9: Information Strategy Flashcards
When developing an information strategy, a business must consider:
In which areas of the business could IT be used effectively
Cost of implementing IT system (development or purchase, documentation, maintenance, etc.)
Implications for the existing workforce (e.g. training, redundancies)
Benefits of cloud computing
Lower costs – businesses no longer have to meet the expense of purchasing and maintaining
servers locally
Flexibility to scale up capacity if data requirements change
Access to data from anywhere in the world with an internet connection
Easier collaboration through central availability of data, especially for businesses with multiple
operations
Automatic software updates
Risks of cloud computing
Data held by service provider may be stolen, lost or corrupted
Outages and connectivity issues limiting accessibility
Potential for service providers to increase costs
Assurance over cloud computing - ISAE 3402 Assurance Reports on a Service Provider requires reporting accountants to focus on whether the system is as described and the controls have been designed appropriately and operating effectively.
The accountant should consider the following issues in relation to security:
Regularity and adequacy of tests of system for possibility of unauthorised access
Processes if a security breach is discovered
Encryption of data
Payment data being held in accordance with the payment card industry’s data security standard
Whether process and procedures accord with industry standards such as ISO accreditation
Blockchain
Blockchain is a type of distributed ledger, which addresses some fundamental cyber-security risks.
It is an accounting technology concerned with the transfer of ownership of assets, and maintaining a ledger of accurate financial information.
Unlike traditional bookkeeping records held by a business (which are closed to outsiders and are solely controlled by the organisation) all records in the blockchain are publicly available and are distributed across everyone connected to the network.
When a transaction between participants occurs, the details of the transaction are logged in all of the blockchain ledgers simultaneously – recording the time, date, value of the deal, and the details of the participants.
Any attempt by a participant to interfere with a transaction, for example by attempting to post incorrect details to the ledger, will be rejected by the network parties assigned to verify the transaction. Failure to achieve consensus will lead to the transaction not being recorded in the ledger in the blockchain.
Benefits of cryptocurrencies
Speed of transactions – international transactions can be conducted in almost real time
Removal of intermediaries – the lack of involvement by a central bank takes away the need to pay transaction fees
Removal of credit risk – funds must be present in a customer’s virtual wallet in order for a transaction to be processed
Removal of exchange rate risk – businesses can trade internationally using cryptocurrencies without the need to exchange funds between traditional currencies
Risks of cryptocurrencies
Use of different currencies – if suppliers and customers trade in different cryptocurrencies, or if funds have to be converted into traditional currencies, then exchange rate risk reappears
Customers and suppliers may be unwilling to trade in cryptocurrencies
Inability to borrow cryptocurrencies from central banks
Automation involves machines taking over work traditionally carried out by human beings, for
example:
Manufacturing
Bank reconciliations
Hiring staff (screening CVs for key words)
Customer support
Self-service check-outs
Benefits of automation
Faster processing of transactions
Improved productivity
Reduced errors
Reduced costs
Machine learning decisions are based on two important aspects of analytics:
Prediction: anticipating what will happen, based on the data and patterns in the data.
Prescription: providing recommendations for what to do in order to achieve goals or objectives
Potential applications of artificial intelligence and machine learning
Websites making recommendations to customers based on purchasing histories
Recognising unusual spending patterns to identify potential fraud
Chatbots aiding with customer service
Optimising routes to minimise transport costs
Monitoring of competitors’ prices and devices being used by customers to implement dynamic pricing strategies
Potential applications of the internet of things
Sensors on products (or components) transmit data about how that product or component is performing. This can help a company identify if a component is likely to fail, so that it can be replaced before it causes any damage.
Real-time data generated by sensors on products, components or assets can be used to make systems and supply chains more efficient; for example, by being able to track the real time location of freight which is being delivered.
Sensors monitoring traffic flows can provide information about the best routes for delivery drivers to take.
Sensors in smart buildings can adjust temperature automatically – for example, turning air conditioning on if sensors detect a conference room is full, or turning the heating in a building down if everyone has gone home.
Inventory levels can be monitored so that orders can be placed when a specified re-order level is reached
Management requires information for three purposes:
Making effective decisions – information is required from inside and outside the organisation
Control activities – detailed information is required about actual performance so that it can be compared against goals/budgets and corrective action taken
Coordination – coordinating the activities of individuals, departments or divisions in order to achieve organisational goals
Managers need information at the strategic, tactical and operational levels.
Strategic level
Managers require information about strategic issues and long-term trends, within an organisation and in its external environment, assessing where the business fits into the industry and how it can develop new products and markets.
Strategic information will address issues such as the following:
Competitors’ prices
Product/Customer profitability
Market share
Brand image
Cash flow
Tactical level
Managers look at issues that apply over a particular timeframe, for example production planning for the next quarter or performance for the year to date.
Operational level
Managers need specific information about day-to-day activities and transactions, for example staff
rotas and recording inventory movements.
Qualities of good information
In order to be useful, information must comply with the ACCURATE mnemonic:
Accurate
Complete
Cost-beneficial
User-targeted
Relevant
Authoritative (reliable)
Timely
Easy to use
Limitations of management reports
Lack of graphics
Lack of references to more detailed reports
Not directed at the appropriate people
Lack of non-financial information
Short-termism
Information overload
Not linked to strategy and objectives
Lack of comparatives and external benchmarks
Cyber security controls
Intelligence and monitoring of potential cyber threats, e.g. via monitoring of social media
Detecting breaches before a significant amount of data is stolen e.g. by analysing patterns in data downloading
Communicating with stakeholders who may have been affected by breaches to minimise reputational damage
Staff training to minimise human error
Compliance with ISO 27001 (International Organisation for Standardisation’s code of best
practice for information security management)
Scan all removable media before allowing access to the corporate system
Management of users’ privileges, e.g. allowed websites
Use of anti-malware software
Apply software updates which may improve system security
Contingency planning in case of cyber attack
Ensure third party systems are secure before sharing data
Companies may seek assurance over the robustness of their internal controls, particularly in relation to cyber security
Costs may be classified in a number of ways:
Classification by element
Materials
Labour
Expenses
Classification by function
Production
Selling & distribution
Admin
Finance
Classification by nature
Direct (prime)
Indirect (overhead)
Classification by behaviour
Fixed
Variable
Semi-variable
Stepped
Breakeven analysis studies the relationships between costs, volume and profit. The most important
information is contribution – if the product is making a contribution, production should continue.
The breakeven point, at which a business will make no profit and no loss, is calculated as:
total fixed costs / contribution per unit
The margin of safety, i.e. the percentage change in forecast sales volume before the BEP is reached, is calculated as
budgeted sales volume - break even point
_____________________
budgeted sales volume
The sales price variance determines whether the actual sales price per unit was greater (favourable variance) or less (adverse variance) than the budgeted sales price. It is calculated as follows:
Actual quantity of units × actual sales price per unit
Actual quantity of units × standard sales price per unit
Difference = sales price variance
The sales volume variance determines whether the actual volume of units sold is greater (favourable
variance) or less (adverse variance) than the budgeted number of units. It is calculated as follows:
Actual quantity of units × standard contribution per unit X
Standard quantity of units × standard contribution per unit X
Difference = sales volume variance
Limiting factors
Businesses require information about resource constraints to make the best use of resources available
in the short-term. Limiting factor analysis works by choosing the product(s) with the highest
contribution per unit of scarce resource in order to maximise profit.
