures in IT Systems (Study Objective 4), 120

The Operating System, 122

The Database, 123

The Database Management System, 124

LANs and WANs, 125

Wireless Networks, 125

The Internet and World Wide Web, 126

Telecommuting Workers and Mobile Workers, 127

Electronic Data Interchange, 127

Cloud Computing, 128

Application Software and Application Controls (Study Objective 5), 130

Input Controls, 131

Processing Controls, 137

Output Controls, 137

Ethical Issues in IT Systems (Study Objective 6), 138

Summary of Study Objectives, 139

Key Terms, 140

End of Chapter Material, 141

Solutions to Concept Check, 145

5 IT Governance 148

Introduction to IT Governance (Study Objective 1), 148

An Overview of the SDLC (Study Objective 2), 152

The Phases of the SDLC, 155

Elements of the Systems Planning Phase of the SDLC (Study Objective 3), 155

The Match of IT Systems to Strategic Objectives, 156

Feasibility Study, 156

Planning and Oversight of the Proposed Changes, 158

Elements of the Systems Analysis Phase of the SDLC (Study Objective 4), 158

Preliminary Investigation, 158

System Survey: The Study of the Current System, 158

Determination of User Requirements, 160

Analysis of the System Survey, 161

Systems Analysis Report, 161

Elements of the Systems Design Phase of the SDLC (Study Objective 5), 162

The Purchase of Software, 163

In-House Design, 164

Conceptual Design, 164

Evaluation and Selection, 165

Cloud Computing as a Conceptual Design, 167

Detailed Design, 167

Elements of the Systems Implementation Phase of the SDLC (Study Objective 6), 169

Software Programming, 170

Training Employees, 170

Software Testing, 171

Documenting the System, 171

Data Conversion, 171

System Conversion, 171

User Acceptance, 172

Post-Implementation Review, 172

Elements of the Operation and Maintenance Phase of the SDLC (Study Objective 7), 172

The Critical Importance of IT Governance in an Organization (Study Objective 8), 173

SDLC as Part of Strategic Management, 173

SDLC as an Internal Control, 173

Ethical Considerations Related to IT Governance (Study 175 Objective 9), Ethical Considerations for Management, 175

