Management Information and Control System

(One Paper – Three Hours – 100 Marks)

Management Information and Control System is the fifth paper of CAP-III. It  covers 100 marks in total. It is the Group 2 paper. The syllabus you need to cover in CAP-III under “Management Information and Control System” is as follows:

Level of Knowledge : Expert

Course objectives:

— Highlight the role of a professional accountant as manager and evaluator of information system.

— Identify information requirements of an organization, distinguish among the different types of information systems to recommend specific systems for organizational requirements.

— Assist in the analysis, design and implementation of information systems.

— Learn about the management, control and evaluation of IT infrastructure as well as information systems assets.


Course contents

  1. Organizational Management and Information System

—  Revision of organization system and management level

—  Computer based management information system: definition and functional

—  model, role of information

—  Business perspective of information system

—  IT and information security

—  Knowledge of business for developing IT system

—  IT governance


  1. Types of Information System

— Types of information system according to organizational hierarchy: operational level, knowledge level, management level, and strategic level

—  Information system to support organization

— Transaction processing system: introduction, data entry and validation, storage and master file update, error prevention and detection, report generation Knowledge work and office system: functions and tools Management information system

—  Decision support system: goals and applications, components and tools Executive support system orexecutive information system: introduction, sources of ESS, roles and characteristics

—  Expert support system: artificial intelligence, neural network, fuzzy logic, genetic algorithm

— Sales and marketing information system: model, inputs and out puts Manufacturing and production information system: model, inputs and out puts Finance and accounting information system: model, inputs and out puts Human resource information system: model, inputs and out puts, challenge and benefits


  1. Information Technology Strategy and Trends

—  Enterprise strategy and vision

— Internal and external business issues- position and business focus of the entity, relationship of it strategy and business strategy

— Factors influencing it-flexibility of changes in technology and business, budget, speed to the market, legal and regulatory body, business units

Assess current and future IT environments- current status of IT: hardware, software, peoples, procedures and data

—  IT risk and opportunity: trends and issues of current environments

—        Business and IT alignment, compliance with service level agreements,  stake holders attitude

— Different type of risks and risk assessment methodologies IT strategy planning: envision of future status, aligning future IT strategy with business strategy


  1. System Development Life Cycle-Acquisition, Development, Implementation, Maintenance and support

—  Business process design and BPR

— Definition, stages of system development: requirement, feasibility study, analysis, design, testing, implementation, support, documentation

—  Hardware evaluation and selection

—  Software evaluation and acquisition, RFP, IT proposal evaluation and cost benefit analysis.

—  Underlying principles of system development

—  Computer Aided System Engineering (CASE)

—  Models of system development: water fall model, spiral model

—  System testing

—  System conversion, user manual and training

—  System implementation, post implementation review and system maintenance Project management tools – context diagram, work breakdown structure, gantt chart, PERT and CPM


  1. System Analysis and Design

— Strategies for system analysis and problem solving: modern structured analysis, information engineering, prototyping: joint application development, and rapid application development, object oriented analysis

—  Concept of data and process modeling: data flow diagram, entity relationship diagram

— Strategies for system design: modern structured design, information engineering, prototyping, object oriented design

— Input design: batch and online input methods, system user issues, graphical user interface issues for input design

—  Output design: types of output, systems user interface for output design


  1. E-Commerce and Inter organizational Systems

—  Introduction to E-commerce: scope, technology and process

—  Features of e-commerce: ubiquity, global reach

—  Universal standards, richness, interactivity, information density, personalization

—  Categories of E-commerce: B2B, B2C, C2C

—  Electronic payment process: web payment process, electronic fund transfer

—  micro payment systems, secure electronics payments


  1. E-Business Enabling Software Package

—  Enterprises Resource Planning (ERP): introduction, model, functional areas or

—  modules, implementations, benefits and challenge

—  Supply Chain Management: introduction , model, reverse logistic, supply chain

—  planning and execution system

—  Sales Force Automation: introduction and model

—  Customer relationship management (CRM): introduction to computer based

—  CRM, models, operations, challenged and benefits


Emerging technologies in IT business environment

  • Cloud computing
  • Mobile computing
  • Virtualization
  • Virtual organization
  • Software as a service
  • Data exchange


  1. Protection of Information Assets

Three primary goals of information security: confidentiality, integrity and availability

—  Information security principles: accountability, awareness, ethics, multi-disciplinary, proportionality, integration, timeliness, assessment and equity System vulnerability and abuse: why system are vulnerable, hackers and computer viruses, disaster, security and errors

— System quality problems: software and data, bugs and defects, maintenance nightmare, data quality problems

—  IT general controls, Logical access control, Network access control and Application controls

— Information security programs – people, policy and technology security policies, procedures, practices, standards and guidelines Training and education, ownership, defined relationships, cost considerations Basic job responsibilities of various IT functions – programmer, system analysts, database administrator, project manager, tester, network administrator, web content manager, webmaster, hardware technician, security specialist, Chief Information Officer, IS auditor Segregation of duties

—  Development of control structure: cost and benefits, role of auditing in control process

  1. Disaster Recovery and Business Continuity Planning

—  Assessing business continuity management

—  Disasters recovery planning

— Data backup and recovery strategies: RAID, mirroring, clustering, high availability planning of servers


—  Alternative processing facility arrangements IT outsourcing


  1. Auditing and Information System

—  Introduction to information system audit and other assurance engagements

—  Information system audit strategy

—  Phases in information system audit – audit planning(scope, objective and audit program), examining and evaluating information, audit evidence, reporting audit findings

— Review of IT general controls, access controls, network controls, application controls, input and output controls

—  Review of DRP/BCP

—  Evaluation of IS: criterion for evaluation and risk, computer assisted audit techniques (CAAT)

—  Introduction to standards for IS audit


  1. Ethics and legal Issues in Information Technology

—  Agreement for confidentiality, trade secrets, discovery, non compete

—  Patents, trademarks and copyright

—  Significance of IT law

—  Digital signatures and authentication of digitized information

—  Introduction to digital data exchange and digital reporting standard-XML and XBRL

—  Government initiative for digitized financial information filing: IRD, OCR and others

— Need for system audit as per various regulations such as NRB and IB requirement Brief introduction of COSO, COBIT, CMM, ITIL, ISO/IEC27001


  1. Electronic Transactions Act, 2063

—  Electronic record and digital signature

—  Controller and certifying authority:

—  Dispatch, receipt and acknowledgement of electronic records

—  Digital signature and certificates

—  Functions, duties and rights of subscriber

—  Electronic record and use of digital signature

—  Network service

—  Offence relating to computer

—  Information technology tribunal

—  Relevant provision of Electronic Transactions Act, 2063

No Article rating
0 Reviews
Was this article helpful? Please rate this article to give us valuable insights for our improvements.
  1. Wow!
  2. Good
  3. Perfect
  4. Not Worthy
  5. Dislike

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also
Back to top button
Close Bitnami banner