ACCOUNTING 307
Dumb Fraudsters
-Replacing Pin Pads -Reality Check -Ebay, No Way -Doctoring Credit -Extended Stupidity -Happiest Fraud Victim Ever
Methods Used to Obtain Your Personal Data
-Shoulder surfing -Dumpster diving -Applications for "preapproved" credit cards -Key logging software -Spam and other e-mails
Mid-Range and Larger System Accounting Software
-Utilization Transaction processing needs grow Volume and complexity -Popular Software Packages Microsoft Dynamics GP SAP Business One Epicor Sage software's MAS 90, MAS 200, Everest, and Accpac -Cost Considerations Range from $2,000 to over $300,000 Purchase from Value Added Reseller (VAR) -Features Multi-currency transactions Currency conversions Various modules and interfaces (CRM, HR) Deployment options (desktop, web-browser) Hosted solutions
CPU
Central Processing Unit -Micro processor -primary memory -cache, RAM, ALU, Control Unit processes data to be valuable to decision makers-term used interchangeably with computer
Worm
write once read many
DPI
dots per inch
Phishing
fishing for personal information such as credit card, bank account or social security numbers
Warez groups
groups of Internet users who illegally distribute copyrighted materials online.
Scraping
harvesting personal information from social networking, resume and online forums cites where people discuss their personal life.
Torpedo
software a spyware company uses to delete a competitors software from the target computer
SOURCE DOCUMENTS and DATA TRANSCRIPTION
source document= starting point for collecting accounting data -manual documents(time cards, sales invoice, packing slips) -must be transcribed into machine readable media DATA TRANSCRIPTION -costly, inefficient, labor intense -non-productive, prone to human error -good audit trial
Salami Technique
stealing small amounts of money from many accounts over a long period of time.
Podslurping
using small portable devices (like an iPod) to such massive amounts of valuable data from company systems.
Clickjacking
"Hijacking" a link on a web site so that clicking the link on a graphic or icon that is visually seen actually moves the viewer to something the attacker wants them to see
Sales Organization
-A sales organization is responsible for negotiating sales conditions and distributing goods and services. -It represents the top organizational level to which you sum sales figures. --There must be at least one sales organization defined --A sales organization is assigned to only one company code. --More than one sales organization can be assigned to a company code.
Integrated Accounting Software Programs -Features
-Can handle multiple companies and users -Has audit trails -Has budgeting capability -Provides cash-based and accrual-based accounting options -Can print checks and invoices -Can customize financial reporting -Has E-commerce features -Has tools for financial analysis -Can generate graphic reports -Can manage the inventory -Can handle recurring journal entries -Accommodates business growth -Can provide variance analysis.
Robert T. Morris and the Internet Virus
-Created one of the world's most famous compute viruses. (Morris Worm 1988). -Original intent was to gauge the size of the internet. -Became first person to be indicted under the Computer Fraud and Abuse Act of 1986 - 3 years probation and community service work. -This case illustrates vulnerability of networks to virus infections
Master Data
-Data that is relatively stable -Master Data is centrally stored (shared across application modules) and is processed to eliminate data redundancy. -When creating business transactions (like a sales order) the system copies information from master data. Three kinds of master data are critical to sales order processing: 1-Customer - Shared with FI/CO 2-Material - Shared with MM and PP 3-Pricing ex-- Materials, Customers, Vendors
Transaction Data
-Data that is relatively temporary -Stored at various stages of a business process ex-Customer orders, purchase orders, production orders, customer payments
SAP
-Designed in 1972 by 5 former IBM systems analysts in Germany. -Based on the idea of modular software Individual programs Purchased, installed, and run separately Extract data from one common database -can use a number of database programs to actually store the data -open architecture -Based on a 3 Tier Client-Server Technology user PC--> application server--> database server
Ethical Behavior
-Ethics is a set of moral principles or values. -Ethical behavior involves making choices and judgments that are morally proper and then acting accordingly. -Ethics can govern and organization as well as individuals.
Preventing Viruses
-Firewalls limit external access to a company's system -Antivirus software scans computer disks for virus-like coding cleanse computer systems already infected;
Cost of Enterprise System
-Hardware -Software -Training -Technical -Business processes -Data conversion -Interfaces and customization -Professional services -Reassigned employees -Software maintenance -Software upgrades
ERP System Developers
-Have responded to customer demands for Reduced complexity In-house technical support Expense -By changing their architecture to include Portals Exchanges Mobile Access Rapid implementation by less customization Industry customization Middleware to implement "Best of Breed" modules
Data Warehouse
-Historical data are collected from all facets of the organization (and possibly from 3rd parties). -Often used in Data Mining: Artificial Intelligent methods Identify trends, patterns, and relationships in the data Help organizations make predictions
Ethical Issues
-Honesty -Protecting Computer Systems -Protecting Confidential Information -Social Responsibility -Rights of Privacy -Acceptable Use of Computer Hardware and Software
Small Business Accounting Software
-Information Needs of Small Business Owners Cash Flows Evaluating Profitability -Features Reports Internet Connectivity Scalability
The Kevin D. Mitnick Case
-Kevin D. Mitnick in 1995 was the FBI's most wanted computer hacker. -Hackers are people who break into the computer files of others for fun or personal gain. -Began as a group of high school hackers. -At age 31 was he caught. -He had hacked into a supercomputer in San Diego and stole 20,000 credit card numbers -Sentenced under the Patriot Act of 2001 - 4 Years in Jail -Now a Computer Security Consultant
The Equity Funding Case
-Landmark case of computer crime. -Control procedures extremely lax - company maintained an open shop. -Analysis: *Insurance industry learned how easily computers can create bogus insurance policies. *IS personnel learned importance of computer security. *Court litigation taught auditing profession that ineffective audit techniques were not an adequate legal defense against charges of negligence.
MODULES
-Organizes transaction processing in modules -Provides links between modules -Include Accounts Receivable, Accounts Payable, Inventory, and Payroll
Electronic Input Devices
-POS devices -plastic cards with magnetic strips -RFID -microcomputer input devices-keyboard,PDA, -MICR -biometric scanners-voice, iris, finger prints -OCR -digital cameras-personal SPY cameras -Audio input
Importance of secondary storage
-Primary Memory volatile memory lost electrical power, lost memory -Secondary Memory mass storage or Auxiliary storage maintain data in permanent files
FUNCTION
-Process all types of accounting transactions -Transactions affecting general and special journals
Benefits of Enterprise System
-Reduced inventory investment -Improved asset management -Improved decision-making -Resolved data redundancy and integrity problems -Increased flexibility and responsiveness -Improved customer service and satisfaction -Global and supply chain integration
Microprocessor
-a component with miniaturized transistors on a single circuit that executes instructions and manipulates data -speeds are measured in gigahertz(GHz) which is the number of pulses per second of the systems timing clock ALU and Control Unit
Cache Memory
-a fast buffer memory that facilitates data transfer between primary memory (RAM) and processor -can be accessed more quickly by the microprocessor than the primary memory can be accessed
The Computer Fraud and Abuse Act (CFFA) of 1986
-amended in 1994-1996 -Defines computer fraud as an illegal act for which computer technology is essential for its perpetration, investigation, or prosecution. -Legislatures have difficult time keeping up with computer crimes and abuse. -Defines seven fraudulent acts
INPUTS
-collection of data/information from internal/External sources -starting point of input processing output cycle(especially when processing accounting data) examples= -Source documents & data transcription -POS devices -plastic cards with magnetic strips -RFID -microcomputer input devices -MICR -biometric scanners -OCR -digital cameras -Audio input
System
-group of interacting parts or components that serve a common purpose INPUTS--> PROCESSES-->OUTPUTS
PARTS OF AN INFORMATION SYSTEM?
-input devices -processing -output devices -data storage
Computer Crime
-involves the manipulation of a computer or computer data to dishonesty -obtain money, acquire property or get some other advantage of value or to cause a loss
When is NEW AIS needed?
-late pmt of vendor invoices -late deliveries to customers -growth in inventories, accompanied by an in crease in stockouts -slowdown in inventory turnover -increased time in collecting receivables -late periodic reports -increasing length of time to close out books at end of period -concerns about cash flow & financial picture of org. -complaints about lack of information for decision making -worries about cash flow, taxes, profits
Computer Software
-operating systems -application software -programming languages
Primary Memory
-purpose is to store data and program instructions temporarily for immediate processing and execution -referred to as RAM or DRAM -a prime concern when matching hardware and software
Bluetooth
-short wave radio frequency to transmit over short distances
Middleware
-software that connects two otherwise separate applications link database system to a web server link 3rd party applications to database -term is used to describe separate products that serve as the glue between two applications
Computer Abuse
-unauthorized use, or access to, a computer -is punishable in extreme cases
POS Point of Sale Devices
-used to gather and record sales data electronically -bar code readers-UPC(universal product code)
ATM
...
MIPS
...
Viruses
1-Boot-sector viruses = hide in the boot sectors of a disk, where the operating system accesses them. 2-Worm viruses= replicate themselves until the user runs out of memory or disk space 3-Trojan Horse programs= reside in legitimate copies of computer programs. 4-Logic Bomb programs = remain dormant until the computer system encounters a specific condition.
Why is IT important to Accountants?
1-Compatible and support other components of AIS 2-Accountants help clients make software and hardware decisions/purchases 3-Auditors must evaluate computerized systems 4-To evaluate effectiveness and efficiency of existing systems 5-IT will effect how they work in the future 6-It is vital to passing most certification exams
Four Representative Computer Crimes Cases
1-Compromising Valuable Information: The TRW Credit Data Case 2-Computer Hacking: The Kevin D. Mitnick Case 3-Denial of service Through computer viruses Through computer worms 4-Manipulating Computer Files: The Equity Funding Corporation of America
Integrated Accounting Software Programs
1-FUNCTION 2-MODULES
CFAA Fraudulent Acts
1-Misappropriation of Assets: -Unauthorized theft, use, access, modification, copying, or destruction of software or data. -Theft of money by altering computer records or the theft of computer time. -Intent to illegally obtain information or tangible property through the use of computers. 2-Other Crimes -Use or the conspiracy to use computer resources to commit a felony. -Theft, vandalism, destruction of computer hardware. -Trafficking in passwords or other login information for accessing a computer. -Extortion that uses a computer system as a target.
Malware - Malicious software
1-Ransomware - A new kind of malware circulating on the Internet that freezes a computer and then asks for a ransom paid through Western Union Holdings Inc.'s money-transfer service. 2-Scareware - A popup telling viewers of legitimate web sites their computer has malware and offers to remove the malware for a fee.
Core Applications of ERP
1-Traditional (Back-Office) Financial Manufacturing Project Management Human Resources 2-Extended (Front-Office) Business Intelligence Customer Relation Management (CRM) Sales Force Automation Supply Chain Management (SCM) Product Life Cycle E-commerce
Type of Data Communication Networks
1.Wi-Fi -WAP -NFC -WEP -Bluetooth 2.Cloud Computing- Internet Services -software -data storage
Configuration
=is the process of making standard software fit your business. SAP, as an example, has: -Over 8000 configuration decisions -Data structuring - Sales divisions, distribution channels -Rewriting Code (Modifications) Not recommended because of compatibility problems when updated versions of the software are installed. -Customization - Writing code at SAP for specific users -Third-party software solutions
Computer Virus
A computer virus is a program that disrupts normal data processing and that can usually replicate itself onto other files, computer systems or networks
Adware
A form of spyware that displays pop-up ads embedded in the software. Sometimes based on the Internet viewing habits of the user.
ERP Architecture
Architecture -System Configuration Licensed Hosted in the "Clouds" -Centralized Database -Application Interface ERP system Third party -Best of Breed - Bolt-ons Legacy systems -Internet Portals - GUIs
ALU
Arithmetic Logic Unit -performs arithmetic tasks(addition/multiplication), as well as logic tasks
Client-Server Advantages
Client/server systems offer several advantages 1-substitute the inexpensive processing capabilities of microcomputer hardware and software for comparatively expensive mainframe or minicomputer processing capabilities, 2-reduce data communications time and costs, and 3-utilize thin-client systems.
Data Communications and Networks
Communication Channels and Protocols - Rules and standards that allow network users to communicate and share data -Modem -Integrated Services Digital Network (ISDN) -Digital Subscriber Line (DSL) -Data Communications Protocol
Growth in Computer Crime
Computer crime is growing because of -Exponential growth in computer resources -Users have more sophisticated computer and Internet knowledge -Step by Step instructions on Internet -Spending on computer controls has grown at a slower rate than spending on hardware -Continuing lax in security controls
ERP
Enterprise Resource Planning An ERP System is a core software program used by companies to coordinate information flow from all areas of the business and manage business processes. its LARGE, EXTENSIVE & EXPENSIVE -Provide all accounting functions -Interfaced with multiple functional areas of business -Manufacturing, Sales and Distribution, HR Applications -database programs with the following functions: Input Storage(Centralized Database) Processing/Retrieval Output -Integrated programs with a central database.(no data redundency) -Focus in real-time information -Modules center around business processes -Integration among major business processes -Popular Products Microsoft Dynamics SAP Oracle Sage MAS 500
Lack ofComputer-Crime Statistics
Good statistics on computer crime are unavailable because: 1-Laws do not require a company to report computer crimes 2-Private companies handle abuse internally 3-Surveys of computer abuse are often ambiguous 4-Most computer abuse is probably not discovered
LAN
Local Area Networks -A collections of computers, file servers, printers, and similar devices that are all located in a small area (e.g., the same building -often use a file servers for centralized data storage and application service -support e-mail -share printers, servers, and software -enable unlike computers to communicate
Secondary Storage Devices
Magnetic (hard) disks - -Direct Access Storage Device (DASD) -Internal and External Floppy Disks & Zip Disks CD and DVDs - ROM and RW Flash Memory - USB portable device Memory Sticks iPod, Blackberry
MICR
Magnetic Ink Character Recognition -magnetically-encoded on paper -pioneered by banking industry -machine and human readable -very flexible:documents of varying sizes, thickness, or width may be used DISADVANTAGES-the magnetic strength of the characters diminishes over time, makes it unreliable
NFC
Near Field Communication -based on RFID
OS
Operating Systems-enables software to work with hardware -Unix -Lunix -MS DOS (Disk Operating System) -MS Windows -Mac OSX
OCR
Optical Character Recognition -uses optical rather than magnetic readers -uses light sensing mechanisms and laser technology -both human and machine readable -computerized exams ex-scantrons
Protecting Systems
Organizational Control Procedures -Enlist top management -Increase employee awareness and education -Discourage free exchange of computer disks or external programs -Require strong passwords to limit unauthorized access -Recognize the symptoms of employee fraud Accounting irregularities such as forged, altered or destroyed input documents Behavioral or lifestyle changes in an employee Unreasonable anomalies that go unchallenged
Output Devices
Printers 1.Dot Matrix -Inexpensive, able to print "carbon copies" -Slow, low resolutions 2.Ink Jet -Higher print resolutions, color, inexpensive -Lower speed that Laser, single copies 3.Laser -High quality print, fast, multifunction (fax, copy, scan) -Expensive, single copies only
RFID
Radio Frequency Identification -used to manage inventory and gather sales data -transfers data via radio frequency -uses transponders(tags) and receivers *Originally used in military - now on merchandise, appliances, pets
RAM
Random Access Memory -consists of individual bytes, each capable of storing a single character data -RAM capacities are typically measured in gigabytes
RGB
Red, Green, Blue
Spyware
Software that aids in gathering information about a person or organization without their knowledge, by monitoring a persons conduct. (keyboard strokes)
Client-Server Dis-advantages
Some disadvantages are: (1) the problem of maintaining multiple copies of important databases on several servers, (2) the additional tasks required to keep server databases current, (3) more difficult backup and recovery, (4) increased difficulty when changing application software from one package to another, and (5) a potential need for greater user training.
Spear Phishing
Specific targets for phishing.
Client/Server Computing
User computers access programs and data from a central server.
Other Emerging Technologies
VOIP - Voice Over Internet Protocol GPS - Global Positioning Satellite Outsourcing Virtual Office/Mobile Technology Podcasting Blogs - Web Logs Social Networking
TRW Credit Data Case
Valuable information computer crime -The valuable information was computerized credit data. -Two key issues: 1.the propriety of the input information 2.the protection afforded both consumer and user in the accuracy and use of credit information
Output Devices cont.
Video Output -CRT(cathode ray tubes) -LCD(liquid crystal display) Multimedia-large amount of file storage Compression-MP3, DVD -Audio -Video -Graphics -Animation
Clients in SAP
What is a client? -A way to separate data in the system -In some ways, a separate database
WAN
Wide Area Networks -A network, larger than a LAN, that spans a regional, national, or global area. -Uses multiple communication channels - Internet. -May be dedicated for a specific purpose - ATM networks
WEP
Wired Equivalent Privacy- security algorithm for wireless network requires key code
WAP
Wireless Application Protocol -standard technology for mobile devices
WI-Fi
Wireless data communications
Script Kiddies
Young people who amuse themselves by seeing how many computers they can infect for fun and/or profit.
Botnet
a network of compromised machines that can be remotely controlled by an attacker
Bot
a type of computer program that can perform automated tasks
CD-ROM
compact disk-read only memory
Modem
modulator-demodulator
Moores Law
number of transistors on a chip doubles about every two years
PPM
pages per minute
Pixel
picture elements
Social Engineering
posing as bona fide employee