Ethical Considerations for Employees, 175

Ethical Considerations for Consultants, 176

Summary of Study Objectives, 177

Key Terms, 178

End of Chapter Material, 179

Solutions to Concept Check, 182

6 Enterprise Resource Planning (ERP) Systems 183

Overview of ERP Systems (Study Objective 1), 183

History of ERP Systems (Study Objective 2), 186

Current ERP System Characteristics (Study Objective 3), 188

ERP Modules (Study Objective 4), 190

Financials, 190

Human Resources, 191

Procurement and Logistics, 191

Product Development and Manufacturing, 191

Sales and Services, 191

Analytics, 191

Supply Chain Management (SCM), 191

Customer Relationship Management (CRM), 192

Market Segments of ERP Systems (Study Objective 5), 192

Tier One Software, 192

Tier Two Software, 193

Cloud-Based ERP, 194

Implementation of ERP Systems (Study Objective 6), 195

Hiring a Consulting Firm, 195

The Best-Fit ERP System, 195

Which Modules to Implement, 196

Best of Breed Versus ERP Modules, 196

Business Process Reengineering, 196

Customization of the ERP System, 197

The Costs of Hardware and Software, 197

Testing of the ERP System, 198

Data Conversion, 198

Training of Employees, 198

The Methods of Conversion to the ERP System, 198

Benefits and Risks of ERP Systems (Study Objective 7), 201

Benefits of ERP Systems, 201

Risks of ERP Systems, 202

ERP Systems and the Sarbanes–Oxley Act (Study Objective 8), 204

Summary of Study Objectives, 206

Key Terms, 207

End of Chapter Material, 208

Solutions to Concept Check, 211

7 Auditing Information Technology-Based Processes 212

Introduction to Auditing IT Processes (Study Objective 1), 212

Types of Audits and Auditors (Study Objective 2), 213

Information Risk and IT-Enhanced Internal Control (Study Objective 3), 215

Authoritative Literature Used in Auditing (Study Objective 4), 216

Management Assertions and Audit Objectives (Study Objective 5), 218

Phases of an IT Audit (Study Objective 6), 219

Audit Planning, 220

Use of Computers in Audits (Study Objective 7), 223

Tests of Controls (Study Objective 8), 224

General Controls, 224

Application Controls, 227

Tests of Transactions and Tests of Balances (Study Objective 9), 231

Audit Completion/Reporting (Study Objective 10), 233

Other Audit Considerations (Study Objective 11), 235

Different IT Environments, 235

Changes in a Client’s IT Environment, 237

Sampling Versus Population Testing, 238

Ethical Issues Related to Auditing (Study Objective 12), 239

Summary of Study Objectives, 242

Key Terms, 243

End of Chapter Material, 244

Solutions To Concept Check, 248

8 Revenue and Cash Collection Processes and Controls 250

Introduction to Revenue Processes (Study Objective 1), 250

Sales Processes (Study Objective 2), 255

Risks and Controls in Sales Processes (Study Objective 2, Continued), 262

Authorization of Transactions, 262

Segregation of Duties, 262

Adequate Records and Documents, 263

Security of Assets and Documents, 263

Independent Checks and Reconciliation, 264

Cost–Benefit Considerations, 264

Sales Return Processes (Study Objective 3), 266

Risks and Controls in the Sales Return Processes (Study Objective 3, Continued), 266

Authorization of Transactions, 266

Segregation of Duties, 269

Adequate Records and Documents, 269

Security of Assets and Documents, 270

Independent Checks and Reconciliation, 270

Cost–Benefit Considerations, 270

Cash Collection Processes (Study Objective 4), 271

Risks and Controls in the Cash Collection Processes (Study Objective 4, Continued), 272

Authorization of Transactions, 272

Segregation of Duties, 272

Adequate Records and Documents, 276

Security of Assets and Documents, 276

Independent Checks and Reconciliation, 277

Cost–Benefit Considerations, 277

IT-Enabled Systems of Revenue and Cash Collection Processes (Study Objective 5), 279

E-Business Systems and the Related Risks and Controls (Study Objective 6), 281

Security and Confidentiality Risks, 283

Processing Integrity Risks, 283

Availability Risks, 284

Electronic Data Interchange (EDI) Systems and the Risks and Controls (Study Objective 7), 284

Point Of Sale (POS) Systems and the Related Risks and Controls (Study Objective 8), 288

Ethical Issues Related to Revenue Processes (Study Objective 9), 289

Corporate Governance in Revenue Processes (Study Objective 10), 292

Summary of Study Objectives, 292

Key Terms, 294

End of Chapter Material, 294

Solutions to Concept Check, 306

9 Expenditures Processes and Controls—Purchases 309

Introduction to Expenditures Processes (Study Objective 1), 309

Purchasing Processes (Study Objective 2), 312

Risks and Controls in the Purchasing Process (Study Objective 2, continued), 322

Authorization of Transactions, 322

Segregation of Duties, 322

Adequate Records and Documents, 323

Security of Assets and Documents, 324

Independent Checks and Reconciliation, 324

Cost–Benefit Considerations, 324

Purchase Return Process (Study Objective 3), 326

Risks and Controls in the Purchase Return Processes (Study Objective 3, continued), 330

Authorization of Transactions, 330

Segregation of Duties, 330

Adequate Records and Documents, 330

Security of Assets and Documents, 331

Independent Checks and Reconciliation, 331

Cost–Benefit Considerations, 331

Cash Disbursement Processes (Study Objective 4), 332

Risks and Controls in the Cash Disbursement Processes (Study Objective 4, continued), 338

Authorization of Transactions, 338

Segregation of Duties, 339

Adequate Records and Documents, 339

Security of Assets and Documents, 339

Independent Checks and Reconciliation, 339

Cost–Benefit Considerations, 340

IT Systems of Expenditures and Cash Disbursement Processes (Study Objective 5), 341

Computer-Based Matching (Study Objective 6), 343

Risks and Controls in Computer-Based Matching (Study Objective 6, continued), 344

