Approaches to Business Event processingApplications ApproachEach application collects and manages its own dataData needed by multiple applications and functional processes is not sharedCauses data redundancyIncreased labor and storage costCan lead to inconsistent data across different applicationsUses two-tier architectureTier 1: user/presentation tierTier 2: Application/database tierCentralized Database ApproachData is stored in relational databases, solving many problems around data redundancyImproved efficiency by:eliminating data redundancyimproving data integrityOne collection of rational tables that is shared across the companyMost ERP systems today use relational databasesData is DECOUPLED from the applicationData independenceUses three-tier architectureTier 1: User/presentation tierTier 2: Application TierTier 3: Database TierData can be accessed by other interfaces:ReportsQueriesOvercomes the limitations of the Applications ApproachDatabase Management Systems (DBMSs): a set of integrated programs designed to simplify the task of creating, accessing, and managing a centralized databaseIntegrate a collection of files that are independent of the application programsCoordinate the activities of their many functional areasAdvantages:Overcomes the limitations of the Applications ApproachEliminates data redundancyEase of MaintenanceData is stored only once, so additions, deletions, and changes can be made easilyReduce labor and storage costNeed less storageData IntegrityBecause of eliminated data redundancyData independenceApplication and database decoupledMultiple application programs can use the same data concurrentlyPrivacyControl over data access can typically be exercised down to the data element levelDisadvantages:ExpensiveMore powerful and more expensive hardwareIf it fails them all data processing stopsMore damage can occur if someone gets unauthorized accessContinuous Data Protection and contingency planning is more importantUsers can experience contention or concurrency problemsTerritorial disputes over who owns the data4 Types of DMBS Models:1. HierarchalNow obsoleteRecords are organized in a pyramid structureParent records can have multiple child recordsChild records can only have ONE parent recordWorked well for simple situations2. NetworkParent records can have multiple child records and child records can have multiple parent recordsSale to a customer can have a parent of customer and parent of sales personMass move to network DBMS was interrupted by creation of relational databaseNever really got used3. RelationalData are logically organized in two-dimensional tablesUsed by most organizations todayCan handle complex quiresDisadvantagesRequires MORE computer memory and processing timeAllows only text and numerical information to be storedElements:Tables: a place to store dataQueries: tools that allow users access to data stored in various tables and transforms data into informationForms: onscreen presentationsUsed to input data and view data in tablesReports: printed lists and summaries of data stored in tables4. Object-OrientedStores both simple and complex objectsEx: text, numerical data, graphics, audio, video, geographic informationObjects store attributes and instructions for actionsData Warehousing and Data MiningData Warehouse: collection, organization, integration, and long-term storage of entity-wide dataPurpose: to provide users with easy access to large quantities of varied data from the organization for the sole purpose of improving decision making capabilitiesTypically created by coping data periodicallyOther external data can be included in a warehouseExist separately from Transaction Processing DatabaseData Mining: The exploration, aggregation, and analysis of large quantities of varied data from across the organizationRequires training and expertiseOrganizational Governance: a process by which organizations:1. select objectives2. establish processes to achieve objectives3. Monitor performanceEnterprise Risk Management (ERM) processEffected by an entity’s board of directors, mgmt., and other personnelApplied in strategy settings across the organizationDesigned to:1. Identify potential events that may effect the entity2. Manage risk to be within the firms risk appetite3. Provide reasonable assurance regarding the achievement on entity objectivesERM FrameworkAddresses 4 categories of Management Objectives1. Strategic: high level goals aligned with and supporting its mission2. Operations: effective and efficient use of its resources3. Reporting: Reliability of reporting4. Compliance: compliance with applicable laws and regulationsComponents of ERMSInternal Environment: tone of an organizationBasis for how risk is viewedObjective setting: objectives identify potential events affecting the achievement of the objectivesEvent Identification: identify events affecting the achievement of objectivesRisk assessment: Risk are analyzed, likelihood and impact are determinedRisk Response: Choose of on the four responses to riskAvoidAcceptReduceShareControl Activities: policies and procedures to ensure risk response is followedInformation and Communication: information is captured and communicatedMonitoring: ERM is monitored and modifications are madeSarbanes-OxleyWhy is it necessary?A few businesses failed to enact and enforce proper governance processesSome employees violated ethical codes, business rules, regulatory requirements, and statutory mandatesBoth resulted in massive fraudPublic Company Accounting Oversight Board (PCAOB)Key Provision of SoxRequires Management to:1. Elevate the design of the company’s controls2. Gather and evaluate evidence about the operation of its controls3. Present a written assessment of the effectiveness of internal controls over financial reporting4. Hire an independent auditor to test and report on the effectiveness of the companies system of internal controlTitles of Sox:Title 1: PCAOBEstablished an independent board to oversee public company auditsSEC has oversight and enforcement authority over the boardTitle 2: Auditor independenceProhibits a CPA firm that audits a public company from engaging in certain non-audit services for the same clientProhibits providing financial information systems design and implementation services to audit clientsRelevant to AISProhibits CEO, CFO, Controller, or Chief Accountant from having worked at the audit form and participated in the audit of that company during one-year priorTitle 3: