CA Intermediate (Enterprise Information System (EIS) ) : Summary Notes - Fast Track

Download as pdf or txt
Download as pdf or txt
You are on page 1of 8

CA Intermediate [Enterprise Information System (EIS)]

Chapter 4

E-Commerce, M-Commerce and Emerging Technologies

Summary Notes – Fast Track

E-Commerce

CA Pradip K Agrawal Pradip K Agrawal is a commerce graduate. He is a qualified Chartered Accountant and Company Secretary. He has also
completed Quality Management System (QMS) and ISO-9001 Internal Auditor.
He has extensive experience in Information Technology (IT). He has around 13+ years in IT industry out of overall 19+ years in
corporate world. He has worked for fortune 500 companies for IT implementation, support, AMC, business process automation,
process re-engineering.
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 1

Traditional Commerce

 Definition  Traditional Commerce Delivery Model: Multi-Layer  Traditional Commerce Delivery Model: Transaction Approach
Traditional Commerce is the 1. Manufacturer 1. Enter into the Shop
exchange of goods or services in 2. Wholesaler 2. Pick the Shopping Cart
person or face to face. The 3. Retailer 3. Select and Pick the Products
customer has to interact with the 4. Consumer 4. Go to the Billing Counter
business owner or a representative 5. Billing is Prepared
of the business one to one. 6. Make the Payment
7. Pick the Products
8. Leave the Shop

E-Commerce

 Definition  E-Commerce Delivery Model: Transaction Approach  E-Commerce Delivery Model: Transaction Illustration
E-Commerce is the process of doing business 1. Order Placed by Customer Step 1: Go to Website and Register or Download the App
electronically. It uses the technology to process 2. Shopping Cart Step 2: Select the Type of Product
the transactions between a company, its 3. Payment Step 3: Select the Product
customers and business partners. It involves the 4. Order Completed Step 4: Go for Payment
use of automation for a variety of Business to 5. E-Mail sent to Merchant and Customer Step 5: Verify the Purchase
Business (B2B), Business to Consumer (B2C) 6. Sent to Warehouse for Fulfillment Step 6: Select the Payment Options
etc. transaction through reliable and secure 7. Shipping Carrier Picks-up Shipment Step 7: Make the Payment
connection. Step 8: Product is delivered

 E-Commerce: Workflow Model  Traditional Commerce Vs. E-Commerce


1. Customer Log-in – Website or Mobile Basis of Comparison Traditional Commerce E-Commerce
2. Product/Service Selection
Definition Manual or Face to Face Electronic
3. Customer Places Order
4. Payment Gateway Scope of Business Limited to Particular Area Worldwide Reach
5. Dispatch and Shipping Process
Accessibility Limited Time 24 x 7 x 365
6. Delivery Tracking
7. COD Tracking Customer Interaction Face to Face Screen to Face
Physical Inspection Physically Inspected No Physical Inspection
Resource Focus Supply Side Demand Side
Transaction Processing Manual Electronic
Payment Cash, Cheque, Credit Card Etc. Cash, Cheque, Credit Card, CoD
Etc.
Delivery of Goods Instantly Takes Time
Marketing One Way Marketing One to One Marketing
Information Exchange No Uniform Platform Provides Uniform Platform
Layers of Delivery (Profit Impact) Reduced Layer of Delivery Profit (+), Discounts, Better Price
Layers of Delivery (Time Impact) Reduced Layer of Delivery Faster Delivery, JIT Inventory
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 2

E-Commerce
 Laws Governing E-Commerce

A. Commercial Law
 Formation of Legal Entity  Foreign Trade  Consumers  Employees

1. Companies Act, 2013 1. The Customs Act, s1962 1. Indian Contract Act, 1872 1. The Factories Act, 1948
⬛ E-Commerce-Private or Public Limited Co. ⬛ Import and export of goods ⬛ Defines constituents of a valid contract ⬛ Regulate working conditions of workers
⬛ Regulates corporate sector ⬛ Levy of customs duty ⬛ E-Commerce and E-Commerce transaction ⬛ Extends to place of storage and
⬛ Governs regulatory aspects of companies in ⬛ India signatory to GATT key to define constituents transportation
India ⬛ Software downloads, debate of tariff
2. Consumer Protection Act, 1986
2. Income Tax Act, 1961 2. Foreign Trade Development and Regulation Act, 1992
⬛ Protects consumer rights
3.
⬛ Regulates taxation of income in India ⬛ Regulates foreign trade – import into and ⬛ Transactions source of most of the
⬛ Origin of transaction critical for taxation export from India litigations
⬛ Incidental matters 3. The Competition Act, 2002
3. Goods and Service Tax Act, 2017 ⬛ Amazon allowed purchase from global store ⬛ Regulates adverse effects on competition in
2.
⬛ Upload sales and purchases invoice on 3. Foreign Exchange Management (FEMA) Act, 1999 India
central IT infrastructure 3. ⬛ Competition commission’s vigilance
⬛ FDI and flow of foreign exchange in India
⬛ Reconciling the business transactions,
⬛ FDI – 100% automatic route B2B
GST tax payment, Tax Credits, and
⬛ FDI – B2C calibrated manner
Filing of e-Return.

