Becker CPA Review Business 4 Class Notes

BUSINESS 4 CLASS NOTES

Information Technology implications in the business environment are covered in BEC4. This area is
worth 22%-28% of the point value on the BEC exam per the Content Specification Outline. The topic
breakdown is:

I.

II.

III.

Role of business information systems,

Roles and responsibilities within the IT function,

IT fundamentals,

Disaster recovery and business continuity, and

Financial statement and business implications of electronic commerce.

ROLE OF BUSINESS INFORMATION SYSTEMS

A.

Information Technology includes the hardware, software, data, people, and networks in a
companys computer system.

B.

IT systems process detailed data, assist in making daily decisions, and, on a higher level,
assist in developing business strategies.

C.

An Accounting Information System (AIS) is part of a Management Information System.

The AIS processes accounting transactions from source documents through financial
statements, creating an audit trail for tracing and vouching the transactions.

D.

Other systems, in order of their hierarchy, are transaction processing (TPS), decision
support (DSS), management information (MIS), and executive information (EIS).

E.

Types of reports are periodic scheduled, exception, demand, Ad Hoc or push. A welldesigned system should have the ability to generate a report to answer virtually any
question a user may have.

ROLES AND RESPONSIBILITIES WITH THE IT FUNCTION

A.

Job titles within IT are constantly changing and some functions that were once useful are
no longer necessary. The term end user means anyone who uses the system or enters
data into it.

B.

Proper segregation of duties is very important in the organization of IT. The system
should separate responsibilities for authorizing transactions, recording those
transactions, and the custody of assets (ARC). In general, systems analysts, computer
programmers, computer operators, and security administrators should be kept separate
(although many companies combine system analysts and computer programmers). Proper
segregation of duties is more difficult in smaller companies.

IT FUNDAMENTALS
A.

Hardware includes the computer, storage devices, and peripherals.

B.

System software includes the operating system and the Database Management System
(DBMS).

C.

The DBMS is a separate system that allows an organization to create and used databases
(collections of data records and files).

1
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Becker CPA Review Business 4 Class Notes

IV.

D.

The primary advantages of a DBMS are reduction of data redundancy or inconsistency

and enhanced information timeliness, effectiveness, and availability.

E.

Networks permit shared resources among interconnected computers. A LAN covers a

local area, while a WAN (wide area) allows national and international communications.
Most of these networks are set up as client/server systems. There are four types of
network topologies.

F.

A WAN may be set up as a Value Added Network (VAN) or it may be internet-based.

Since a VAN is privately-owned and the Internet is a public channel, Internet-based is less
secure.

G.

A WAN may also be a virtual private network (VPN) which uses the internet. VPNs are
less secure than VANs.

H.

Intranets connect separate LANs within a company. An extranet permits outside business
partners access to a company network.

I.

Processing of transactions may be by batch (periodic) or it may be on-line (immediate).

Flowcharts using unique symbols are designed to illustrate the various transaction
components of a system. Controls over input, processing, and output are either manual or
programmed into the computerized environment.

J.

The advantages/disadvantages of centralized vs. decentralized processing is fairly settled

ground.

K.

A key element of security is controlling access to the system through usernames and
passwords.

DISASTER RECOVERY AND BUSINESS CONTINUITY

A.

Risks associated with IT systems are characterized as strategic, operating, financial,

and information. Other specific risks are errors, irregularities, and disasters.

B.

Effective risk management assesses the entitys vulnerability to risks and threats. Once
identified, safeguards and controls are put in place to reduce or minimize those
vulnerabilities.

C.

Access controls limit access a system, or parts thereof, to authorized personnel only.
These controls may be physical (a separate room or area) or they may be electronic.
When any changes to responsibilities occur, or there is a hiring or a termination, the access
codes need to be adjusted accordingly.

D.

A firewall acts as a gatekeeper to limit access. Firewalls and other controls deter, but do
not prevent, unauthorized access or intrusion. Application firewalls employ packet
filtering to determine if data should pass through.

E.

Outside threats to an IT system may come in the form of a virus, worm, Trojan Horse,
denial-of-service attack, or phishing.

F.

Records and files should be subjected to validation and editing techniques. Backups and
off-site storage help ensure continuity in case of a loss of data.

G.

Data encryption, employing public and private keys, offer a form of security for transmitted
messages.

H.

Disaster recovery plans are necessary to help ensure business continuity in case of a loss
of processing capability. In case of such a loss, a company may use an outside recovery
service or have its own cold or hot site prepared in advance.

2
2009 DeVry/Becker Educational Development Corp. All rights reserved.

Becker CPA Review Business 4 Class Notes

V.

FINANCIAL STATEMENT AND BUSINESS IMPLICATIONS OF ELECTRONIC COMMERCE

A.

Electronic Data Interchange (EDI) is a type of e-business/e-commerce that allows for

computer-to-computer exchange of business documents between trading partners in
structured formats. It is generally more secure than e-commerce because a VAN is
normally used.

B.

B2B and B2C allow purchasers to research alternatives through a website and make their
purchases electronically.

C.

Enterprise Resource Planning Systems (ERP), Supply Chain Management Systems

(SCM), and Customer Relationship Management Systems (CRM) are additional
management tools available through computer systems.

D.

Electronic Funds Transfer (EFT) is a form of electronic payment that reduces the time to
process checks and credit transactions.

Appendix I covers the Audit Implications of IT, such as transaction tagging, embedded audit
modules, test data, integrated test facility, parallel simulation, and generalized audit software
packages (GASP).
Exam questions released by examiners are available on the Becker Student Website and are also
integrated into class materials. Some of the IT questions involve technical aspects that are generally
beyond what an accountant should know; however, a candidate should be prepared for as much as
possible. The Terminology on B4-69 and B4-70 is important to know.

3
2009 DeVry/Becker Educational Development Corp. All rights reserved.