Changing the Accounting Information System
29 Aug. 13
Table of Contents
Factors contributing accounting system failure
IBM is one of the most recognizable technology organizations in previous 100 years, and the company was established almost 100 years ago. The companies have to justify their systems with changing technology, and as the technology changes, the accounting information system requires changes also. The change in accounting system has emerged with the passage of time because of the regulations and the technology. The regulation changes the framework of the accounting standards, whereas the technology changes the ways in which the accounting information is initiated, maintained, and stored. The accounting information can be stored both manually and on the computerized system. The companies with manual systems are changing their accounting information systems to computerized information system. The accounting information system does not necessarily include the use of computer as the idea comes in mind with the word information technology. The computer has been used as a tool in the accounting information system, but it is not the fundamental driver in the accounting-information-system-framework.
The accounting system may be outdated, or not in proper compliance with the regulatory framework, which may be the cause of system failures, as these regulatory frameworks are based on the aggregate analyses of the failures of various companies such as Enron and other companies. The computerized accounting systems are useful as compared to the manual accounting system, and the company may require the changing of the manual accounting system to the computerized accounting system because of the increasing benefits. The computerized systems can be connected with the other computerized systems, whereas the manual systems cannot be connected to each other because of the distance.
The computerized system information can be virtually accessed from anywhere if the computer system has been connected with the internet. The lack of harmonization with the other companies for accounting system is the cause of the change of accounting system, companies older than 100 years ago have to face changes with the regulations, and the requirements of these regulations were the sources of bringing change in the system (OECD, 2002). The companies like IBM, which are about 100 years old, have had changes in their accounting systems because of the evolution of knowledge and the technology. The evolution of knowledge is subject based, whereas the evolution of technology is not subject based; as the electronic circuits are used in making computers, which have no relevance with the double entry book keeping. However, the electronic circuits are used in computers, which are used in the accounting information system, which provides the use of the electronic technology in the accounting system. Computerized systems bring harmonization in various organizations and the data can be compared with the computerized control of information. The purpose of bringing harmonization is however not achieved by using the computers in offices, but the harmonization is brought about by using the same standards for the accounting information system, which makes the information comparable to other companies, and this information becomes important sources for government authorities like tax authorities and the security exchange commission.
The IBM has considered connecting the research with the practice, and the modern research and the policies are applied and the accounting systems are changed with respect to research and regulations arising in contemporary time (Keegan). The IBM is famous for technology and innovation, therefore the company has also used this motive in bringing change in the accounting systems, and has brought the change in the accounting systems. The accounting system must be evaluated for the technology use, and for example the outdate use of software or hardware may cause licensing problems, therefore the company should take a decision to update or change the system.
The change in the accounting information system is not easy. If the accounting system is converted from manual accounting system to computerized accounting system, it will have much implication. The clerical work will be reduced and the nature of controls will be entirely changed, which can result in the increased risk, and this risk can cause the failure of the business. The nature of internal controls is the biggest challenge as the manual and computerized systems have the different level of expertise required. The manual systems require the expertise of accounting knowledge and the principles of accounting should be learned, also the knowledge of the drafting is necessary. The computer systems do not require the complete understanding of the accounting principles, but it requires the basic level knowledge and the data entering skills. The data entering skills let the person enter data in the accounting software, which automates the information to form the financial statements. The information is required to be initiated at earlier stage of the transaction, and this information can be processed by the computer itself without any arithmetical error.
In contrast to the manual systems, the arithmetical errors are not the problems or risks, but the implementation of the internal controls is the problem. The use of the computer for the accounting information system is paradoxical; it increases the efficiency and effectiveness of the company, but it also increases it vulnerability, and as much as the organization relies on the technology, the risks will be greater, and the extra risks must be mitigated by implementing internal controls (Turner & Weickgenannt, 2008). Organizations cannot transfer their responsibility for risk management to the third party, so the management of the company is responsible for risk prevention and the failure of the system.
The accounting system changes can be of two types, first one is related to the change of regulatory practices or the change of accounting policies, and the second is the change of accounting system because of the risk avoidance and the implementation of internal controls. The change in accounting polices requires a retrospective effect to be brought about. The accounting information is harmonized according to the past information so that it becomes comparable for the company itself, and for the other companies. The change of the accounting policies may be due to the requirement of the company, or the requirement of the accounting regulation.
The accounting regulation are changed with the passage of time, and the reason for the change is the evolution of knowledge, the circumstances of the corporations and the overall environment of the business in which the firms operates. Because of the frauds and misstatements, the regulators are tend to put stricter measures for bringing the whole business sector in a harmonized state such that the information is comparable with each other and most importantly the information is true and fair. The information must be true and fair and behind this, there are complex accounting calculations and regulations.
These accounting regulations drives the accounting system, for example the company may select inappropriate policy regarding the depreciation, and for this the company needs to check the International reporting standards, or the local reporting and accounting standards, if the such changes are not recommended, the company can implement them also if they are not restricted. However the valuation of assets requires the guidelines to be followed, and the company must value assets according the generally accepted accounting principles or the local regulations, and the compliance is necessary. The lack of compliance may result in over/undervaluation of the asset, which may affect the balance sheets of the company, and thus the nature of the information does not remain true and fair anymore, the information become manipulative and the true substance of the transactions can be hidden.
Computerized systems require a different array of controls. For example the computerized system can no t implement the traditional internal control of segregation of duties, the documents, invoices, or requisitions cannot be signed in a tradition way. The documentation can however be done on paper despite of the computer use, and the computerization does not mean that the company should avoid any type of paper work. The information from the computer can be printed and signed in case of authorization as in the case of requisitions, invoices or other documents.
The data stored on computer requires both the prevention form the physical access and the remote access. The physical prevention can be made by restricting access and enabling a single entrance to the system, where only authorized person should be allowed to enter. Companies cannot prevent the remote access in the case of computerized systems and for this; they have to rely on the application controls. The safety of data have two implementations required, one of which is the prevention from the deliberate and intentional efforts to access or hack the data, and the second is the maintenance of the data on computer is the most safest way.
Computer storage device is the most important equipment for storage in accounting information system, and the weather conditions, flood, or fire or any other casualty can cause damage to it; and it can result in permanent loss or damage to the system (Lin & Huang, 2011). The data can be stored on computer and it requires the safety controls to be implemented, these safety controls ensures that the data is kept safe at the organization and it has been prevented from the deliberate and the unintentional accidents. The unintentional accidents are more harmful than the deliberate access and the deliberate access or attack damages a particular area, and this can be detected, or it may remain undetected, but the unintentional accidents can entirely damage the data, in a way that the loss can exceed the loss expected from the deliberate access.
The chances of failures can be reduced by implementing the checks on the systems. These checks on the system prevent the risks to be happening and these checks are referred as the internal controls. The purpose of the internal controls is to prevent the company from the risks, and in these risks, the computerized-accounting-system risks are also included. Companies transfer their manual accounting systems to computerized accounting systems for various reasons and this includes the advantages, and the reason for using computerized accounting information is the instinct. The companies adopt the policies of the competitors, and to keep the company in competition, the competing companies adopt policies of their competitors. Many companies implement the changes to adopt the computerized systems because of the competitive environment, and the other factors are the contemporary trends and the harmonization. The companies have to transfer data when changes in the accounting systems occur and this migration can be made by transferring the existing ledges, customer information, the company information, and the expenses into the computerized system. The computerized system then centrally manages the information once put in the system, and it will not ask for the information again for two different tasks.
The computerized accounting information system will not ask for the data twice for different tasks; for making the income statement and the cash flow, the same initial data will be accessed by computer from the storage device, this retrieval of the information will be automatic, and the speed of retrieval will be several times as those of the manual systems. The migration of the data in the accounting system is the first step, however migrating data is not the catalyst for business opportunities; replacing the system requires customization according to the new system, but the existing data also needs to be transferred into new system (Eck, Gordijn, & Wieringa, 2009). The migration of the data will not bring new opportunities as it is expected after the computerization of the accounting systems. The new system will have different risks and the requirements will be different for the data operations and retrieval. The internal controls will be different and the regulations will be different. The retrieval of the data becomes easy and quick because of the computerized systems, but it has the risks related to the use of data for the purpose other than that for which it was collected. The confidential data of employees cannot be used by another employee and it must be kept confidential and used only for the intended purpose. The data protection acts have restricted the access of data by an unauthorized person for the unauthorized use.
The effective design is critical part for the accounting information system, and this allows different user to view the information from different sources, the standardization is necessary with the effective design for any system, and standardization allows the exchange of information and it prevents the increased/decreased load of information (Fortune & Peters, 2007). The computerized system can result in the failure, as the manual systems, but the difference between manual and computerized system will have a different implementation of controls required. The best practices are adopting the ethical and professional regulations as well as the implementation of internal controls. The internal controls can be implemented to prevent the risks, whereas the adopting the regulations reduces the legal risks, but also they are the good practices to reduce the risks indirectly related to the intentional and unintentional nature of the risks for the company.
The best practices for reducing failures are as follows
- Implementation of the internal controls
- Setting up the internal audit department
- Ensuring the independency of the internal audit department
- Adopting the compliance guidelines set by regulators such as Sarbanes Oxley act compliance
- Adopting accounting policies according to GAAP
The internal controls are the basic checks for the company, and they prevent malpractices, which reduce related to recording the transactions and the other risks such as the risk of fraud, natural hazard, or crime. The losses occurred due to unintentional act such as error or accidents are more than those occurred due to intentional misdeeds, therefore the company should implement the controls that do not only prevent from the crimes but also from innocent errors and omissions (Gelinas, Dull, & Wheeler, 2002). The balanced approach for the controls should be used, and both the risks of frauds, natural hazards, and errors should be reduced.
