ACCOUNTING 307

Dumb Fraudsters

-Replacing Pin Pads -Reality Check -Ebay, No Way -Doctoring Credit -Extended Stupidity -Happiest Fraud Victim Ever

Methods Used to Obtain Your Personal Data

-Shoulder surfing -Dumpster diving -Applications for "preapproved" credit cards -Key logging software -Spam and other e-mails

Mid-Range and Larger System Accounting Software

-Utilization Transaction processing needs grow Volume and complexity -Popular Software Packages Microsoft Dynamics GP SAP Business One Epicor Sage software's MAS 90, MAS 200, Everest, and Accpac -Cost Considerations Range from $2,000 to over $300,000 Purchase from Value Added Reseller (VAR) -Features Multi-currency transactions Currency conversions Various modules and interfaces (CRM, HR) Deployment options (desktop, web-browser) Hosted solutions

CPU

Central Processing Unit -Micro processor -primary memory -cache, RAM, ALU, Control Unit processes data to be valuable to decision makers-term used interchangeably with computer

Worm

write once read many

DPI

dots per inch

Phishing

fishing for personal information such as credit card, bank account or social security numbers

Warez groups

groups of Internet users who illegally distribute copyrighted materials online.

Scraping

harvesting personal information from social networking, resume and online forums cites where people discuss their personal life.

Torpedo

software a spyware company uses to delete a competitors software from the target computer

SOURCE DOCUMENTS and DATA TRANSCRIPTION

source document= starting point for collecting accounting data -manual documents(time cards, sales invoice, packing slips) -must be transcribed into machine readable media DATA TRANSCRIPTION -costly, inefficient, labor intense -non-productive, prone to human error -good audit trial

Salami Technique

stealing small amounts of money from many accounts over a long period of time.

Podslurping

using small portable devices (like an iPod) to such massive amounts of valuable data from company systems.

Clickjacking

"Hijacking" a link on a web site so that clicking the link on a graphic or icon that is visually seen actually moves the viewer to something the attacker wants them to see

Sales Organization

-A sales organization is responsible for negotiating sales conditions and distributing goods and services. -It represents the top organizational level to which you sum sales figures. --There must be at least one sales organization defined --A sales organization is assigned to only one company code. --More than one sales organization can be assigned to a company code.

Integrated Accounting Software Programs -Features

-Can handle multiple companies and users -Has audit trails -Has budgeting capability -Provides cash-based and accrual-based accounting options -Can print checks and invoices -Can customize financial reporting -Has E-commerce features -Has tools for financial analysis -Can generate graphic reports -Can manage the inventory -Can handle recurring journal entries -Accommodates business growth -Can provide variance analysis.

Robert T. Morris and the Internet Virus

-Created one of the world's most famous compute viruses. (Morris Worm 1988). -Original intent was to gauge the size of the internet. -Became first person to be indicted under the Computer Fraud and Abuse Act of 1986 - 3 years probation and community service work. -This case illustrates vulnerability of networks to virus infections

Master Data

-Data that is relatively stable -Master Data is centrally stored (shared across application modules) and is processed to eliminate data redundancy. -When creating business transactions (like a sales order) the system copies information from master data. Three kinds of master data are critical to sales order processing: 1-Customer - Shared with FI/CO 2-Material - Shared with MM and PP 3-Pricing ex-- Materials, Customers, Vendors

Transaction Data

-Data that is relatively temporary -Stored at various stages of a business process ex-Customer orders, purchase orders, production orders, customer payments

SAP

-Designed in 1972 by 5 former IBM systems analysts in Germany. -Based on the idea of modular software Individual programs Purchased, installed, and run separately Extract data from one common database -can use a number of database programs to actually store the data -open architecture -Based on a 3 Tier Client-Server Technology user PC--> application server--> database server

Ethical Behavior

-Ethics is a set of moral principles or values. -Ethical behavior involves making choices and judgments that are morally proper and then acting accordingly. -Ethics can govern and organization as well as individuals.

Preventing Viruses

-Firewalls limit external access to a company's system -Antivirus software scans computer disks for virus-like coding cleanse computer systems already infected;

Cost of Enterprise System

-Hardware -Software -Training -Technical -Business processes -Data conversion -Interfaces and customization -Professional services -Reassigned employees -Software maintenance -Software upgrades

ERP System Developers

-Have responded to customer demands for Reduced complexity In-house technical support Expense -By changing their architecture to include Portals Exchanges Mobile Access Rapid implementation by less customization Industry customization Middleware to implement "Best of Breed" modules

Data Warehouse

-Historical data are collected from all facets of the organization (and possibly from 3rd parties). -Often used in Data Mining: Artificial Intelligent methods Identify trends, patterns, and relationships in the data Help organizations make predictions

Ethical Issues

-Honesty -Protecting Computer Systems -Protecting Confidential Information -Social Responsibility -Rights of Privacy -Acceptable Use of Computer Hardware and Software

Small Business Accounting Software

-Information Needs of Small Business Owners Cash Flows Evaluating Profitability -Features Reports Internet Connectivity Scalability

The Kevin D. Mitnick Case

-Kevin D. Mitnick in 1995 was the FBI's most wanted computer hacker. -Hackers are people who break into the computer files of others for fun or personal gain. -Began as a group of high school hackers. -At age 31 was he caught. -He had hacked into a supercomputer in San Diego and stole 20,000 credit card numbers -Sentenced under the Patriot Act of 2001 - 4 Years in Jail -Now a Computer Security Consultant

The Equity Funding Case

-Landmark case of computer crime. -Control procedures extremely lax - company maintained an open shop. -Analysis: *Insurance industry learned how easily computers can create bogus insurance policies. *IS personnel learned importance of computer security. *Court litigation taught auditing profession that ineffective audit techniques were not an adequate legal defense against charges of negligence.

MODULES

-Organizes transaction processing in modules -Provides links between modules -Include Accounts Receivable, Accounts Payable, Inventory, and Payroll

Electronic Input Devices

-POS devices -plastic cards with magnetic strips -RFID -microcomputer input devices-keyboard,PDA, -MICR -biometric scanners-voice, iris, finger prints -OCR -digital cameras-personal SPY cameras -Audio input

Importance of secondary storage

-Primary Memory volatile memory lost electrical power, lost memory -Secondary Memory mass storage or Auxiliary storage maintain data in permanent files

FUNCTION

-Process all types of accounting transactions -Transactions affecting general and special journals

Benefits of Enterprise System

-Reduced inventory investment -Improved asset management -Improved decision-making -Resolved data redundancy and integrity problems -Increased flexibility and responsiveness -Improved customer service and satisfaction -Global and supply chain integration

Microprocessor

-a component with miniaturized transistors on a single circuit that executes instructions and manipulates data -speeds are measured in gigahertz(GHz) which is the number of pulses per second of the systems timing clock ALU and Control Unit

Cache Memory

-a fast buffer memory that facilitates data transfer between primary memory (RAM) and processor -can be accessed more quickly by the microprocessor than the primary memory can be accessed

The Computer Fraud and Abuse Act (CFFA) of 1986

-amended in 1994-1996 -Defines computer fraud as an illegal act for which computer technology is essential for its perpetration, investigation, or prosecution. -Legislatures have difficult time keeping up with computer crimes and abuse. -Defines seven fraudulent acts

INPUTS

-collection of data/information from internal/External sources -starting point of input processing output cycle(especially when processing accounting data) examples= -Source documents & data transcription -POS devices -plastic cards with magnetic strips -RFID -microcomputer input devices -MICR -biometric scanners -OCR -digital cameras -Audio input

System

-group of interacting parts or components that serve a common purpose INPUTS--> PROCESSES-->OUTPUTS

PARTS OF AN INFORMATION SYSTEM?

-input devices -processing -output devices -data storage

Computer Crime

-involves the manipulation of a computer or computer data to dishonesty -obtain money, acquire property or get some other advantage of value or to cause a loss

When is NEW AIS needed?

-late pmt of vendor invoices -late deliveries to customers -growth in inventories, accompanied by an in crease in stockouts -slowdown in inventory turnover -increased time in collecting receivables -late periodic reports -increasing length of time to close out books at end of period -concerns about cash flow & financial picture of org. -complaints about lack of information for decision making -worries about cash flow, taxes, profits

Computer Software

-operating systems -application software -programming languages

Primary Memory

-purpose is to store data and program instructions temporarily for immediate processing and execution -referred to as RAM or DRAM -a prime concern when matching hardware and software

Bluetooth

-short wave radio frequency to transmit over short distances

Middleware

-software that connects two otherwise separate applications link database system to a web server link 3rd party applications to database -term is used to describe separate products that serve as the glue between two applications

Computer Abuse

-unauthorized use, or access to, a computer -is punishable in extreme cases

POS Point of Sale Devices

-used to gather and record sales data electronically -bar code readers-UPC(universal product code)

ATM

...

