inft6500 group 1 assginment 4
DESCRIPTION
inft6500TRANSCRIPT
ACCOUNTING INFORMATION SYSTEMS
INFT6500 Assignment 4Group 1
Table of Contents
Executive summary.........................................................................................................................3
Implementation Strategy................................................................................................................3
Testing Strategy..............................................................................................................................3
Testing Range.............................................................................................................................3
Testing Data................................................................................................................................3
Testing Examples of Test Data....................................................................................................3
Testing Method..........................................................................................................................3
Test Evaluation...........................................................................................................................3
System Controls..............................................................................................................................3
Post Implementation Review..........................................................................................................3
Bibliography....................................................................................................................................3
Executive summary
In previous reports the system of Enterprise Resource Planning (ERP) was recommended as it
was suitable for further development and improvement of Maria’s Aquariums. Following the
theoretical supposition, this report discusses the implementation plan that is needed to check
how well ERP could be used in practice.
The first part describes the possible implementation strategy for the use of ERP. It provides the
manner that the company should have after using this system. Secondly it makes predictions
about the problems that are in risks of happening, and ways to manage these issues.
The following part illustrates the testing strategy for the implementation of the system. The
purpose is to ensure that ERP is able to perform accurately and meet all requirements of
customers. Examples of test data are provided and also take the process to prove that the
testing has worked.
The third part composes of system controls which will be implemented in ERP. It details all
necessary controls for possible issues to discuss the way of minimizing negative effects
generated from these problems.
For the last section post implementation review strategy is given to check whether the new
system functions as expected, and gives the possible outcomes of the review.
Implementation Strategy
Although ERP is expected to be a good way for the high working efficiency as well as a barrier
remover for further development of Maria’s Aquariums, there are still plenty of things to
consider when it is implemented in practice. A well throughout implementation strategy is
necessary as it will set a well-designed routine for the solutions of possible issues predicted
during the implementation.
It has been concluded that the use of ERP will generally change the way the business is operated
by adopting computerized system in the operation of customer service, stock taking, central
management control as well as the payroll system, etc. However it could only actually take place
when it is well operated by related employees, which comprises the first important factor of
implementation strategy: the training of staffs and a proper supporting system.
Barriers may exist for employees to accept the new system and get familiar with the changed
operation procedure in a limited time, especially for those who are not able to use computers,
and who are reluctant to change the way they work. Different levels of training schedule should
be planned by firstly assuring the new system is well grasped by leaders such as stock managers.
The task of second level is to ensure related staffs to control the knowledge of the new system
whether through general courses or person to person teaching.
In order to gain the confidence of employees in adapting to the new system, a convenient
access for them to seek help once got an operation problem should be constructed. Distance
technical support should be provided through email, telephone or any other ways to be
considered. This will for the most part help accelerate the training process which should be
under a pre-setting plan.
The second factor to be considered is provision of hardware facilities, which are vitally
important for the system to take place. This could include new computers, and before the use
they are supposed to be installed with the new system. Besides, all data necessary needs to be
constructed properly by selected persons before the new system is ready to be promoted.
During the process the limitation of data access should be noticed, but the whole input process
also takes time thus the task needs to be managed and distributed well.
Another implementation strategy is out of the fact that issues could happen when the system
came across error which definitely needs preventive measures. The construction of a
professional technical support team is a possible solution to the problem. Responsibilities of
system maintenance, problem analysis and designing of corresponding correction should be laid
on the team. Furthermore, the company is supposed to backup important data periodically. As a
necessity for all computerized systems, it is vital in keeping the security of database as well as
the smooth maintenance even when serious error is made.
The use of ERP fundamentally change the way of the business, and for certain areas in the
company change of positions for staffs is a measure that has to be taken, which will be followed
by new allocation of responsibilities. A thorough consideration should be taken to make a good
arrangement for newly set positions. Responsibilities are supposed to be clearly laid on
appointed persons. It also worth mentioned that the personnel changes could lead to strong
reaction in the company, especially for small business. The owner has to make professional
judgment about it, and also to handle the situation to minimize dispute. The owner of the
business needs to consider the level of access to database for different level of staffs in the
company, so that it keeps the data from risks of being stolen, changed, and manipulated.
Testing Strategy
ERP is implemented into Maria’s Aquariums to meet is daily account data recording needs and
keep up to date with its normal business operations. ERP should be tested to ensure whether it
performs to expected requirements. Failure to conduct testing in new implemented software
likely to result with on-going maintenance, loss of normal business activity and credibility and
loss of revenue if have to recall the product or switch to other accounting product. Therefore,
testing strategy including quality, functional coverage, risks, constraints, range of tests and
minimum requirement standard must be performed and evaluated.
Testing strategy begins with different testing stages consists of 4 phases: (Romney and
Steinbart, 2012)
1. Unit testing or Module testing: which is the test that divides each part of the tested
software and present that each individual part is accurate before it is correlated with
other software.
2. Integration Testing: which the test that verifies the software interface relationship
between tested unit and other system software and ensure it work accurately that the
data in the unit is process correctly as expected.
3. System testing: which it involves testing the overall system to ensure the system meets
both environmental and technical needs of the client or customer.
4. Acceptance testing: which is the last stage in the test process that ensures software
meets with the business requirements and objectives and works correctly. This process
is done under testings by customers without professionals and works out how the new
system of fitting into their business.
Firstly, unit testing/module testing is performed by system programmers to conduct test against
his or her own software to see if the software designed is working as originally expected. Data
gathered in unit testing stage will get correlated or integrated along with other software as a
complete set of testing data.
Secondly, gathered data set will be tested in the integration testing stage. The first two stages
will focus on testing quality and effectiveness of software compare to originally expected
performance.
Thirdly, system testing is testing stage on all function of implemented software in ensuring the
software is performed as originally expected.
Fourthly, acceptance testing is test on software whether it satisfies the requirements for the
customer business operation on usability, procedures and functionality.
Maria’s Aquariums has decided to implement ERP into its business to take over current half-
manual system in needs of keeping up to date with normal business operation and data
recording. The testing stage for Maria’s Aquariums would start in third stage of system testing
and acceptance testing because ERP is complete accounting software that has been
implemented and past first two stages of unit and integration testing.
Testing Range
Software functions needed to be tested in Maria’s Aquariums are:
Customer card information - on details, buying record, payment amount.
Stock system - on management, ordering new stock, stock level.
Barcode system
Payroll system – timesheet procedure, staff wage and weekly working hours.
Price book – update of price book, purchase price and selling price.
Accounting/bookkeeping – account payable procedure, receivable allocation.
Security and backup – backup daily or weekly on recorded accounting data, recovery
availability and logon password system
Testing Data
To determine whether new implemented system is performing accurately, test using a test bank
which will get preloaded with the implemented system and using this data in testing execution
cases. Test data would include employee, stock level, ordering and delivering transaction and
customer payment cycle transaction. With increasing number of data testing, real situation of
the system software will reflects on potential business operation on effectiveness and efficiency.
Sample of 12 employees at different fish store, each employee data record include employee
identification number, name, sex, DOB, bank account detail, role at store, working location and
wages.
ID Name Sex D.O.B. Bank Account Role Location Wage Rate
10001 David Smith M 17/01/1980 111-111 Storeman Wollongong $20.5010002 Joe Challita M 9/08/1970 222-222 Manager Chatswood $26.0010003 John Maden M 10/11/1989 333-333 Sales Chatswood $19.5010004 Erin Kero F 27/09/1990 444-444 Counter Gosford $17.0010005 Fab Alessi M 13/05/1978 555-555 Storeman Gosford $22.5010006 Boris Sander M 9/10/1965 666-666 Manger Wollongong $27.0010007 Keyvan Shiri M 23/05/1976 777-777 Sales Gosford $20.0010008 Nicole Sun F 30/08/1986 888-888 Counter Chatswood $16.5010009 Fiona Ibrihim F 10/03/1992 999-999 Counter Wollongong $17.0010010 Alex Walker M 26/11/1984 000-000 Sales Wollongong $18.0010011 Tim Chang M 18/07/1988 101-101 Storeman Chatswood $21.0010012 Matthew Sun M 16/12/1977 102-102 Manager Gosford $26.00
Sample of data record for stock level at each fish store branch, include stock ID, stock name, stock level, branch, cost price and sale price
(Branch: G=Gosford, W=Wollongong, C=Chatswood)
Stock ID Stock Name Stock Level Branch Cost Price Sale Price
100011 Ryukin 70 G,W, C $23.00 $50.00100012 Lionhead 43 G, W $20.00 $45.00
100013 Fantail 63 G,W, C $7.00 $15.00100014 Pearl Scale 20 C $10.00 $20.00100015 Telescope Eye 97 G, C $7.00 $10.00100016 Oranda 8 C $25.00 $50.00100017 Black Moore 32 G,W, C $10.00 $15.00100018 Comet 73 G,W, C $3.00 $5.00100019 Shubukin 27 G, C $13.00 $20.00
Ordering and Delivering Transaction, include order ID, order branch, date, staff, status, payment
and receipt number.
Order ID Order Branch Date Staff Status Payment Receipt
100011 Gosford15/08/201
3 10012 Complete EFT1000011100
1
100012 Wollongong20/08/201
3 10006 Complete Cash1000011100
2
100013 Gosford17/09/201
3 10012 Complete Cheque1000011100
3
100011 Chatswood20/09/201
3 10002 Complete EFT1000011100
4
100013 Gosford20/10/201
3 10012 Pending - -
100018 Wollongong20/10/201
3 10006 Complete Cheque1000011100
5
100014 Chatswood21/10/201
3 10002 Pending - -
100014 Chatswood21/10/201
3 10002 Complete EFT1000011100
6
Customer Payment Transaction, include customer ID, stock, quantity, sale price, payment type
and amount paid.
Customer ID Stock Quantity Sale Price Payment Type Amount
10110 Ryukin 5 $50.00 Cash $250.0010111 Comet 10 $5.00 EFT $50.0010112 Lionhead 3 $45.00 Cash $135.0010113 Ryukin 2 $50.00 EFT $100.0010114 Fantail 7 $15.00 EFT $105.0010115 Fantail 5 $15.00 Cash $75.0010116 Telescope Eye 13 $10.00 EFT $130.00
10117 Black More 5 $15.00 Cash $75.0010118 Oranda 2 $50.00 Cash $100.0010119 Shubukin 9 $20.00 Cash $180.00
Testing Examples of Test Data
It is necessary to test system responds to given tasks such as automatic invoice generating by
inserting stock ID and quantity, accurate amount is given to show customer for payment.
Hereby, customer purchase and payment example is taken:
Case: 100111 Version: 1.01.1 Date Test
OutcomeOperating Steps Expected Output1: Open ERP system System open smoothly without lag Y2: Open sale column System correspond Y3: Create new invoice Right sale recording page is opened up Y4: Insert stock ID and quantity Total price is calculated correctly Y5: Total amount shown with correlated stock ID and quantity
purchased6: Payment option Allocate customer payment amount Y
and payment type to close off openinvoice to complete purchase
Testing Method
The testing aims at the performance of system’s functionality, by grouping different data bank
and set up test cases, testing will likely to eliminate any possible bug or errors.
Other testing method such as manual test can also be used to compare result of the tests, as
well as buying automatic testing softwares which is more time efficient compare to manual
testing but is more costly to obtain.
Bugs and errors found during system testing stage have to be reported to ERP system
development team to fix and ensure it unlikely to happen again in real daily business operations.
Test Evaluation
The test evaluation follow up after completion of all test data bank and cases in order to assess
the new system is working effective as originally expected. After all test performed and errors
solved, evaluation report will focus on appropriateness, accuracy and performance of new
implemented system in fitting into Maria’s Aquariums and conclude with an agreement that it is
able to implement ERP into Maria’s Aquariums if the system tested meets with the originally
expected requirements.
System Controls
Accounting information system (AIS) has grown very fast, thus the business world has been
faced with more complexity and risk. According to Romney et al. (2013), 67% of companies face
on security breach, more than 45% face on organization crime and 60% reported financial
losses. In accordance Romney and Steinbart (2009) , they divided accounting information system
(AIS) treats to four groups; First one is, natural and political disasters such as earthquakes,
cyclones, tornadoes and etc., Second one is, software errors and equipment malfunctions for
instance; operating system crash, hardware failures and etc., Third one is unintentional acts for
example accident or innocent errors and omissions, that is the greatest risk for information
systems and the greatest dollar losses and finally, intentional acts such as a computer crime, a
fraud or sabotage, which is a deliberate or harm to a system . According to Romney and
Steinbart (2009), function of internal control could be divided to preventive, corrective,
detective and inherent limitation. It should not be missed that a simple error able to effect on
business decision making, fairly judgment and etc., and finally could destroy and abrogate a
company.
In accordance to the previous assignment it is recommended Maria’s Aquariums to chose
enterprise resource planning (ERP) for improving their current system thus Maria’s Aquariums
for running the new system have to use new technology such as internet, computer and etc.
Current control system of Maria’s Aquarium is very time consuming , risky and based on the
feasibility study we could understand that, the control system has lots of weaknesses. Definitely
Maria’s Aquariums new system will be faced on natural and political disaster, software errors,
fraud, abuse technique and etc., same as another advanced business. Therefore, hereby it
should design an internal control for new system based on two categories; general controls and
application controls.
At first, based on the general control it is investigate the organization’s control environments
which mean that they manage their security, software, IT texture and etc. On the other hand,
they can design a system for internal controlling that is including the structure, function and
administration information of Maria’s Aquariums. Moreover we should provide the standard
operating procedure and responsibilities for each position. For example, for Maria’s Aquariums
all responsibilities and duties about the fish hatchery and breeding should be related to the
professional employees. Based on the general control each employee in different parts of
organization know their responsibility clearly, and know how should be performed in their
section. General control has two other important factors which are texture and environmental
controls. Maria’s Aquariums should be checked and controlled their central data and
information processing facility and also some other areas as below:
Isolated Breeding facility for protecting from disease
Air conditioning for controlling the level of temperature
Protection from natural disaster such as fire, flood and etc.
Fire detector and fire suppression systems
Power supply such as generators, uninterruptible power supplies and etc.
Arranged and identifiable electrical and network cabling
The other important part of the general control is the level of authority for accessing to the
organization’s information. Controlling the physical access and omit existing data are the very
important part of each organization control .The entry to the company’s information should be
restricted and just during the normal office hours. On the other hand, each employee based on
position and requirement should be had access to the company’s information by authorizing
from management in head office. Each employee should be logged in by her or his security code
thus, based on this system when each employee will entry a new data or omit exist information
that will be recorded by his or her name in new system so management can control their
employee's duties too. Also computer section should have swipe card for each employee that
will be worked with computer. In accordance to Romney and Steinbart (2009) managements
should be sure about the value and accurate of all information so based on this valuable
information they can protect their assets. For accessing to the safety information systems for
Maria’s Aquariums, the physical access control should be followed the below contents:
Used security cards for entering
providing secure areas by limiting entry permits
Design username and password for each employee has access to the computer
Using dial-back modems
Recording entry and exit of each employee
The third part of general control is the possibility backup measure which means disaster
recovery, the differentiation of systems (separation employees from payroll), the quality
guarantee control and the adequate testing on software revisions. The first one is, backup
measures from the disaster recovery is a very important and relievable parts of general controls
when one or more files of information destroy by the natural disaster or human errors or frauds.
