Question: Even though I bought highly-recommended accounting software about a year ago, I find that there is a great deal of error in what takes place around the office. Why is this?
Answer: Your problem reflects a common exaggeration about the power and inherent intelligence of computers and software in 1997. For some reason, the confusion and hype associated with new technology leads to a misunderstanding of the limitations of that technology.
How does this manifest itself for the average person? Two examples highlight the extent of this misconception.
First, recently Business Week magazine reported survey results stating that 36 percent of Americans believe that 100 PCs could run the country better than 100 politicians. While that is a powerful criticism of politics in 1997, it reflects a fundamental lack of understanding of technology by more than one-third of those surveyed.
Second, the world was aghast and amazed when Gary Kasparov lost the first game of chess in his tournament with IBM’s Deep Blue. This is despite the fact that Deep Blue was specially designed and “coached” by a staff of chess experts as well as computer hardware and software experts. Interestingly, after that first game, the game outcomes changed as Mr. Kasparov came to better understand the “thinking” processes of Deep Blue.
Computers are still the very best at repetitive, computational, and detail-oriented processes. Software is programmed by people and relies on outside processes for contact with users.
Programmers and software designers intend for software to be used in a particular fashion and sometimes extend the envelope of expectation with user testing (referred to as beta testing). Still, even in the well-designed and well-tested software, bugs appear when the software is used in ways for which the publisher did not plan.
Therefore, as a business owner or manager you must address several user and process issues in order to effectively use automation and avoid over-reliance on the cleverness of computers.
– Accountability: Every person in an organization has responsibilities. The computer system should not be designed to or allowed to mask individual accountability to perform responsibilities. Otherwise, the computer system becomes a way for the incompetent or lazy employee to hide behind the claim, “It wasn’t me who did that.”
To accomplish this goal, users must have well-defined responsibilities involving the system. They must also be made to understand that usually they make the mistakes, not the computer, and that pretending a gremlin is playing on the system distorting their work is not a likely or acceptable scenario.
– Procedures: In today’s automation systems, there are frequently many ways to perform tasks involving the computer. While sometimes they involve using shortcuts, other times those ways short-circuit the system’s intent or results. Developing and enforcing the use of a common set of procedures for your employees and management is critical for a uniform use of the system.
– EDP controls: Just because software is supposed to work in a particular way doesn’t mean that it does. The purpose of electronic data processing controls is to define benchmarks of definitive expected results and to make sure software is really working in the fashion desired.
Even with ideal, well-tested, relatively bug-free, off-the-shelf software, operation and results may not be as you would expect. Therefore, you must establish some controls to ensure that everything is working as expected.
– Internal controls: For the sake of discussion, let’s define internal controls as “processes to provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use, or disposition of assets.” Your assets include cash, inventory, fixed assets, and proprietary lists or information.
A computer system does not inherently remove the risks of all threats to your business assets. Sometimes it introduces new risks. Therefore, the computer system usage must be combined with prudent age-old wisdom of segregation of duties, a review process, and the other issues we have so far discussed: accountability, procedures, and EDP controls.
Clearly, raw data and business information residing in computer systems are only as good as the sources of entry. “Garbage in, garbage out” is the old computer adage that stresses the value of developing good systems to keep the user environment sterile from data contaminants. Focusing on the factors that we have discussed will help you accomplish that.
Chaim Yudkowsky, CPA, is director of management consulting services at Grabush, Newman & Co., P.A., a Baltimore public accounting and management consulting firm. He may be contacted at (410) 296-6300, or e-mail him at CYudkowsky@byteofadvice.com.