Current location - Education and Training Encyclopedia - Graduation thesis - Sci-tech periodical papers
Sci-tech periodical papers
Research on Internal Control of Computerized Accounting Information System

abstract:

With the application and popularization of computer in accounting field, accounting information system has developed from traditional manual accounting information system to computerized accounting information system. Therefore, strengthening the internal control of accounting information system and constantly exploring internal control measures and methods suitable for computerized environment have become the primary problems to be solved by enterprises at present.

Keywords: accounting information system; Control measures; Methods; internal control

abstract:

With the application and popularization of computer in accounting field, accounting information system has developed from traditional manual accounting information system to computerized accounting information system. Therefore, strengthening the internal control of accounting information system and constantly exploring internal control measures and methods suitable for computerized environment have become the first problem to be solved by enterprises at present.

Keywords: accounting information system; Control measures; Mode; internal control

Thread theory

With the continuous development of electronic information industry, the application of accounting computerization in social economy is more and more extensive, and how to develop accounting computerization in China has attracted more and more attention. Computerized accounting is the abbreviation of the application of modern electronic technology and information technology based on computers to accounting practice. It is a process of accounting, bookkeeping, accounting, auditing and some accounting information (data) statistics, analysis, judgment and even decision-making that need to be completed manually by using electronic computers instead of manual work. Its use liberates accountants from heavy physical labor, saves a lot of manpower, material resources and time, and has the characteristics of fast operation speed, large storage capacity, high data enjoyment, fast retrieval and query speed, simple report preparation and accurate data analysis. The modernization of accounting means and financial management decision-making makes the collection, collation, transmission and feedback of accounting information more accurate and timely, and improves the ability of accounting analysis and decision-making.

First, the characteristics of computerized accounting

(A) the characteristics of the information system

The so-called information system refers to the whole from data collection, storage and processing to transmission and use. Computerized accounting system refers to a management information system that collects, stores, processes and reports accounting data and uses accounting information. Information system can be divided into three different hierarchical structures, which serve different management. The structure of accounting data processing system (ADPS) serves the operational level; The structure of accounting management information system is to serve middle management; The architecture of accounting decision support system (ADS) is to serve the top management. At the same time, accounting management information system is an important subsystem of enterprise management information system.

(B) the characteristics of centralized data storage and management

"Computerized accounting" has changed the disadvantages brought by the traditional scattered storage of repeated accounting data. It adopts advanced database and data warehouse technology to realize centralized storage of data classification, which not only ensures the reliability of data, but also completely cancels all kinds of accounting subsidiary ledger and reconciliation operations and realizes the enjoyment of data.

(C) the characteristics of human-computer interaction

Accounting computerization can be understood as a system consisting of people, computers, data and programs. Because it has not only the function of accounting, but also the function of management and control, it can not be separated from human interaction, especially the function of forecasting and assisting decision-making, and must be completed under the control of managers. Therefore, the computerized accounting system should not be a "melon" simulation system, but an "intelligent" management information system with human-computer interaction.

"Computerized accounting" is the development of accounting in the information age. It is a comprehensive subject which is produced by the intersection of accounting, computer and information technology, enterprise management and econometrics. In a sense, "computerized accounting" is a new applied subject that uses modern technology and methods to transform and integrate traditional accounting to meet the requirements of the information society.

Second, the risk analysis of internal control system under the computerized environment

(a) Risks in software development and design

In the existing general financial software, because the developers of financial information software don't consider the problem comprehensively enough, it is difficult to match some situations in actual work in the process of developing financial software, and there are tiny loopholes in the developed software, which gives criminals an opportunity. It is this gap that makes criminals use high-tech means such as technicalization and intelligence to carry out criminal activities.

(2) Human risk

Although enterprises have replaced outdated and tedious manual accounting with modern management methods, reducing the repetitive work of accountants, enterprise managers have failed to change their concepts in time, and strict and scientific management is often a mere formality. Criminals take advantage of the weak links in the internal prevention system, do not hesitate to break the law, use legal identity, abuse or steal operating passwords to operate beyond their authority, so as to achieve the purpose of embezzling enterprise property. For example, the password is too simple, the computer supervisor is not authorized strictly according to the requirements, and the original data and accounting vouchers in the financial system are not modified according to the regulations.

(c) computer security risks

Although enterprises use modern management tools to replace outdated and cumbersome manual accounting, it has decreased.

Although personnel do the work repeatedly, enterprise managers fail to change their ideas in time, and strict and scientific management often becomes a mere formality. Criminals take advantage of the weak links in the internal prevention system, do not hesitate to break the law, use legal identity, abuse or steal operating passwords to operate beyond their authority, so as to achieve the purpose of embezzling enterprise property. For example, the password is too simple, the computer supervisor is not authorized strictly according to the requirements, and the original data and accounting vouchers in the financial system are not modified according to the regulations.

Thirdly, the influence of accounting computerization on the internal control system of enterprises.

Internal control refers to all kinds of rules and regulations, organizational measures, management methods, business processing procedures and other control measures formulated by enterprises to maintain the reliability of accounting data, the effectiveness of business operations and the integrity of property in accounting work. Computerized accounting has greatly changed the traditional accounting system organization, accounting form and internal control system, especially the internal control system of enterprises. Mainly in the following aspects:

(1) The control mode has changed from single system control to program control and system control.

In the manual accounting system, the internal control mode is mainly the internal containment system of personnel. After computerized accounting, the centralized treatment of accounting subjects makes the traditional internal control measures of accounting departments disappear naturally, such as the compilation of account summary table and voucher summary table, the check of trial balance table, and the check of general ledger and subsidiary ledger. Instead of computer internal control measures, such as voucher lending balance check and balance check. With the development of telecommunication technology, it is possible to process accounting information online in real time, and business matters can be processed in real time on terminals far away from enterprises. For example, business matters that should be handled by accountants in the past may now be completed by other business personnel at one time on the terminal. In the past, it should be handled by several departments.

Business matters completed according to the predetermined steps can be concentrated in one department or even one person.

After computerized accounting, the internal control system of enterprises is realized by people through accounting software, and is completed by the combination of personnel and computers.

(2) The controlled object changes.

The control object has changed, from human control to human and machine control. In the manual accounting system, the objects of internal control are mainly accounting objects, working conditions, information processing methods and procedures. The economic business of an enterprise is recorded on paper, which is divided into original vouchers and bookkeeping vouchers according to different processes of accounting data processing. After computerized accounting, accounting vouchers are stored in magnetic media in the form of files and records, which realizes paperless accounting and leaves no traces of data modification. With the implementation of e-commerce, online trading and paperless trading. When each transaction occurs, the relevant information about the transaction is directly input into the computer by the business personnel and automatically recorded by the computer. All kinds of vouchers and documents necessary for each transaction have been partially cancelled, and a considerable part of the necessary checks and audits in the accounting process have been automatically completed by computers.

(3) It is more difficult to control fraud and crime.

In the manual bookkeeping system, there will be unintentional errors caused by carelessness, fatigue or too many processing links of accountants. After the computerized accounting system, the accuracy of financial information can only be guaranteed if the input data is correct, the computer program is correct and the equipment runs normally. If any of the above parties makes mistakes, the processing result will be wrong. In reality, because the data stored in computer magnetic media is easy to be tampered with, sometimes even leaving no trace, and the data is highly concentrated, it is possible for unauthorized personnel to browse all data files through computers and networks and copy, forge and destroy important data of enterprises. Therefore, computer crime is very hidden and harmful, and it is more difficult to find computer fraud and crime in computerized accounting system than in manual accounting system.

Due to the change of control methods and control objects, the original internal control system of enterprises can no longer meet the requirements of computerized accounting system, and it is urgent to further improve the internal control system of enterprises. The internal control of the computerized accounting system is a comprehensive control with a large scope and complicated control procedures. The basic idea of improving the internal control of accounting computerization is to adhere to the safety management principles of clear division of labor, mutual independence, mutual containment and mutual restriction, and to establish a control mechanism combining manual and machine to make every process of accounting computerization under strict control.

Four, the main problems of accounting computerization

Poor compatibility

Because each system is independently developed, uses different operating platforms and supporting software, and has different data structures and programming styles, software companies keep technical secrets, have no communication with each other, and have no industry agreement, so there is naturally no unified data interface, so it is difficult to realize data sharing on different systems.

