22766 Assurance for Business Information Systems

Subject level: Postgraduate

Handbook description

This advanced accounting information systems subject deals with assurance and control issues in an integrated systems (enterprise systems) environment. The control frameworks evaluated include management/general controls, task controls and application controls. Students gain advanced financial reporting skills for detective control and learn how complex authorisation profiles and automation can be used as preventive controls in an enterprise systems environment. In an extensive case study, students have to demonstrate and deepen their theoretical knowledge and practical skills with SAP solutions.

Subject objectives/outcomes

On successful completion of this subject students should be able to:

1. Understand assurance issues in integrated enterprise systems environments,
2. Understand the issues in SAP security and authorisation management,
3. Understand and influence business process controls in the SAP revenue, expenditure, conversion and asset (life) cycle,
4. Understand Enterprise Systems hardware, system software and disaster recovery controls,
5. Understand and explore/execute SAP audit trails, standard reports and special audit queries, and
6. 6. Understand issues of compliance with new corporate governance laws in Enterprise Systems, incl. documentation considerations, parallel accounting requirements, etc

Contribution to graduate profile

This subject provides students with the opportunity to develop an appreciation for the impact of business information systems integration on assurance. Given the widespread use of Enterprise Systems (especially SAP solutions) in industry, the focus of the subject is on SAP systems. The subject also extends students' understanding of the role of assurance in managing organisations. The exposure gained by students to the fields of systems security and auditing will provide an incentive to consider the provision of assurance services for business systems and information as a potential area of specialisation.

Teaching and learning strategies

A variety of teaching and experimental learning methods and strategies are applied, including teamwork, discussions, and, above all, hands-on experience with an ERP-system (SAP ERP).

Students are required to use the SAP ERP systems outside normal class hours. They have to work on a collaborative case study project, in order to gain the ability to apply their knowledge in a problem-oriented environment and to increase their teamwork and communication-skills. Each team member also has to make a short oral presentation of his/her contribution to the project.

Content

• Introduction to Business Information Systems Assurance Issues and Concepts
• SAP ERP: New Features in SAP Financials
• Control in an SAP Environment
• Specifics of Control in ERPS
• SAP Access Controls (incl. SAP Security & Authorisations)
• SAP Configuration and FI Application Controls
• SAP Business Process Controls in Detail
• General Ledger Accounting
• Revenue Cycle
• Expenditure Cycle
• Asset Life Cycle
• Conversion Cycle
• SAP audit trails, standard reports and special audit queries
• Parallel accounting
• Compliance with new corporate governance laws and standards

Assessment

Recommended text(s)

Wieder, B (2008): Financial Management and ERP – Integrated Event-Accounting with SAPTM ERP, Auxilia, Sydney.

SAP-Online Help: help.sap.com

Indicative references

Wieder, B (2003): Accounting and ERP – Integrated Event-Accounting with SAP™ R/3, revised reprint, Tekniks Publ., Sydney

ASAP World Consultancy. (1998), Administering SAP R/3: The FI –. Financial Accounting and CO –. Controlling Modules, Que.

Institute of Internal Auditors. (1997), SAP R/3: Its Use, Control, and Audit Institute of Internal Auditors

Krist, M. A. (1999), Standard for Auditing Computer Applications, Auerbach

Weber, R. (1999), Information Systems Control and Audit, Prentice Hall, Sydney