This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Applied Accounting Software
1a) you are required to generate and critically evaluate four of your own Sage reports that would assist you with your investigation in terms of their usefulness and relevance.
Customer Activity (Detailed) Report
This report displays all of the transactions involving a certain customer. This report displays the basic information of the customer, Date of transaction, Reference, Details, Value of item and any outstanding debt on the account. This report will assist me because it will display any outstanding payments that the customer owes, it also displays any payments received from the customer.
The second report I will use for my investigation is the Aged debtors report. This report is very valuable tool when it comes to analysing a customer’s account, who owe the company money. It provides information on the customer transactions, when they took out credit, how much and when they owed you the money.
Audit trail is probably one of the most important reports when it comes to analysing transactions. It displays who has accessed the computer software, what transactions or operations they have performed and also displays any errors. This particular report is also used for maintaining security and recovering lost transactions (Webopedia, N.D). The audit trail also shows deleted entries, corrections made and when they were made.
The bank statement is my final report that I will use. I used this report so I can see if any payments have been received into my bank account and what dates I received them.
From looking at all these reports I can investigate into the customer’s complaint and whether they have paid or not. As the customer has specified that he has “recently” paid the previously balance, I believe that the customer has paid the outstanding amount by cheque and that cheque has either bounced or is still in the process of getting cashed in.
1b) you are also required to identify the control mechanism which stopped the sales clerk from being able to process the order and suggest an alternative procedure to improve communication between the Sales Ledger and Sales Order Processing Department which will avoid similar customer complaints.
One of the control mechanism which may have prevented the sales clerk from being able to process the order may be the fact that they may have exceeded their agreed credit limit. Due to this fact the sales clerk has not authorised the transaction and has put the customer’s account on hold.
(see appendix 1).
Communication between departments may be improved by putting both the sales ledger and sales order processing departments in the same office so communication and relationships can be built. Another way that communication can be improved is if both departments work together and sign of transactions which are in dispute and come up with possible solutions to how it can resolved.
2. You are also required to evaluate the advantages and disadvantages associated with the use of computerised accounting software.
Before creating a system, first we need to consider the factors that will go into creating a successful system for the new user. First of all, the Information that we would require are: what do they want the new system to do? How much they’re willing to pay, will it need to connect to a bank account or even HMRC.
Next we must search around for already available software that could tick all the boxes the company is looking at. Accounting Software packages that are for personal – small business use, are always cheaper whereas software packages for bigger business could be costly. We also need to ensure that the package we use complies with the report standards.
After choosing a system that meets our needs, we will need to be able to test the programme before hand to see if it meets the company standards. Many software packages offer trial periods or if the system is getting personally made for the company, they will offer a trial period to see it meets the user’s requirements. Also care should be taken to see if there is any errors in the system and if so, it should be notified to the developer.
After the initial trial period is over and we are happy with the system, we can now begin training employees to use and manage the new system.
Then we must collect all the data which we wish to convert into the new system and get rid of any irrelevant data. We must then process this information into our new system.
Disadvantages of a computerised system include:
- Hardware/software issues – One big disadvantage with computerised accounting systems are that they are susceptible to hardware issues. Computer can lose power or have a system error which could prevent it from working or lose data.
- Virus/spyware and Hackers – Due to the nature of the Accounting software, there is more important financial information that could be at risk. Hackers may be able to obtain sensitive information from the programme.
- Staff Training – Staff training will need to be provided. Inadequate training can cause human error and important information may be shared. This can also be prove to be costly and time consuming.
- Price – Another issue that may put people off buying a new system, is the price. New systems, for personal use, could cost anything between £500-£1500 and for bigger companies it will cost a lot more
Advantages of a computerised software are:
Speed – Entering data and processing orders is a lot faster than a manual system.
Accuracy – Errors are quickly noticed, such as duplicate entries
Reliability – Calculations done by the system are highly reliable
Data Access – Accessing pieces of data is much easier in a computerised system as it allows you to search through the whole system within seconds.
3. Critically appraise the need for policies and procedures around data security, highlighting the impact that data theft can have on a business. Suggest 6 key controls that you would put in place and explain how these controls would prevent or deter employee data theft from happening.
The data protection act of 1998 defines data theft as taking unauthorised accessed to personal information, in which it is released to others (Data Protection, N.D). The information which is commonly taken are: Passwords, Credit card information, corporate information and other personal information.
Recently, Morrison’s was a victim of Data theft from an internal source. Morrison’s has confirmed that the information, of about 1000 employees, had been taken included bank account details which was published online and sent to a newspaper (Morrison’s, 2014). A chief office from a cyber-protection company has said, that there are more challenges from internal attacks then there are from external and more money needs to be spent on internal security protection. The message he left was “you can’t ignore the enemy within” (BBC, 2014).
