Chapter 5 03 05 2013 Approaches to Business Event processing Applications Approach o Each application collects and manages its own data o Data needed by multiple applications and functional processes is not shared o Causes data redundancy Increased labor and storage cost Can lead to inconsistent data across different applications o Uses two tier architecture Tier 1 user presentation tier Tier 2 Application database tier Centralized Database Approach around data redundancy o Improved efficiency by eliminating data redundancy improving data integrity o Data is stored in relational databases solving many problems o One collection of rational tables that is shared across the company o Most ERP systems today use relational databases o Data is DECOUPLED from the application Data independence o Uses three tier architecture Tier 1 User presentation tier Tier 2 Application Tier Tier 3 Database Tier o Data can be accessed by other interfaces Reports Queries o Overcomes the limitations of the Applications Approach Database Management Systems DBMSs a set of integrated programs designed to simplify the task of creating accessing and managing a centralized database programs Integrate a collection of files that are independent of the application Coordinate the activities of their many functional areas Advantages o Overcomes the limitations of the Applications Approach Eliminates data redundancy Ease of Maintenance Data is stored only once so additions deletions and changes can be made easily Reduce labor and storage cost Need less storage Data Integrity Because of eliminated data redundancy Data independence Application and database decoupled Multiple application programs can use the same data concurrently Privacy Control over data access can typically be exercised down to the data element level Disadvantages o Expensive o More powerful and more expensive hardware o If it fails them all data processing stops o More damage can occur if someone gets unauthorized access o Continuous Data Protection and contingency planning is more important o Users can experience contention or concurrency problems o Territorial disputes over who owns the data 4 Types of DMBS Models o 1 Hierarchal Now obsolete Records are organized in a pyramid structure Parent records can have multiple child records Child records can only have ONE parent record Worked well for simple situations o 2 Network Parent records can have multiple child records and child records can have multiple parent records Sale to a customer can have a parent of customer and parent of sales person Mass move to network DBMS was interrupted by creation of relational database Never really got used o 3 Relational Data are logically organized in two dimensional tables Used by most organizations today Can handle complex quires Disadvantages Requires MORE computer memory and processing Allows only text and numerical information to be time stored Elements Tables a place to store data Queries tools that allow users access to data stored in various tables and transforms data into information Forms onscreen presentations Used to input data and view data in tables Reports printed lists and summaries of data stored in tables o 4 Object Oriented Stores both simple and complex objects Ex text numerical data graphics audio video geographic information Objects store attributes and instructions for actions Data Warehousing and Data Mining Data Warehouse collection organization integration and long term storage of entity wide data o Purpose to provide users with easy access to large quantities of varied data from the organization for the sole purpose of improving decision making capabilities o Typically created by coping data periodically o Other external data can be included in a warehouse o Exist separately from Transaction Processing Database Data Mining The exploration aggregation and analysis of large quantities of varied data from across the organization o Requires training and expertise o Chapter 7 03 05 2013 Organizational Governance a process by which organizations 1 select objectives 2 establish processes to achieve objectives 3 Monitor performance Enterprise Risk Management ERM process Effected by an entity s board of directors mgmt and other personnel Applied in strategy settings across the organization Designed to o 1 Identify potential events that may effect the entity o 2 Manage risk to be within the firms risk appetite o 3 Provide reasonable assurance regarding the achievement on entity objectives ERM Framework o Addresses 4 categories of Management Objectives 1 Strategic high level goals aligned with and supporting its mission 2 Operations effective and efficient use of its resources 3 Reporting Reliability of reporting 4 Compliance compliance with applicable laws and regulations Components of ERMS o Internal Environment tone of an organization Basis for how risk is viewed o Objective setting objectives identify potential events affecting the achievement of the objectives o Event Identification identify events affecting the achievement of objectives o Risk assessment Risk are analyzed likelihood and impact o Risk Response Choose of on the four responses to risk are determined Avoid Accept Reduce Share response is followed and communicated o Control Activities policies and procedures to ensure risk o Information and Communication information is captured o Monitoring ERM is monitored and modifications are made Sarbanes Oxley Why is it necessary o A few businesses failed to enact and enforce proper governance processes o Some employees violated ethical codes business rules regulatory requirements and statutory mandates Both resulted in massive fraud Public Company Accounting Oversight Board PCAOB o Key Provision of Sox o Requires Management to 1 Elevate the design of the company s controls 2 Gather and evaluate evidence about the operation of its controls 3 Present a written assessment of the effectiveness of internal controls over financial reporting 4 Hire an independent auditor to test and report on the effectiveness of the companies system of internal control Titles of Sox o Title 1 PCAOB Established an independent board to oversee public SEC has oversight and enforcement authority over the company audits board o Title 2 Auditor independence Prohibits a CPA firm that audits a public company from engaging in certain non audit services for the same client Prohibits providing financial information systems design and implementation services to audit