MIPS

...

Viruses

1-Boot-sector viruses = hide in the boot sectors of a disk, where the operating system accesses them. 2-Worm viruses= replicate themselves until the user runs out of memory or disk space 3-Trojan Horse programs= reside in legitimate copies of computer programs. 4-Logic Bomb programs = remain dormant until the computer system encounters a specific condition.

Why is IT important to Accountants?

1-Compatible and support other components of AIS 2-Accountants help clients make software and hardware decisions/purchases 3-Auditors must evaluate computerized systems 4-To evaluate effectiveness and efficiency of existing systems 5-IT will effect how they work in the future 6-It is vital to passing most certification exams

Four Representative Computer Crimes Cases

1-Compromising Valuable Information: The TRW Credit Data Case 2-Computer Hacking: The Kevin D. Mitnick Case 3-Denial of service Through computer viruses Through computer worms 4-Manipulating Computer Files: The Equity Funding Corporation of America

Integrated Accounting Software Programs

1-FUNCTION 2-MODULES

CFAA Fraudulent Acts

1-Misappropriation of Assets: -Unauthorized theft, use, access, modification, copying, or destruction of software or data. -Theft of money by altering computer records or the theft of computer time. -Intent to illegally obtain information or tangible property through the use of computers. 2-Other Crimes -Use or the conspiracy to use computer resources to commit a felony. -Theft, vandalism, destruction of computer hardware. -Trafficking in passwords or other login information for accessing a computer. -Extortion that uses a computer system as a target.

Malware - Malicious software

1-Ransomware - A new kind of malware circulating on the Internet that freezes a computer and then asks for a ransom paid through Western Union Holdings Inc.'s money-transfer service. 2-Scareware - A popup telling viewers of legitimate web sites their computer has malware and offers to remove the malware for a fee.

Core Applications of ERP

1-Traditional (Back-Office) Financial Manufacturing Project Management Human Resources 2-Extended (Front-Office) Business Intelligence Customer Relation Management (CRM) Sales Force Automation Supply Chain Management (SCM) Product Life Cycle E-commerce

Type of Data Communication Networks

1.Wi-Fi -WAP -NFC -WEP -Bluetooth 2.Cloud Computing- Internet Services -software -data storage

Configuration

=is the process of making standard software fit your business. SAP, as an example, has: -Over 8000 configuration decisions -Data structuring - Sales divisions, distribution channels -Rewriting Code (Modifications) Not recommended because of compatibility problems when updated versions of the software are installed. -Customization - Writing code at SAP for specific users -Third-party software solutions

Computer Virus

A computer virus is a program that disrupts normal data processing and that can usually replicate itself onto other files, computer systems or networks

Adware

A form of spyware that displays pop-up ads embedded in the software. Sometimes based on the Internet viewing habits of the user.

ERP Architecture

Architecture -System Configuration Licensed Hosted in the "Clouds" -Centralized Database -Application Interface ERP system Third party -Best of Breed - Bolt-ons Legacy systems -Internet Portals - GUIs

ALU

Arithmetic Logic Unit -performs arithmetic tasks(addition/multiplication), as well as logic tasks

Client-Server Advantages

Client/server systems offer several advantages 1-substitute the inexpensive processing capabilities of microcomputer hardware and software for comparatively expensive mainframe or minicomputer processing capabilities, 2-reduce data communications time and costs, and 3-utilize thin-client systems.

Data Communications and Networks

Communication Channels and Protocols - Rules and standards that allow network users to communicate and share data -Modem -Integrated Services Digital Network (ISDN) -Digital Subscriber Line (DSL) -Data Communications Protocol

Growth in Computer Crime

Computer crime is growing because of -Exponential growth in computer resources -Users have more sophisticated computer and Internet knowledge -Step by Step instructions on Internet -Spending on computer controls has grown at a slower rate than spending on hardware -Continuing lax in security controls

ERP

Enterprise Resource Planning An ERP System is a core software program used by companies to coordinate information flow from all areas of the business and manage business processes. its LARGE, EXTENSIVE & EXPENSIVE -Provide all accounting functions -Interfaced with multiple functional areas of business -Manufacturing, Sales and Distribution, HR Applications -database programs with the following functions: Input Storage(Centralized Database) Processing/Retrieval Output -Integrated programs with a central database.(no data redundency) -Focus in real-time information -Modules center around business processes -Integration among major business processes -Popular Products Microsoft Dynamics SAP Oracle Sage MAS 500

Lack ofComputer-Crime Statistics

Good statistics on computer crime are unavailable because: 1-Laws do not require a company to report computer crimes 2-Private companies handle abuse internally 3-Surveys of computer abuse are often ambiguous 4-Most computer abuse is probably not discovered

LAN

Local Area Networks -A collections of computers, file servers, printers, and similar devices that are all located in a small area (e.g., the same building -often use a file servers for centralized data storage and application service -support e-mail -share printers, servers, and software -enable unlike computers to communicate

Secondary Storage Devices

Magnetic (hard) disks - -Direct Access Storage Device (DASD) -Internal and External Floppy Disks & Zip Disks CD and DVDs - ROM and RW Flash Memory - USB portable device Memory Sticks iPod, Blackberry

MICR

Magnetic Ink Character Recognition -magnetically-encoded on paper -pioneered by banking industry -machine and human readable -very flexible:documents of varying sizes, thickness, or width may be used DISADVANTAGES-the magnetic strength of the characters diminishes over time, makes it unreliable

NFC

Near Field Communication -based on RFID

OS

Operating Systems-enables software to work with hardware -Unix -Lunix -MS DOS (Disk Operating System) -MS Windows -Mac OSX

OCR

Optical Character Recognition -uses optical rather than magnetic readers -uses light sensing mechanisms and laser technology -both human and machine readable -computerized exams ex-scantrons

Protecting Systems

Organizational Control Procedures -Enlist top management -Increase employee awareness and education -Discourage free exchange of computer disks or external programs -Require strong passwords to limit unauthorized access -Recognize the symptoms of employee fraud Accounting irregularities such as forged, altered or destroyed input documents Behavioral or lifestyle changes in an employee Unreasonable anomalies that go unchallenged

Output Devices

Printers 1.Dot Matrix -Inexpensive, able to print "carbon copies" -Slow, low resolutions 2.Ink Jet -Higher print resolutions, color, inexpensive -Lower speed that Laser, single copies 3.Laser -High quality print, fast, multifunction (fax, copy, scan) -Expensive, single copies only

RFID

Radio Frequency Identification -used to manage inventory and gather sales data -transfers data via radio frequency -uses transponders(tags) and receivers *Originally used in military - now on merchandise, appliances, pets

RAM

Random Access Memory -consists of individual bytes, each capable of storing a single character data -RAM capacities are typically measured in gigabytes

RGB

Red, Green, Blue

Spyware

Software that aids in gathering information about a person or organization without their knowledge, by monitoring a persons conduct. (keyboard strokes)

Client-Server Dis-advantages

Some disadvantages are: (1) the problem of maintaining multiple copies of important databases on several servers, (2) the additional tasks required to keep server databases current, (3) more difficult backup and recovery, (4) increased difficulty when changing application software from one package to another, and (5) a potential need for greater user training.

Spear Phishing

Specific targets for phishing.

Client/Server Computing

User computers access programs and data from a central server.

Other Emerging Technologies

VOIP - Voice Over Internet Protocol GPS - Global Positioning Satellite Outsourcing Virtual Office/Mobile Technology Podcasting Blogs - Web Logs Social Networking

TRW Credit Data Case

Valuable information computer crime -The valuable information was computerized credit data. -Two key issues: 1.the propriety of the input information 2.the protection afforded both consumer and user in the accuracy and use of credit information

Output Devices cont.

Video Output -CRT(cathode ray tubes) -LCD(liquid crystal display) Multimedia-large amount of file storage Compression-MP3, DVD -Audio -Video -Graphics -Animation

Clients in SAP

What is a client? -A way to separate data in the system -In some ways, a separate database

WAN

Wide Area Networks -A network, larger than a LAN, that spans a regional, national, or global area. -Uses multiple communication channels - Internet. -May be dedicated for a specific purpose - ATM networks

WEP

Wired Equivalent Privacy- security algorithm for wireless network requires key code

WAP

Wireless Application Protocol -standard technology for mobile devices

WI-Fi

Wireless data communications

Script Kiddies

Young people who amuse themselves by seeing how many computers they can infect for fun and/or profit.

Botnet

a network of compromised machines that can be remotely controlled by an attacker

Bot

a type of computer program that can perform automated tasks

CD-ROM

compact disk-read only memory

Modem

modulator-demodulator

Moores Law

number of transistors on a chip doubles about every two years

PPM

pages per minute

Pixel

picture elements

Social Engineering

posing as bona fide employee