The internal audit department ensures the implementation of internal controls, and this department sets the rules for the internal controls. The internal audit department also check and asses the transaction system and asses any existing or future fraud chances. The internal l audit department should monitor and evaluate the internal controls regularly.
The independency is necessary for both the internal and external audit, and is the requirement of the Sarbanes Oxley act and other regulation for corporate practices. The independency can be sustained by setting further committees such as audit committee, remuneration committee etc.
Adopting regulation according to the contemporary regulation is necessary and for both aspects of the accounting and technological aspects. The accounting obsolescence does not occur overnight, however it occurs when the corrective measures does not seem to help (InformationResourcesManagementAssociation, 1997). The latest regulation must be accepted to reduce the legal and corporate risks.
The accounting information system must adopt the policies and the rules set by the GAAP. For implementing GAAP, the countries usually adopt the guidelines set by GAAP or entirely adopt the GAAP systems and tailor it according to the local requirements. The compliance of the GAAP policies ensures the harmonization and any consequence of the legal risks as well as the audit and accountancy risks.
The financial management systems should be implemented according to the generally accepted practices. The compliances ensure the harmonization, and in this way the company can manage the risks in the way the other companies manages their risks. The standardized procedures are also the requirement of the government authorities and so the legal concern is also the critical factor, but the legal concern may not be applicable for all companies. The companies such as private companies or partnerships are not required to meet the legislation such as the Sarbanes Oxley Act, as they are not listed on the stock exchange, but these companies can implement these regulations to adopt the ethical practices and to reduce the risks. The adoption of the risk management strategy for the successful companies is a useful way to utilize the existing knowledge.
Weakness in computer security possess potential capability to affect the application controls related to the financial management system, the physical environment should be in compliance with the Sarbanes Oxley Act and the control measures should be implemented (Hall, 2010). The difference between the computerized system and the manual systems should be understood and the guidelines related to the computerized accounting systems should be implemented. The application controls can prevent the company form the virus or the unauthorized access, and for this, the internal controls must be in place to reduce the risks. The internal controls should be implemented system-wide, and the risk assessment should be carried out.
The risks assessment should be carried out, and for the risk assessment, understanding the particular nature of the business is necessary, and as the knowledge of the business nature is increased, the risk assessment is likely to be more effective. The implementation of the control is a critical factor, but it is incomplete without the effective working of these controls. If the internal controls do not work effectively it may mean that the internal controls do not exist anymore, therefore the internal controls should be monitored regularly and independently.
Those businesses with the e commerce should perform risk inventory test to determine the place of weakness and it includes identifying the business units and partners also, with which the sensitive information is shared (Gunasekaran, 2007). The company should adopt the risk prevention policies and the risks related to the suppliers should be considered. The risks in this case can also come arise from the outsourcing of a task or function, where the responsibility was not transferred. The companies outsource their functions such as the accounting functions, but the companies can no transfer their responsibility for preventing the relevant risks, for which they are inherently responsible, and this may occur in the case of outsourcing the accounting function. If any even related to the fraud or the concealment occur, the company will be ultimately responsible, not the supplier of the accounting services. So the companies outsourcing their computerized systems, or the accounting function should consider the risks related to the supplier, and must make a strategy related to the mutual control of the risks.
Eck, V. P., Gordijn, J., & Wieringa, R. W. (2009). Advanced Information Systems Engineering: 21st International Conference, CAiSE 2009, Amsterdam, The Netherlands, June 8-12, 2009, Proceedings. Springer.
Fortune, J., & Peters, G. (2007). Information Systems: Achieving Success by Avoiding Failure. John Wiley & Sons.
Gelinas, U. J., Dull, R. B., & Wheeler, P. R. (2002). Accounting Information Systems. Cengage Learning.
Gunasekaran, A. (2007). Modeling and Analysis of Enterprise Information Systems. Idea Group Inc (IGI).
Hall, J. A. (2010). Accounting Information Systems. Cengage Learning.
InformationResourcesManagementAssociation. (1997). Managing Information Technology Resources and Applications in the World Economy: Proceedings of the 1997 Information Resources Management Association International Conference Vancouver, B.C., Canada. Idea Group Inc (IGI).
Keegan, M. J. (n.d.). IBM Center for The Business of Gpvernment. Retrieved Aug 28, 2013, from businessofgovernment.org: http://www.businessofgovernment.org/article/managing-finances
Lin, S., & Huang, X. (2011). Advances in Computer Science, Environment, Ecoinformatics, and Education, Part V: International Conference, CSEE 2011, Wuhan, China, August 21-22, 2011. Proceedings. Springer.
OECD. (2002). Models of Public Budgeting and Accounting Reform Volume 2 Supplement 1: Volume 2 Supplement 1. OECD Publishing.
Turner, L., & Weickgenannt, A. (2008). Accounting Information Systems: Controls and Processes. John Wiley & Sons.