Strategic Information Systems
Strategic Information Systems
Automatic Information Systems are needed to carry out operations in the organizations. The organizations used to operate with manual procedures before the advent of the information systems. Manual processes used to be very slow which is not feasible in the dynamic environment of today. Thus, adoption of technologies have become essential in todays scenarios. These technologies help in managing activities that are technical, administrative, and operational. Accounting information systems are one category of these information systems that is used for automating the operations of the accounting department in an organization. These include banking and financial operations.
Key business processes that are managed in a banking organization include:
- Account Management: Opening of new accounts, closing of non-operational accounts, and modification of the details in the banking accounts.
- Loan Management: Processing of loan applications, sanction of loans applied, and calculation of amounts to be paid as premiums after taking the loans.
- Credit management: Management of the credit card requests, their activation, creation of new credit cards, and generation of pin.
- Mortgage activities: Mortgage details are collected and managed
- Transaction Management: Management of transactions including deposits made in to the accounts and withdrawals of the amounts from these accounts
- Other Activities: Other activities include reconciliation, bill payments, vendor payments, online banking, customer service, employee management, payroll activities, and support services.
The requirements of a banking system considering the accounting information system include designing of the solution in an integrated manner so that most accounting activities can be managed automatically and in tandem such as accounting, bookkeeping, and auditing. While these are core requirements, there can be additional needs such as database management and customer relationship management (Seethamraju, 2012).
The accounting information system used in banks have some functional specifications and tasks such as creation of new accounts, closing of non-performing accounts, and modification of the details in accounts. This system would need to have some additional features such as loan application processing, loan sanctions, and premium calculations. Credit management is also a part of accounting system which involves activities like management of credit card applications, generation of credit cards, activation of issued cards, generation of card pin for security, and more. The requirements related to transactions include maintain of the deposits in the account, withdrawal of money from these accounts and management of reconciliation. The AIS would have programs implemented for making payments to vendors and for bills (Ryan, 2016).
The accounting information systems used in the banking would have some qualities like:
- Performance would be an important quality of the accounting information system and it would be reflected by the less response time and the high throughout
- The system needs to have reliable information on the accounts and related to finance at all times
- The information system should be adaptable to the baking environment such that it can be integrated with the other legacy systems of the organization.
- The system must provide scalability such that with changing requirements and the demands in customers, the bank should be able to scale up its operations and do not have to redesign the system for accommodating additional users or accounts.
- The system contains sensitive and confidential information of the banking users and thus, it is essential the accounting information system is secure and saved from the risks and security relate threats.
There is a variety of software vendors available for the accounting information system that are chosen from based on the needs and requirements of the software. These include Quickbooks, MYOB, Reckon, Saasu, and Xero. Each of these solutions are explained in detail.
Intuit QuickBooks is a very popular accounting information system that comes with some unique set of features. It has provisions to address differential needs of a number of different types of users that include home users, business vendors, large enterprises, and so on. It is highly customizable and its features can be tailored to address the needs if different users. Organizations can also purchase only the limited features of the software as per their requirements. The accounting activities that can be performed over this software are listed below:
- A bank intends to provide high quality services to its customers as well as save the costs in their operations at the same time. Quickbooks allow companies to save costs while performing accounting activities.
- The performance levels of the team increase because of a level of automation and thus, the company can achieve high customer satisfaction.
- The data that banks has with it is very critical and confidential and thus, this needs to be kept protected and secure. This application provides security features for the protection of the banking database.
- As the banking services have to be provided to the customers at all times and thus, they are required to be available and accessible at all times which is possible with this applicaiotn.
- It also has latest features for security that are based on the security framework so that the banking security is enhanced (Advisoryhq, 2015).
MYOB is an accounting software package that is used for managing accounting systems and provides a variety of unique features that organizations can use. It has provisions to address differential needs of a number of different types of users that include home users, business vendors, large enterprises, and so on. It is highly customizable and its features can be tailored to address the needs if different users. Organizations can also purchase only the limited features of the software as per their requirements. The accounting activities that can be performed over this software are listed below:
- The activities carried out in the banking organization in the real time are required to be monitored in the real time which is possible through this package.
- The software can be easily integrated with the Point of Sales transactions.
- The software can also be used in the offline mode and thus, the application would never suffer because of lack of network connectivity.
- The software package meets all the required legal and regulatory standards and compliances in the banking sector
- The software is highly customizable and thus, can be tailored to the needs of users (Myob, 2016).
It is an accounting software package that is used for managing accounting systems and provides a variety of unique features that organizations can use. It has provisions to address differential needs of a number of different types of users that include home users, business vendors, large enterprises, and so on. It is highly customizable and its features can be tailored to address the needs if different users. Organizations can also purchase only the limited features of the software as per their requirements. The accounting activities that can be performed over this software are listed below:
- It is essential that the customer data that is with the banks is highly protected and thus, a sense of security needs to be given to the customer which this system offers trough its rich security features.
- The user experience of this software is very good
- The software provides rich features for management of credit card applications and reconciliation (Carey, 2015).
Saasu is an accounting software package that is used for managing accounting systems and provides a variety of unique features that organizations can use. It has provisions to address differential needs of a number of different types of users that include home users, business vendors, large enterprises, and so on. It is highly customizable and its features can be tailored to address the needs if different users. Organizations can also purchase only the limited features of the software as per their requirements. The accounting activities that can be performed over this software are listed below:
- This software provide customization in terms of options for using different world currencies and thus, supports global banking systems
- The software allows for the integration of the application with other existing systems in the organization easily
Xero is an accounting software package that is used for managing accounting systems and provides a variety of unique features that organizations can use. It has provisions to address differential needs of a number of different types of users that include home users, business vendors, large enterprises, and so on. It is highly customizable and its features can be tailored to address the needs if different users. Organizations can also purchase only the limited features of the software as per their requirements. The accounting activities that can be performed over this software are listed below:
- This software has automation features for monitoring such that human resource would not be needed for the process of monitoring or evaluation
- The software allowing conducting of activities like bookkeeping and reconciliation
- It provides a high level of integration of the system (Miller, 2016).
The software packages that are used for managing accounting systems in banks were presented above and below are the methods that can be used for the implementation and adaptation of these systems in a bank.
Banks can develop a highly customized software that has a unique architecture. Such a software would be designed and delivered by developed based on the requirements defined by the banking organization. The banking organization may need some features that are very unique to the industry and would not be needed by another industry and thus, this approach can be very useful in establishing such features for the banking organization. The features can also differ with the scale as the larger banks would have several requirements that would be different from the smaller banks. However, this option can be very costly for an organization.
There market has certain software applications that are unique and available off the shelf for purchase. The cost of acquiring an off the shelf solution is much lower than developing a new solution for the accounting system management. These software applications are highly reliable and thus, it is possible for looking through the reviews and feedbacks given by the customers of the accounts. The developer organizations also provide a number of videos and documents for the training of the users of the applications. However, this mode of application usage has certain drawbacks as they need the mapping of existing applications with the software features.
In this method, a third party is contracted for designing, developing and implementing accounting information systems for the banks. The responsibilities of managing the activities would als be with the third party solution provider in this case. The benefit of outsourcing is that it would need lesser efforts for administration of the baking activities and thus, the staff would feel a relief at work. However, this process can be more time consuming and thus, may not be useful if the need for the management is a little urgent.
There are certain factors that would help evaluate the efficiency of the AIS implementation in the banking organizations. These include the following:
- The actual as well as estimated values of the budget and schedule of a banking project would define how efficient is the system in performing its activities. If there is no variation found between the actual and estimates then the system can be seen as a highly efficient system
- The amount of manual processing that is required after the implementation of AIS can also reflect upon the improvement in the efficiencies of the organization.
- With automation of certain banking processes, the workload of employees in the banking organization would be reduced and thus, a higher level of satisfaction can be achieved among them
- With increase in the capabilities and the efficiencies in the system, the level of satisfaction in the customers can also be increased.
A number of types of confidentiality attacks can occur in a banking system such as the following:
A number of different channels and activities are needed in the banking processes. There can be both internal and external entities within the organization that can help in inclusion of different access points. Through these access points, eaves dropping can be done for capturing the confidential data that is being shared between the different entities (Wood, 2016).
The number of banking transactions that happen in a day can be large in numbers. During these transactions, a large amount of information is also exchanged between different entities and individuals through different channels. In this processes, there could be unauthorized users tracking the information on different channels. These types of attacks are very difficult to track.
The information of the banking system provided business intelligence through the use of data mining and analytics. If these applications are used by attackers then there is a risk of them getting confidential data of the banking system so that they can cause major damages to the system and affect customers (Amato, 2016).
While the information gets exchanged over a network between the banking entities, the attackers can capture the same and reconstruct it to give it a new structure and shape that can further be used for compromising the confidentiality of banking users.
A number of types of integrity attacks can occur in a banking system such as the following:
Integrity is important to maintain for any banking application. It is essential that banks have proper authorization systems that monitor modifications of any kind such that the customer data is protected from the possible damaged by unauthorized users. Message alteration attacks can affect the integrity of the information being exchanged between users and entities such that banking activities can be modified by an unauthorized users (Microsoft, 2016).
Integrity is important to achieve in the banking systems as in the case of its failure, major damages can be caused to the systems and the users. The information integrity can be violated by alteration of the media attacks by the hackers such that the media that is exchanged between two people or entities gets modified or changed by the unauthorized user (Aws, 2016).
A number of types of availability attacks can occur in a banking system such as the following:
The services provided by the banks through the AIS are prone to flooding attacks in which an attacker keeps sending requests for unwanted data in such a large amounts that the performance of the system gets affected and system slowly starts to breakdown (Nichols, 2016).
AIS use a number of different servers that can be used in the bank. Server impersonation u can be used by the attackers to get the confidential information from the accounting information system (Mahmoud, 2015).
Quality of Service can be prone to the malevolent activities by the hackers or attackers who can cause major impacts on the availability of the system affecting its quality (Panetta, 2016).
It is important that the risks identified above are mitigated in various ways so that the system remains secure in the banks. Some of the strategies that can be used for mitigating these risks include:
- There are anti-denial tools that can be used with the accounting information system to ensure that the availability of the system does not get affected in any scenario.
- Advanced authentication mechanism like OTPs, multiple authentication, biometric authentication, and single sign on can be used with the AIS so that the application cannot be easily accessed by any unauthorized user (Lu, 2014).
- Most common forms of security attacks are the network attacks and thus, measures to be taken to protect the banking systems from them. For this, advanced monitoring systems and the auditing tools may be used that would allow the banking organization to monitor all the activities that are happening over the network and are connected with the bank (Jing, 2014)
- It is essential that every data is transferred or exchanged in the banking system is properly encrypted so that attackers cannot misuse the hacked information so easily without having to put efforts into decoding of the information.
- Intrusion detection and prevention systems can be used by banks for detecting any malicious activities that may happen in the system and stopping them
- The AIS should always remain updated with the latest patches and updates so that the system is protected by most attacks.
- A basic level of security can be archived with the use of firewalls that can be installed on the proxy servers in combination with anti-malware packages installed on the servers (Bhabad, 2016).
Accounting Information System is used for automating accounting processes carried out in financial or banking organizations. The primary users of this system are the banking organizations and they can use the system for automating a large number of banking activities that could be related to finance or accounting. There can be a number of different ways these systems can be implemented in the banks such as custom software development, off the shelf software purchase or outsourcing of the services. Software development can be costly while purchase of the same from shelfs can be most cost effective. However, it also comes with challenges in terms of limitations of customization. A number software applications are available that can actually be customized for the banking application such as Intuit Quickbooks, Xero, Saasu, Reckon and MYOB, each with different features and benefits for accounting. However, AIS systems are also faced by a number of risks that were discussed in detail in the reports. These included risk to availability, confidentiality, and integrity. Certain measures were recommended for mitigating these security threats in the banking system such as use of advanced authorization techniques like multiple authentication, implementation of intrusion detection and prevention, use of anti-denial tools, and use of firewalls.
Advisoryhq.com, (2015) 5 Best Small Business Accounting Software in Australia. [online] AdvisoryHQ. Available at: http://www.advisoryhq.com/articles/5-best-small-business-accounting-software-in-australia/ [Accessed 3 May 2017].
Amato, N. (2016). The hidden costs of a data breach. [online] Journal of Accountancy. Available at: http://www.journalofaccountancy.com/news/2016/jul/hidden-costs-of-data-breach-201614870.html [Accessed 3 May 2017].
Aws (2016). Overview of Security Processes. [online] Available at: https://d0.awsstatic.com/whitepapers/aws-security-whitepaper.pdf [Accessed 3 May 2017].
Bhabad, M. (2015). Internet of Things: Architecture, Security Issues and Countermeasures. [online] Available at: http://www.ijcaonline.org/research/volume125/number14/bhabad-2015-ijca-906251.pdf [Accessed 3 May 2017].
Carey, M. (2015) Cloud Accounting Overview 2015: MYOB Essentials vs Xero vs Intuit QuickBooks Online vs Reckon One – Digital First. [online] Digital First. Available at: http://www.digitalfirst.com/2015-overview-cloud-accounting-software/ [Accessed 3 May 2017].
Jing, Q. (2014). Security of the Internet of Things: perspectives and challenges. [online] Available at: http://csi.dgist.ac.kr/uploads/Seminar/1407_IoT_SSH.pdf [Accessed 3 May 2017].
Lu, C. (2014). Overview of Security and Privacy Issues in the Internet of Things. [online] Available at: http://www.cse.wustl.edu/~jain/cse574-14/ftp/security.pdf [Accessed 3 May 2017].
Mahmoud, R. (2015). Internet of things (IoT) security: Current status, challenges and prospective measures – IEEE Xplore Document. [online] Ieeexplore.ieee.org. Available at: http://ieeexplore.ieee.org/document/7412116/ [Accessed 3 May 2017].
Microsoft (2016). Core Infrastructure Optimization: IT & Security Processes – Best Practices for Business IT. [online] Available at: https://www.microsoft.com/india/infrastructure/capabilities/itprocesses.mspx [Accessed 3 May 2017].
Miller, K. (2016) Xero Review 2016 | Reviews, Ratings, Complaints, Comparisons. [online] Merchant Maverick. Available at: https://www.merchantmaverick.com/reviews/xero-review/ [Accessed 3 May 2017].
Myob, (2016) Online Accounting Software for Businesses | MYOB. [online] Myob.com. Available at: https://www.myob.com/au/accounting-software/compare [Accessed 3 May 2017].
Nichols, A. (2016). Cite a Website – Cite This For Me. [online] Sans.org. Available at: https://www.sans.org/reading-room/whitepapers/auditing/perspective-threats-risk-analysis-process-63 [Accessed 3 May 2017].
Panetta, K. (2016). Gartner’s Top 10 Security Predictions 2016 – Smarter With Gartner. [online] Smarter With Gartner. Available at: http://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/ [Accessed 3 May 2017].
Ryan, E. (2016) The Evolution of Accounting Software: Past, Present and Future|. [online] Gaaaccounting.com. Available at: http://www.gaaaccounting.com/the-evolution-of-accounting-software-past-present-and-future/ [Accessed 3 May 2017].
Seethamraju, R. (2012). Business process management: a missing link in business education. Business Process Management Journal, 18(3), pp.532-547.
Wood, P. (2016). Social hacking: The easy way to breach network security. [online] ComputerWeekly. Available at: http://www.computerweekly.com/tip/Social-hacking-The-easy-way-to-breach-network-security [Accessed 3 May 2017].