(b) poor cohesion within the system

At present, many accounting software focuses on the development of accounting processing and report management, and rarely involves other functions such as cost accounting and market forecasting. Therefore, when dealing with this kind of problems, it is necessary to export the relevant data of accounting management first, and then re-enter it after manual accounting, that is to say, from one processing system (module) to another processing system (module), the data format cannot be automatically converted, and the basic data can be used directly. This not only increases the workload, but also increases the error probability due to human factors such as manual accounting and manual input, which makes the accounting software unable to give full play to its management efficacy and forecasting function. In this sense, it can only be called "power account book".

(c) Poor data confidentiality and security

Many times, financial data is the absolute secret of enterprises, which is related to the bottom-up and development of enterprises to a great extent. However, almost all software systems are trying to improve the accounting function and adapt to the financial system, but few people seriously study the confidentiality of data. The so-called encryption is nothing more than encrypting the software itself to prevent piracy. In addition, adding some detection means, such as user password, voice monitoring, fingerprint identification, and user permission setting when entering the system, can not really play the role of data confidentiality. In terms of security, it is even less satisfactory. Once the system is down, or attacked by a virus, or suddenly loses power, it is difficult to recover the original data calmly.

(D) practicality is not strong

To some extent, because accounting software only realizes the accounting function, but does not realize the expected management and forecasting function, so that its appearance only reduces the workload of accounting, or reduces accounting, and does not produce real economic and management benefits. Then, its popularity is more or less suspected of "following the fashion"

(E) the contradiction between developers and users

Early software was specially developed by programmers. Although it can meet the data processing needs of users, it fails to accurately locate the nature of financial work and the level of users' use, which makes these softwares difficult to use. Now programmers and accounting professionals are developing together, but they only make a fuss about user interface, system platform and report processing, which can't meet the actual needs of users.

In our country, computers have been popularized for less than ten years, which means they have been popularized for three to five years, or they have not reached the level of popularization. People have different understandings of it. Even if the manufacturer has done systematic training when installing accounting software, it is not as easy to use as abacus and pen for accountants who may never have access to computers, so they need to be extremely careful. Once they make mistakes, their long-term work may be wasted.

Five, the internal control measures and methods of computerized accounting information system

(A) from the control form.

1, system control

System control, that is, a complete and effective internal control system is the basic guarantee of computerized internal control. As the saying goes, "Without rules, there would be no Fiona Fang". Everything has its inherent operating rules, and the replacement of manual operation by computerized accounting has its unique operating rules, which need a complete system to restrain.

2. Organizational control

With the rapid development of computerized accounting, accounting institutions should also make corresponding adjustments, such as personnel post responsibility system: personnel posts include basic accounting posts and computerized posts, among which basic accounting posts are divided into accounting supervisors.

Cashier, accountant, auditor and archivist. Computerized accounting posts are operators, computer maintainers and computer supervisors. The above two jobs shall not be concurrently held, and it is clear that software developers and maintenance personnel shall not be concurrently held as operators. Establish the post responsibility system for each post, with reasonable division of labor and clear responsibilities. All posts have certain authorization and password control to prevent illegal and unauthorized operations. In this way, the personnel in each post restrict each other, prevent illegal acts and find mistakes in time.

3. Program design and operation control

The research and development of software must be standardized, and the developed software must undergo comprehensive and in-depth research, scientific and systematic analysis and design, and must meet the requirements of the basic functional specifications of accounting software issued by the Ministry of Finance. The developed software must be examined and appraised by the higher authorities before it is put into operation, and the relevant documents of the software must be complete. The operation of accounting computerization should strictly follow the accounting business and processing flow, and set up control procedures in accounting software to prevent repeated operation, missing operation and misoperation.

4. Data input, output and safety control

The computerized accounting system is mainly composed of data sorting, data input, data processing, data communication, data preservation and data output. In these links, it analyzes the possibility of risks, whether the corresponding internal control measures are embedded in the realization of various functions in the system design process, whether the embedded internal control measures play a role, whether preventive measures are taken in the system for some potential foreseeable risks, and whether there is room for dealing with unforeseen risks. This ensures the accuracy and effectiveness of data in all links, as well as the safety and integrity of the whole process of accounting computerization. In computerized accounting, the original data of the computer are checked and confirmed manually before being input into the computer, so the accuracy of automatic data processing depends entirely on the accuracy of the original data input. Accounting information is the absolute secret of the company, once it is leaked, it will bring undue losses to the company, and the replicability of magnetic media makes accounting information easy to leak and difficult to find. Therefore, the output of the computerized accounting system, whether magnetic documents or printed materials, should be strictly managed immediately after output to prevent theft and tampering. The possible security performance of the storage data medium itself and the deliberate invasion of computer viruses are two important hidden dangers that endanger data security.

5. Accounting control

It is necessary to improve the internal regular inspection system of enterprises, regularly check accounting data, mainly check whether computerized accounting treatment is correct, whether it conforms to accounting regulations, and whether the signature of expenses is consistent with the unit.

Requirements of internal control system, whether the attachments of certificates are complete, etc. Check the consistency between the data in the computer and the written materials, such as comparing the output payroll with the employee roster to prevent wage payment errors.

(B) Internal control content from the computerized system.

1, strengthen system construction and enhance system awareness.

Pure system construction, without effective implementation, means no system. On the one hand, while strengthening the system construction, we should further enhance the system awareness of financial personnel and ensure the execution.

Of course, establishing a perfect computerized accounting system is the primary task for the normal operation of computerized accounting, including establishing the basic requirements of computerized accounting operation, computerized accounting data backup and floppy disk management system, network maintenance and computer virus prevention system, computerized microcomputer file management system, etc. Strengthening leadership, organization and planning, and strengthening the education of financial personnel's system consciousness are not only the requirements of the development of enterprise accounting informatization, but also the guarantee for the safe and effective operation of enterprise accounting computerization.

2, strengthen the program running records

The unit shall establish a daily operation record system to record the operation time, the name of the operator, the operation content, etc. In addition, the modification of software is inevitable, and the modification of accounting software should be carefully planned and strictly recorded. Necessary controls must be set in every link of the modification process, and the reasons and nature of the modification should be written out.

The official report can only be modified after approval, and all records related to software modification should be printed and archived.

3. Strengthen the functional control of accounting personnel.

Because the function of computerized accounting is relatively centralized, it is necessary to formulate corresponding organizational management control, clarify the division of responsibilities, strengthen organizational control, separate incompatible responsibilities in the system, and strictly divide all kinds of personnel in the system with corresponding management regulations. By establishing a mechanism of mutual audit, mutual supervision and mutual restriction, the authenticity and reliability of accounting information are guaranteed, and the possibility of errors and fraud is reduced. Division of responsibilities is to separate the responsibilities of the departments that use computerized accounting from those of the business departments (business departments refer to the departments or personnel that generate raw data), and to keep incompatible functions (such as business authorization, execution, storage and recording) as much as possible.

The second is the separation of responsibilities within the computerized position of the financial department. Through the internal division of responsibilities, to make up for the lack of centralized incompatible functions. For example, in the manual accounting information system, its post setting is generally

Accounting supervisor, cashier, auditor, accountant and other basic accounting work. Accounting information management personnel are responsible for daily cost accounting, asset management personnel are responsible for engineering and fixed assets management, fund management personnel are responsible for fund raising, and budget management personnel are responsible for various fund budgets, cost budgets, project budgets and final accounts. The accounting supervisor is responsible for the compliance and legality audit of various economic businesses, the cashier is responsible for the settlement of funds, and incompatible posts are separated according to the accounting system. After the implementation of computerization, the functions are divided according to the relevant provisions of the accounting system, and a computer supervisor or system administrator sets the corresponding functional authority, account set authority, operation time authority, etc. For the above computer posts, the principle of separation of incompatible posts is adopted. The auditor who is responsible for setting the functional authority will not be given the authority to make certificates, nor will he work as a cashier, and will be responsible for the authenticity, legality and integrity of the business. The voucher maker gives the audit authority, and the cashier does not give any other work except fixed assets management. Computer supervisors and system administrators are responsible for daily supervision, safe system operation, data security and coordination of staff relations. Accounting archivists are responsible for keeping data disks, system disks and various paper materials, but the system disks and data disks should be kept separately.

4. Strengthen the computerized training of accounting personnel.

In the development stage of computerized accounting information system, the relevant personnel who use the system should be trained to improve their knowledge and understanding of the system, so as to reduce the possibility of errors after the system runs. Outsourcing commercial software should require software development companies to provide sufficient training opportunities and time. The training of relevant personnel before the operation of the system is not only the operation training of the system, but also includes letting these personnel know the new internal control system after the system is put into operation, the new voucher flow after the operation of the accounting information system, and the prospect of further utilization and analysis of accounting information.

5. Strengthen the control of program running process.

In order to ensure the quality of information processing and reduce the probability of errors and accidents, corresponding computer codes and operating procedures should be formulated to standardize program operation. "Computer Code" is mainly a general provision for computer room work. The operating rules put forward the specific operating steps and requirements of computer processing of accounting business, including various operating instructions, instructions on the use of various equipment and the handling of abnormal situations. For journals and closed businesses, the operation process cannot be modified or cancelled. If it is to be modified, it must be corrected by preparing accounting vouchers for write-off or supplementary registration to ensure the integrity and authenticity of accounting data.

6. Strengthen safety management and control.

The security control of computerized accounting information system refers to how to take effective internal control methods and measures to ensure the safety of the system and data and ensure the reliable operation of the system. The security control of the system includes contact control, backup control and environmental security control. Specifically including:

Set the corresponding operation authority in strict accordance with the positions of accountants, and strictly separate incompatible positions.

Password settings for computer supervisors, operators, system maintenance personnel, program developers, etc. It is strictly stipulated that it is forbidden to set simple passwords to prevent misappropriation by irrelevant personnel.

Establish a daily data backup system, and use more than two methods to back up data regularly, including: double backup of servers and workstations, overall backup of data, and sub-module backup.

Maintain the financial information system regularly, take appropriate "virus" defense measures, regularly kill "virus" to prevent "virus" invasion.

It is forbidden to connect the financial workstation with the Internet, cut off the possible ways of "virus" invading the system, and strictly manage the input of data. When inputting data, relevant personnel should check that there is no "virus" before inputting.

When operators at all levels change, in addition to handing over accountants according to regulations, they should also back up user login names and password data files to prevent user names and passwords from being stolen.

7, file management control

Microcomputer file management control can effectively ensure the recoverability of data. When the computer system is destroyed, the financial data can be recovered in time, the accounting data will not be lost, and the normal accounting work can be guaranteed. Specific control measures are:

Establish a computer file management system, and the initial data such as registration name, subject system, report data source, operation relationship and cross-checking relationship should be kept as files.

All monthly account books, account summary tables, clearing account lists and auxiliary account pages shall be classified and filed in time.

All CD and floppy disk backups should be marked in detail, properly kept and kept as files.

Do a good job in anti-magnetism, fire prevention, moisture prevention and dust prevention of computerized accounting files. Important accounting files should be made in duplicate and stored in two different places. At the same time, the accounting files stored in magnetic media should be checked and copied regularly to prevent the loss of accounting files caused by the damage of magnetic media.

8. Strengthen internal audit.

Internal audit is an important part of internal control system, and it is also a means to implement internal accounting supervision under computerized accounting. Under the computerized accounting environment, due to the change of the manifestation of the audited object, higher and stricter requirements are put forward for internal audit.

First of all, we should increase high-level training for auditors, such as network systems and computerized information systems.

Training to enable auditors to meet the needs of accounting information audit. Secondly, due to the limited ability of auditors, they can't fully understand many fields, so they need external experts to assist in the audit. For example, the possibility of participating in the software development stage, the reliability audit of the software operation link upgrade, and whether the daily processing meets the internal control requirements. Finally, without limited implementation, it is futile for us to formulate a complete control system. From the current domestic form, due to the lack of execution, the internal control system fails from time to time, and the construction of execution should be strengthened while formulating the system.

conclusion

With the rapid development of electronic technology and network technology, the popularity of accounting computerization is getting higher and higher, and new problems and topics in internal accounting control will continue to emerge. The in-depth study of accounting risks will not only further improve and develop the new accounting theories and methods formed under the computerized accounting, but also constantly adjust and improve the internal control system under the computerized accounting environment, thus truly ensuring the truthfulness, completeness and reliability of accounting information, providing effective information for enterprises to make correct decisions and creating good accounting benefits for enterprises.

References:

[1] research on internal control of accounting information system in Zhang Yingming IT environment [J] China accounting computerization, 2002

[2] Wang Jingxin, Guo Xinping. Computer application in accounting [M]. Beijing: Economic Management Press, 1998.

[3] Accounting computerization [M] Economic Science Press of the Ministry of Finance, 1996

[4] Shang, prevention and control of fraud in computerized accounting system [J] Friends of Accounting, 200 1