Security and Confidentiality Risks, 344

Processing Integrity Risks, 345

Availability Risks, 345

Evaluated Receipt Settlement (Study Objective 7), 345

Risks and Controls in Evaluated Receipt Settlement (Study Objective 7, continued), 346

Security and Confidentiality, 347

Processing Integrity, 347

Availability, 347

E-Business and Electronic Data Interchange (EDI) (Study Objective 8), 347

Risks and Controls in E-Business and EDI (Study Objective 8, continued), 348

Security and Confidentiality, 348

Processing Integrity, 349

Availability, 350

E-Payables (Study Objective 9), 350

Procurement Cards (Study Objective 10), 351

Ethical Issues Related to Expenditures Processes (Study Objective 11), 351

Corporate Governance in Expenditure Processes (Study Objective 12), 353

Summary of Study Objectives, 354

Key Terms, 356

End of Chapter Material, 357

Solutions to Concept Check, 366

10 Expenditures Processes and Controls—Payroll and Fixed Assets 368

Introduction to Payroll and Fixed Asset Processes (Study Objective 1), 368

Payroll Processes (Study Objective 2), 372

Risks and Controls in the Payroll Processes (Study Objective 3), 380

Authorization of Transactions, 380

Segregation of Duties, 381

Adequate Records and Documents, 381

Security of Assets and Documents, 381

Independent Checks and Reconciliation, 382

Cost–Benefit Considerations, 382

IT Systems of Payroll Processes (Study Objective 4), 382

Fixed Assets Processes (Study Objective 5), 385

Fixed Asset Acquisitions, 385

Fixed Assets Continuance, 389

Fixed Assets Disposals, 390

Risks and Controls in Fixed Assets Processes (Study Objective 6), 393

Authorization of Transactions, 393

Segregation of Duties, 394

Adequate Records and Documents, 394

Security of Assets and Documents, 394

Independent Checks and Reconciliation, 394

Cost–Benefit Considerations, 395

IT Systems of Fixed Assets Processes (Study Objective 7), 396

Ethical Issues Related to Payroll and Fixed Assets Processes (Study Objective 8), 398

Corporate Governance in Payroll and Fixed Assets Processes (Study Objective 9), 400

Summary of Study Objectives, 402

Key Terms, 403

End of Chapter Material, 403

Solutions to Concept Check, 409

11 Conversion Processes and Controls 411

Basic Features of Conversion Processes (Study Objective 1), 411

Components of the Logistics Function (Study Objective 2), 414

Planning, 414

Resource Management, 416

Operations, 418

Cost Accounting Reports Generated by Conversion Processes (Study Objective 3), 422

Risks and Controls in Conversion Processes (Study Objective 4), 423

Authorization of Transactions, 423

Segregation of Duties, 423

Adequate Records and Documents, 424

Security of Assets and Documents, 424

Independent Checks and Reconciliation, 424

Cost–Benefit Considerations, 425

IT Systems of Conversion Processes (Study Objective 5), 426

Ethical Issues Related to Conversion Processes (Study Objective 6), 430

Corporate Governance in Conversion Processes (Study Objective 7), 431

Summary of Study Objectives, 431

Key Terms, 432

End of Chapter Material, 433

Solutions to Concept Check, 439

12 Administrative Processes and Controls 441

Introduction to Administrative Processes (Study Objective 1), 441

Source of Capital Processes (Study Objective 2), 444

Investment Processes (Study Objective 3), 445

Risks and Controls in Capital and Investment Processes (Study Objective 4), 447

General Ledger Processes (Study Objective 5), 448

Risks and Controls in General Ledger Processes (Study Objective 6), 451

Authorization of Transactions, 451

Segregation of Duties, 453

Adequate Records and Documents, 456

Security of the General Ledger and Documents, 456

Independent Checks and Reconciliation, 456

Reporting as an Output of the General Ledger Processes (Study Objective 7), 457

External Reporting, 457

Internal Reporting, 458

Ethical Issues Related to Administrative Processes and Reporting (Study Objective 8), 459

Unethical Management Behavior in Capital Sources and Investing, 460

Internal Reporting of Ethical Issues, 461

Corporate Governance in Administrative Processes and Reporting (Study Objective 9), 461

Summary of Study Objectives, 462

Key Terms, 464

End of Chapter Material, 464

Solutions to Concept Check, 467

13 Data and Databases 468

The Need for Data Collection and Storage (Study Objective 1), 468

Storing and Accessing Data (Study Objective 2), 470

Data Storage Terminology, 471

Data Storage Media, 471

Data Processing Techniques (Study Objective 3), 472

Databases (Study Objective 4), 473

The History Of Databases, 475

The Need for Normalized Data (Study Objective 5), 477

Trade-Offs in Database Storage, 479

Use of a Data Warehouse to Analyze Data (Study Objective 6), 480

Build the Data Warehouse, 481

Identify the Data, 481

Standardize the Data, 481

Cleanse, or Scrub, the Data, 482

Upload the Data, 483

Data Analysis Tools (Study Objective 7), 483

Data Mining, 483

OLAP, 484

Distributed Data Processing (Study Objective 8), 485

DDP and DDB, 486

Cloud-Based Databases (Study Objective 9), 487

Big Data and Data Analytics (Study Objective 10), 489

IT Controls for Data and Databases (Study Objective 11), 490

Ethical Issues Related to Data Collection and Storage (Study Objective 12), 491

Ethical Responsibilities of the Company, 491

Ethical Responsibilities of Employees, 493

Ethical Responsibilities of Customers, 494

Summary of Study Objectives, 495

Key Terms, 496

End of Chapter Material, 497

Solutions to Concept Check, 501

14 E-Commerce and E-Business 502

Introduction to E-Commerce and E-Business (Study Objective 1), 502

The History of the Internet (Study Objective 2), 504

The Physical Structure and Standards of The Internet (Study Objective 3), 506

The Network, 506

The Common Standards of the Internet, 508

E-Commerce and its Benefits (Study Objective 4), 510

Benefits and Disadvantages of E-Commerce for the Customer, 511

Benefits and Disadvantages of E-Commerce for the Business, 512

The Combination of E-Commerce and Traditional Commerce, 513

Privacy Expectations in E-Commerce (Study Objective 5), 514

E-Business and IT Enablement (Study Objective 6), 515

B2B: A Part of E-Business, 518

E-Business Enablement Examples (Study Objective 7), 519

Intranets and Extranets to Enable E-Business (Study Objective 8), 521

Internal Controls for the Internet, Intranets, and Extranets (Study Objective 9), 523

XML and XBRL as Tools to Enable E-Business (Study Objective 10), 524


XBRL for Financial Statement Reporting, 526

Ethical Issues Related to E-Business and E-Commerce (Study Objective 11), 527

Summary of Study Objectives, 529

Key Terms, 530

End of Chapter Material, 531

Solutions to Concept Check, 534

Index 537

  • Cloud Computing topics are integrated in several chapters.
  • Incorporation of the COSO framework and integration of discussions of risks and controls in all business process chapters.
  • More emphasis on continuous auditing in Chapter 7.
  • Updates in chapter 7 pertaining to the impact of IFRS on audit risk and the AICPA’s new framework on service organization controls (including cloud providers).
  • Expanded discussion of data in Chapter 13, including the use of unstructured data and its impact on the size of databases.
  • Updated presentations of e-business, internet EDI, and XBRL in Chapter 14.
  • Increased coverage of segregation of duties in ERP systems and ERP control reports.
  • Enhanced and updated “Real World” vignettes in most chapters.
  • End‐of‐chapter questions, problems, and cases that match well with the chapter content to help reinforce the topics presented.
  • Real-world examples to illustrate important concepts – each chapter includes examples of issues faced by actual business organizations.
  • Writing Style: Designed to give students an appreciation for internal controls, this textbook introduces only the technology most necessary and the authors write in a style that makes these technical concepts easy to understand.
  • Process Maps: In addition to data flow diagrams and document flowcharts, Turner AIS introduces Process Maps which are a tool used in the real world that presents business processes in a clear, simple manner
  • Business Process Approach: Understanding that all systems are influenced by business process, this text emphasizes the “business” in business process so students have more context for the systems.
  • Continuing Case: Found at the end of all chapters.
  • Microsoft Dynamics GP screen shots illustrate AIS via a real computer system.