Another large company was a victim to Data theft was Vodafone. The mobile phone provider was hit by an internal threat, the employee was an It systems administrator who was contracted by Vodafone. The company stated that the data which was stolen were, customer names, addresses, date of birth and bank details (Belfast telegraph, 2013). As no credit card information or passwords were stolen, Vodafone have warned users to guard against phone calls or emails from people who have are seeking to exploit the information, it is suggested that the motive behind the attack was for financial gain and the data was sold to a company who can exploit that information (Belfast Telegraph, 2013).
It is clear to see that more needs to be done to prevent Data theft from within an organisation. Companies should be stricter with policies and enforce them more on their employees. If employees knew how severe the consequences of data theft may be it may help deter any misconduct. Also if the companies monitoring their activity, it can have a psychological impact on their decisions and deter any criminal activity (ComputerWeekly, 2010).
Policies need to be put in place so it provides an outline for employees on what is allowed, what isn’t allowed and how to handle important business data. Polices need to be implemented effectively and this can be done in many ways such as, making departmental managers aware of their responsibilities and monitoring employee behaviour. Provide employees with copies of the policy, employees signing it off if they abide by the policy. For employees to understand the policy it needs to be written in a plain language which can be easily understood by all and communicated effectively and reliably (ICAD, N.D).
Policies are put into place to make employees aware of the company rules but Procedures need to be taken to stop any data theft. The ISO 27001 information has provided companies with guidelines on how to handle certain situations. For example section 8.3, “termination or change of employment,” gives the company a checklist on what procedures need to be taken when the employee leaves, making sure all equipment is returned and reminded former employees the terms of confidentiality and information ownership. (Search Security, 2010).
Some of the ways we can prevent data theft are by:
- Strong password – Employees must not use obvious, easy to guess passwords. Many people tend to use passwords which relate to them like, their date of birth, Family name, pets name. Password should be unique and one that would be hard to guess. Strong passwords are considered to be ones that are over 8 characters, contain both lower case and upper case letter and contain at least one number.
- Staff Training – Staff training should be provided so no misuse of software is done and also staff to be trained in how they should handle company data and not to do anything that could put the company in risk, such as clicking links in emails that are suspicious.
- Disposal of equipment and documents – any financial documents or equipment of the company with valuable information on it, should be destroyed appropriately.
- Restricting access to employees– By restricting access to employees can help minimise any risks. Employees should only need to have access to information they need and no other. This can help deter data thieves.
- Protection and monitoring software - Proper protection needs to be put in place. Anti-virus/Spyware software can help detect any virus’s that have snuck in through the system and remove them. Firewalls can be put in place to help stop external threats from the internet. Monitoring equipment and be put in place to see what files or information their employees are accessing.
- Encrypting data – By encoding company information, we can allow authorised personal only to access the data. This method can help stop any hacker or employee read the data and therefore making it useless.
Word Count - 1643
Dataprotection.ie, (2014). Offences and Penalties under the Data Protection Act - Data Protection Commissioner - Ireland. [online] Available at: http://www.dataprotection.ie/docs/Offences_and_Penalties_under_the_Data_Protection_Act/97.htm#Disclosure of personal data which was obtained without authority [Accessed 8 May. 2014].
Computerweekly.com, (2014). How to apply government data classification standards to your company. [online] Available at: http://www.computerweekly.com/news/1355736/How-to-apply-government-data-classification-standards-to-your-company [Accessed 8 May. 2014].
BelfastTelegraph.co.uk, (2014). Data theft hits Vodafone customers - BelfastTelegraph.co.uk. [online] Available at: http://www.belfasttelegraph.co.uk/news/world-news/data-theft-hits-vodafone-customers-29573731.html [Accessed 8 May. 2014].
BBC News, (2014). Morrisons hit by massive data theft. [online] Available at: http://www.bbc.co.uk/news/business-26574161 [Accessed 8 May. 2014].
Practical Steps for Implementing Policies and Procedures. (2014). 1st ed. [ebook] Available at: http://www.icad-cisd.com/pdf/FS8EN_Practical_Steps_Implement_Policies_Procedures.pdf [Accessed 8 May. 2014].
Get Rich Slowly – Personal Finance That Makes Sense., (2014). How to Prevent Identity Theft — Deter, Detect, Defend. [online] Available at: http://www.getrichslowly.org/blog/2008/03/06/how-to-prevent-identity-theft-deter-detect-defend/ [Accessed 8 May. 2014].
Webopedia.com, (2014). What is Audit Trail? Webopedia. [online] Available at: http://www.webopedia.com/TERM/A/audit_trail.html [Accessed 8 May. 2014].
Searchsecurity.techtarget.com, (2014). Benefits of ISO 27001 and ISO 27002 certification for your enterprise. [online] Available at: http://searchsecurity.techtarget.com/tip/Benefits-of-ISO-27001-and-ISO-27002-certification-for-your-enterprise [Accessed 8 May. 2014].
1 | Page