Thus , If by natural disasters Maria’s Aquariums’ information destroy, the organization will have
this ability to bring back their data by the backup that have been collected from the information
during the time that organization in normal position. According to the below table we designed
a disaster recovery plane for Maria’s Aquariums:
Task Team Support
Evaluating the change Disaster Management and Facilities
and Operations
Recognized the interested applications Disaster Management and Operations
Take suitable backups Operations
Running the appropriate applications at the Standby
Facility
Operations
Informing and training users for using the new
systems
Communications
Ordering the new equipments for replacing the
damaged computer
Operations
Running the new equipments and their programs Operations
Informing and training employee for using appropriate
from applications
Communication
Request for appropriating recourses at the Standby
Facility
Disaster Management
The last factor of the genera control that is surveyed here is personnel control which means
dividing the duties between the different levels of organization that is including hiring, training,
responsibilities allocation, promotion and termination, also the relevant personnel control
procedures are the rotation duties, the forced vacations and the personal termination policies.
The best internal control happens when a single employee does not have responsibilities in a
business in both, business transaction or process, which means management in company should
not give too much power just into one employee. Therefore, Maria’s Aquariums should be used
the segregation of duties control plan which means segregation of accounting duties and
segregation of system duties. For achieving a useful segregation of accounting duties, they
should divide the duties between the different groups of employees. Moreover, they should
divided responsibilities for each position because of providing standard operating methods. This
is a security management issue not a technology issue, but when each management decide
about the level of authority of each employee for accessing to the company’s information,
based on this part IT should help manager for controlling the authority level of each employee.
When one person has unlimited authority and access to the company’s information, thus this
company has high level of risk for facing to fraud. We review in below some divided functions
about the authority and responsibility between the different levels of a company:
System administration: should be operated smoothly and efficiently
Network management: operate correctly in both internal and external network
Security management: safety themselves from internal and external threats
Change management: make smoothly and efficiently , do not negatively affect systems
reliability, security, confidentiality, integrity and availability
Users: they should be recorded transactions, authorize data, use system output
Systems analysis: Determining and designing information needs
Programming: have this ability for designing and creating a system by writing the
computer programs
Computer operations: input data properly and correctly
Information system liability: maintain custody of corporation databases and files
Data control: approve properly data, reconcile output and input, maintain a record of
input errors and resubmit and distribute system output
In the second part of the internal control system it is investigated an application control which is
a very important kind of system controls that is made sure the transaction related to each store
progressed correctly, entered processed, completeness and etc. Application controls based on
computer application systems, include input controls that is related to edit checks, processing
controls which is related to record counts, and output controls which is related to error listings.
In according to the below Maria’s Aquariums should control their applications:
Input controls: they should ensure that all of the transaction is recording with accurate
and only by authorized users, They should have the ability for identifying rejected,
suspended, and duplicate items and also have ability for ensuring resubmission of
rejected and suspended items such as error listings, key verification
Processing: they should grantee the complete and accurate processing of authorized
transaction, for example: posting checks , end-of-file procedures
Output controls: they should have this ability for ensuring that a complete and accurate
audit trail of the results of processing is reported to appropriate individuals for review,
for instance; example error listings, distribution of registers and reviews of output.
System controls is a very widespread part for each organization and we can find another kinds of
control systems and based on these it can protect the data of company efficiently such as;
integrity controls, the control of trade-off, the control goals of the operation process. Maria’s
Aquariums should be use internal control for protecting their information from natural disasters
and other negative factors which will have damages on their information systems and the
operation of the company.
Bibliography
Romney, M, and Steinbart, P 2009, Accounting information Systems: Global Edition, 11th edn, Pearson Prentice Hall, United States of America.
Marshall B Romney, P. J. (12/E). Accounting Informaiton Systems: Global Edition. Courier Kendallvilee.