Information Systems

Facilitate access to relevant and concise information!

A System is a set of interconnected components that work together to achieve a common goal. In a computer-based system, the main components of the System are the equipment and the people interacting with it. The failure of some management systems is not due to hardware or software problems, but to people. And in this case, those responsible are not the people who interact with the system, but who implements and controls them!

Does not your system reach the goals? Is not obtaining information reliable? You may need to reformat the system! If you need advice and someone to coordinate the whole process, please contact us and explain your problem. Together, we may find a solution for:

  • Systems Auditing;
  • Systems analysis, with extensive user consultation;
  • Analysis of procedures and documentary circuits;
  • Emphasis is placed on the analysis of accounting (general, analytical and budgetary) parameterisation, since it is the origin of much of the operational information;
  • Reorganization of systems.

A little story

As already mentioned, the failure of some management systems is not due to hardware or software problems, but to people due to lack of standards or policies. Allow us to present a real case of an SME with 8 employees, 200 clients and an annual turnover of a few million euros:

  1. Note: the dates presented are fictitious as well as some elements, for the sake of professional secrecy.
  2. The Company decided that it needed a certain management system. Accounting and tax treatment were carried out on an outsoring basis by an outside company. The company needed to have controls of: stocks, sales, invoicing, Suppliers and Customers, since these were carried out in a rudimentary way and the Company's growth did not allow it;
  3. The Company did research to the market and contracted the services of a Company that had a system based on unix, with the necessary modules;
  4. The system was installed, some training was given to the users, everything that existed on paper was introduced into the system and apparently everything started to work very differently;
  5. In the middle of 2000, we were hired to audit the "system". The justification was that, apparently, there was a total lack of control, since the information provided was deconsolidated. In the perspective of Management the responsible was the "system" (the machine, the software) from whose acquisition it was "regretful;
  6. We started the job, asking for customer control listings. The system provided three types of listings: a traditional checking account, a breakdown with non-aggregated documents (invoices and credit notes that were not aggregated into a receipt, ie "into" debt ") and a listing with totals and time in In this respect, the system was spectacular, since in addition to generating such listings, it generated individual debt warning "letters" for each client. First Conclusion: In terms of structure, the customer control application was OK!
  7. We compared the previous listings. If the system was properly functional, the totals had to be the same. That is, for a given customer, the total debit (or credit) of the traditional checking account had to be the same as in the other listings. In some customers it was, but there were quite a few where the listings showed different amounts of debt. Second Conclusion - Apparently, either there was a problem in the application or probably in one "component" of the system (work rules ...);
  8. We tested the application by isolating a module for testing. We issued invoices and credit notes, and simulated payments (issuance of receipts). We printed their listings and everything was in order. Third Conclusion - The application was functional! Almost certainly the problem was in the other component of the system, that is, in people;
  9. We assisted customers, especially when making payments. Most customers were retailers, "simple" people who had small businesses with no accounting culture. Also the employees were people with low school qualifications, and weak accounting culture.
  10. The process was so absurd that it sounds like an anecdote. Let's explain the procedure for issuing a payment discharge receipt:
  11. Imaginemos que o cliente tinha três faturas em aberto no sistema (ou seja em débito): a 1, a 2 e a 3.
  12. Customer - I want to pay a part of the invoice 1, the entire invoice 2 and a part 3. But according to my accounts, I owe 10 of the invoice 2.
  13. The Employee - you must 15 of invoice 2 - the customer shows the previous receipt that "demonstrates" otherwise. The employee will refer to the invoice on his paper The Employeeporte in which he wrote down the payments made (with an application in front of him) and ... gives the customer reason.
  14. The Employee issues a credit note to "settle the accounts" and issues a receipt to pay the share of the ... etc. etc. etc.
  15. Sorry for the irony - this happened in the 21st century ...!
  16. Returning to the heart of the matter, we conducted an audit report in which we demonstrated to the client "scientifically" that the failure of the system was not due to the application but to the work done by those who completely subverted the "philosophy" of the application. This gave rise to a situation in which the Company was not aware "who owed whom". This is a wholesale company, with small margins that have to be compensated for by high sales, but unbalanced by the total disruption of credit sales!
  17. The Client paid our fees and after a few days he asked us for a solution. In this case, and in our perspective, the solution was to redo the entire credit system from the existing documentary sources.
  18. The Customer has renewed and contracted our services. Replacing this system took 4 months of hard work and was successful!
  • Conclusion - the "saving" of low wages with the admission of low skilled human resources, the absence of labor standards and their control, led to a total subversion of the System. This caused almost unquantifiable impairment, but the Company "felt" the need to use bank credit.

Information systems

System Deployment

The implementation of a new system alters the functioning of the Company and the responsibilities of all. The system must adapt to people and vice versa.

  • Project Management - Conversions to new systems often get out of control because companies do not realistically plan the project or do not execute the project according to the established plan;
  • System Parameters Settings vs. modifications - One of the most common mistakes companies make when implementing systems is to try to replicate existing systems. Modifications increase cost, increase implementation time and increase risk;
  • Training and standards - Probably the least planned area is in training and procedures and usage regulations;
  • Full Test - Everything must be thoroughly tested. System Parameters, Modifications, etc. Testing means engaging users and comparing test results to expected results.

Information security

Information security is based on three basic principles:

  • Confidentiality - AConfidentiality is the guarantee that information is accessible only by authorized persons;
  • Integrity - Integrity is guaranteed when you keep the information in its original format. Ensuring integrity is preventing the information from being modified, altered or destroyed without authorization;
  • Availability - Availability is the guarantee that authorized users gain access to the corresponding information and assets whenever necessary.

Threats to Systems

The information system is responsible for maintaining the operations of the companies. It is influenced by human, technological and physical factors, so it is vulnerable and needs to be protected, namely against:

  • Hardware Faults;
  • Software Faults;
  • Network Faults
  • Users Errors