BUSINESS PROCESS
BUSINESS PROCESS
Business processes are structured activities or tasks performed by people or systems within an
organization to produce a specific service or product for customers. These processes are
essential for the day-to-day operations of a business and are usually categorized into three
types: operational (core) processes, supporting processes, and management processes.
Examples include sales order processing, inventory management, and payroll processing.
● Revenue Cycle:
Example: A customer buys a smartphone from an online store. The store processes the
order, ships the product, sends an invoice, and receives payment.
Explanation: The revenue cycle refers to all activities related to selling goods or services
and collecting payment. It includes order entry, shipping, billing, and cash collection.
● Expenditure Cycle:
Example: A company purchases raw materials for manufacturing. They place a
purchase order, receive the goods, and then pay the supplier.
Explanation: The expenditure cycle involves acquiring goods or services and making
payments. It includes ordering, receiving, and settling the invoice.
These are the key documents that initiate and support transactions in the revenue cycle:
Customer Order or Sales Order Form: Records what the customer wants to buy.
Shipping Document (Bill of Lading): Confirms that goods have been shipped.
Sales Invoice: Requests payment from the customer.
Remittance Advice: Sent by the customer with the payment, indicating what the payment
covers.
Inputs:
Customer purchase orders
Shipping notices
Invoices
Payments and remittance advice
Sales data
Outputs:
Customer invoices
Sales reports
Accounts receivable updates
Payment confirmations
Revenue summaries
Inputs:
Purchase requisitions
Purchase orders
Supplier invoices
Receiving reports
Outputs:
Payment to suppliers
Updated accounts payable records
Inventory records
Purchase summaries
Management Reports
1. Define Internal Controls
Internal controls are accounting and auditing processes used in a company's finance
department that ensure the integrity of financial reporting and regulatory compliance.
Internal controls help companies to comply with laws and regulations and prevent fraud. They
can also help improve operational efficiency by ensuring that budgets are adhered to, policies
are followed, capital shortages are identified, and accurate reports are generated for leadership.
2. What is a COBIT framework?
COBIT, or Control Objectives For IT, is an ISACA-designed and globally accepted framework
helping IT managers/professionals to easily figure out the hidden and surfaced technical issues,
governance risks, and areas where control is lacking.
The framework is extensive and explains everything about how a business can have a better
hold over IT systems and ensure their quality controls. It’s so flexible and expandable that
business ventures from any background and domain can adopt it effectively. Seeing the
authenticity and viability of this framework, the US has adopted this framework as the
foundation to achieve SOX compliance.
Not only this, COBIT has become so famous that globally recognized standards such as ISO
27000, ITIL, COSO, PMBOK, and many more have given their acceptance to it. It mainly works
like a guideline integrator to de-clutter this space and bring all-possible key solutions under one
roof.
2. Covering the Enterprise End-to-End – Integrates IT governance into overall enterprise
governance.
3. Applying a Single Integrated Framework – Aligns with other standards and
frameworks (like ITIL, ISO).
4. Enabling a Holistic Approach – Considers processes, people, culture, and technology
together.
Every time information is transmitted from one user or application to another, the organization
could be compromising its data. IT application controls help mitigate the risks of using these
tools by putting various checks in place. These checks authenticate applications and data
before it’s allowed into or out of the company’s internal IT environment, ensuring that only
authorized users can take action with the company’s digital assets.
Examples:
1. Field validation checks – e.g., date field only accepts date format
4. Required fields – user cannot proceed unless the field is filled
Examples:
3. Data matching – e.g., matching invoice number with purchase order
Examples: