Accounting Systems and Information Assurance: Cashiering Pprocess

A scenario is provided below (Assessment Description) which is based on either the revenue or expenditure cycle). You will be expected to:

Construct a control plan that will include either control matrices or flow charts;

Provide a descriptive narrative for your control plan.

Introduction

The report has two major parts. In the first part, systems documentation of cashiering process of JK Saddlery is presented. There are three diagrams context, physical, and logical are developed and presented to depict the flow of information within the cashiering process of this firm. This shows how systems documentation is critical within a firm, as it is the roadmap that shows the design of the systems and the way they work. As each form of system documentation means a unique perspective of the business processes, the diagrams allow to have an overview of the external entities interacting with the system, as well as it is expanded to the internal entities through the creation of systems of interest, most known as physical DFD and the several activities related to the system of interest, or logical DFD (Considine B, 2012).

In the second part, risks in the cashiering process are identified and along with this, plan to control risk of cashiering process is also included. This is an extensive risk analysis which allows the identification of factors that may jeopardize the success of the firm as well as the option to implement several internal controls that could be applied to each specific business process, that will end up in the implementation of computerized information systems so although errors will not be totally elim

Overall, this report will analyse the process of cashiering to determine effectiveness in facilitating proper flow of accounting information within the organization.

Part A: Systems Documentation

1. Context and Logical Diagram of Cashiering Process at JK

Assumptions:

It is assumed that cashier uses manual and computerized system to communicate accounting information to the accounting department and bank. Accounting system is used to generate business receipts. Manual process is used by to maintain business receipts.

Assumptions:

• It is assumed that cashier generates business receipts from the accounting system and maintains receipts manually.

Part B: Risk analysis

1. Cashiering Process’s Risks

Several risks exist in the process of cashier at the JK Saddlery. The cashier is accountable to perform several duties at a time. The context and logical charts depict reporting cycle of the firm through which cashier reports different transaction of this business. The main objective of reporting cycle of this firm is to create and report data effectively. In this firm, cashier manages accounts receivables for providing financial data to the accounting staff. It is identified from the cashier process that it lacks adequate connectivity with database that may create risk of data manipulation and ineffective decision-making (Wang et al., 2014). Due to this, the whole process of cashiering may go wrong. The data in the cashiering process of this company does not flow adequnetly, which may affect the process quality and effectiveness.

Accounting staff of this company collects the payment receipt from the cashier without having connectivity to the database. Although, this information system for accounting function is critical for ensuing effective and organized record of the inventory level as each transaction is having stock ID, but at the same time, the proper system of recording and sharing data of revenue generation is absence and this may affect the effectiveness of cashier process of this firm. The absence of adequate database management system could affect ability of accounting staff to retrieve adequate accounting information regarding the revenue and to provide adequate information to the manager (Stair and Reynolds, 2013). This can affect the effectiveness of cashier process due to manuapltion in recording payment.

Paper reporting of this firm in some activities of cashiering process could cause risk of data manipulation. For example: if receipt of invoice and sales order disappears due to any reason such as fire, theftor any other reason that it may be difficult for this firm to get this valuable information again and it may cause major risk for the business. Apart from this, it is determined from the diagram of JK that the reporting cycle of this firm is inadequate to recognize each transaction effectively (Garrick and Gekler, 2013). There is an absence of proper information about the invoices that could lead to the legal risks for this company. Data manuapltion risk is likely to reduce the effectiveness of cashiering process of this firm. 

In accordance to law, it is mandatory for firms to report the source of all revenue during a financial year. Due to absence of receipt, it would be difficult for the accounting staff of this firm to show the source of income and it will definitely cause legal issues. Firm generates cash from the parcel of cheques. In absence of invoice number, cashier tries to identify right customer account and to allocate the cheque purchases. It may cause risk of wrong management of accounts receivables that could cause bad image of this firm (Senft et al., 2012). The absence of invoices will cause difficulties for this firm to meet important reporting requirements which would reduce accuracy in the cashiering process.

In the cashiering process of this firm, the information of cash and cheque receipts are generated by the cashier at several times and it may cause data redundancy. Data redundancy occurs when same data is recorded in several locations, which may cause inconsistency and unreliability in the data and the process of cashiering (Reynolds and Stair, 2015). In this way, the absence of accuracy and transparency identifies in the accounting system of this firm that may cause considerable risks for the cashiering process of this firm.

Control Plan for Addressing Risks

In order to address the risks of cashiering process of JK, it is critical to develop an internal control plan that involves all sorts of controls from preventive to detective and corrective, as it would be effective to regulate the cashiering process of this firm.

In the given situation, the risks in the cashiering process are likely to occur mainly due to the inadequate flow of information involving lack of accuracy, completeness authorisation, performance reviews, general controls and application controls (Romney et al., 2012). It is because information processing control would be more suitable control when the aim is to limit the risk. Detective, preventive and corrective controlling measures would be placed to identify, limiting and correcting errors and irregularities respectively in the process of recording, processing and sharing the information in the cashiering process of this firm (Wood et al., 2013). It would be effective to manage the data flow from its collection to distribution and to limit the possibilities of inaccuracy.

A complete computerised accounting information system (AIS) would be placed in the cashiering process to ensure invoice generation and collection via computer system rather than a manual process, this way the firm would incorporate application controls. Computerised AIS will help this firm to record each transaction of this business accurately and timely. It will offer paper less reporting of accounts receivables that may help this firm to provide right information to the accounting staff (Ma, 2011). It will be effective to increase efficiency of cashiering process.

For ensuring internal control through computerised AIS, some internal controls would be exercised in this firm. By taking security measures such as physical controls, clarifying and separating roles and responsibilities through the segregation of duties and authorisation, maintaining offsite backup with the proper user access protocol, increasing awareness for data security risks, standardizing data entry system and processing controls, ensuring proper documentation, and developing disaster recovery plan will be the measures to manage the accounting information flow within this organization (Romney et al., 2012). It would be effective to implement internal controls system in the cashiering process of this firm.

In addition to this, there could be some reasons such as incompetent management, judgment error, complicity, fraud, regulatory system, information technology and unexpected transaction due to which internal control system of this firm may fail to ensure accuracy and transparency in the flow of accounting information. This could affect ability of this firm to manage flow of accounting data within the different department (Moeller, 2013). For ensuing reliability in accounting information, key controlling frameworks such as Committee of Sponsoring Organizations (COSO) and Enterprise Risk Management Model (ERMM) can be used. In this firm, ERRM model will be used as it includes elements of COSO and also provides a more systematic framework to manage the risk in flow of data in the cashiering process (Moeller, 2016).

Similarly, Control Objectives for Information and Related Technologies (COBIT) framework will also be used to control quality of information systems which are established to ensure collection, storage, and communication of accounting information. Similarly, there are five principles of Trust Services Framework that would be applied in this firm to ensure system reliability for facilitating secure means of data flow. Security, confidentiality, availability, integrity of processing, and privacy are five main principles (Senft et al., 2012). This control plan will be established in this firm to address risk of cashiering process at JK.

Conclusion

It can be concluded from the analysis of cashiering process that recording and sharing of data related to the revenue lacks accuracy and transparency that causes risk of data manipulation and redundancy. It may cause legal and reputational risks for the firm. Internal control system could help this firm to ensure transparency and accuracy in the flow of accounting information. It will allow the firm to establish key controlling frameworks and activities for improving revenue reporting cycle effectively and effectiveness of information systems.

The case is a clear example of how the systems documentation should be used as a part of the business process and abides the Australian legislation in terms of adheretion to standards that show how the organisation operates through the indication of the different movement of data and its rational.

Moreover, it is stated that after a deep risk analysis, an accountant can easily identify the different paths of internal control implementation within the company, which will allow it to operate in a safer financial environment, with reliable data and how the success may be linked to a system well implemented.

References

Considine B, Parkes A, Olesen K, Bount Y &Speer D. (2012). Accounting Information Systems:Understanding business processes. Brisbane, QLD, Australia

Garrick, B. J., and Gekler, W. C. (Eds.). (2013) The analysis, communication, and perception of risk (Vol. 9). Germany: Springer Science & Business Media.

Ma, M. (2011) Communication Systems and Information Technology.Springer Science & Business Media.

Moeller, R.R. (2013) Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework (Vol. 639). USA: John Wiley & Sons.

Moeller, R.R. (2016) Brink's modern internal auditing: A common body of knowledge. USA: John Wiley & Sons.

Reynolds, G. W., and Stair, R. M. (2015) Principles of Information Systems.Course Technology Press.

Romney, M., Steinbart, P., Mula, J., McNamara, R. and Tonkin, T. (2012) Accounting Information Systems Australasian Edition. AU: Pearson Higher Education.

Senft, S., Gallegos, F. & Davis, A. (2012) Information Technology Control and Audit. Australia: CRC Press.

Stair, R. and Reynolds, G. (2013) Fundamentals of information systems. USA: Cengage Learning.

Wang, S. & Wang, H. (2014) Information Technology for Small Business: A Comprehensive Guide of Applications. USA: Universal-Publishers.

Wood, J., Brown, W. and Howe, H. (2013) IT Auditing and Application Controls for Small and Mid-Sized Enterprises: Revenue, Expenditure, Inventory, Payroll, and More (Vol. 573). USA: John Wiley & Sons.