B. Special Law
1. Information Technology Act, 2000 2. Reserve Bank of India Act, 1932
⬛ Regulates online transactions, penalties, prosecution for non-compliance ⬛ Credit/Debit card to be chip based
⬛ Important aspects: ⬛ OTP or PIN for all transactions
► Legality of products; ⬛ Capital Adequacy norms for payment wallets like SBI buddy, PAYTM etc.
► Data protection;
► Privacy;
► Online advertising;
► Other provisions
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 3

E-Commerce
 Guidelines for E-Commerce  Benefits
1. Product Warranty or Guarantee 2. Billing 1. Customers/Individuals/ Users 2. Business/ Sellers
► Proper Display ► Format of Billing ► Anytime, Anywhere, 24x7 Access ► Creation of New Markets
► Documents along-with the Product ► Details on Billing ► Various Options ► Easier Entry into New Markets
► Applicable GST ► Easy to find Reviews ► Increasing Customer Base
s ► Coupons and Deals ► Instant Transactions
► Convenience ► Provide a Dynamic Market
3. Shipping 4. Delivery
► Time Savings ► Elimination of Time Delays
► Shipping Time ► Mode of Delivery ► Competitive Benefits ► Reduction in Costs
► Frequency of Shipping ► Time of Delivery ⬛ Overhead Costs

► Packing ► Location or Place of Delivery ⬛ Advertising Costs


3. Government ⬛ Competitive Environment

► Improvement in Efficiency Due to:


5. Return 6. Payment ► Instrument to Fight Corruption ⬛ Reduction in Processing Cycle
► Ecological Impacts ⬛ Reduction in Errors in Processing
► Type of Goods ► Mode of Payment
⬛ Reduction in Inventory
► Time Period ► Restrictions
► Verification of Authenticity
► Time of Refund

E-Commerce
 Components
A. Users
B. E-Commerce Vendors C. Technology Infrastructure
1. Suppliers and Supply Chain 4. E-Commerce Catalogue and Product 8. Showroom and Offline Purchase 1. Computers, Servers & Database
Management Display
o Availability of enough and right goods o Proper display of all products o Feel, touch or see the products o Backbone for success
suppliers o Customers gauge the products o Customers gauge the products o Stores program and data
o Operationally and financially safe o Good catalogue – customer experience o Good catalogue – customer experience o Shared infrastructure
o Real time stock inventory
o Orders dispatched and delivered quickly 5. Guarantees 9. Privacy Policy 4. Web Portal
2. Warehouse Operations
o Money back guarantees o Policy via-a-vis customer data and o Front-end interface
o Products are stored o Customer satisfaction and safety information o Simplicity and clarity
o Picked and packed as per specifications o Disclosure to use the information of o Accessed through devices
o Dispatched for delivery 6. Marketing and Loyalty Programs customers
3. Digital Libraries
o Long term relationship with customers 10. Security
3. Shipping and Return
o Airline Industry o Collection of digital objects
o Fast Return - USP o State security policy o Organizing, storing and retrieving files
o Effective & Efficient 7. Different Ordering Methods o Online data to transact is safe
o SSL
o Debit Cards and Credit Cards o Fall into the hands of malicious hackers
o Cash on Delivery (CoD)
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 4

E-Commerce
 Components  Architecture of Network System
C. Technology Infrastructure ►Architecture denotes the way network architecture is built and e-Commerce runs through network connected system
4. Digital Libraries 1. Two-Tier Architect 2. Three-Tier Architect
o Collection of payment A. Client Application A. Presentation Layer
o Credit Card, Debit Card, Online Payment,
UPIS ► Client Application handles both presentation and application ► Client and Top Layer.
layers. ► User interacts at the time of using software.
5. Data Interchange ► Acts as an interface between user and e-Commerce and m- ► Communicates with application layer.
Commerce vendor. ► User information passed to application layer.
o Electronic communication of data
► User logs-in ► Example – G-Mail logs-in
o Specific Protocols and Standards for
► Connects to database application
communication between players B. Application Layer
► Displays products and price
B. Database Application
6. Internet / Network ► Business Logic Layer or Logical Layer.
o Key for E-Commerce ► Server system handles database layer. ► Mediator between Presentation Layer and Database Layer.
o Traditional and New Technology ► Stores data of products, prices, customers, and other related data. ► Controls business logic and application’s functionality.
o 4G Services ► User can not access data directly. ► Interacts with Database Layer.
► Data displayed through application tier. ► Sends information to Presentation Layer.
► Performs operations on applications.
7. Mobile Apps ► Additional Note:
► Example, G-Mail validates credentials and interacts with database
► Communication takes place between client and server. layer
► Software Application Program ► Client sends request to server system.
► Android, iOS, Blackberry, Windows Mobile, ► Server processes request & sends back data. C. Database Layer
Tizen, Firefox OS
► Mobile Devise Specific Advantages Disadvantages ► Stores data.
► Key Components: ► Application Layer communicates with Database Layer and
⬛ Mobile Storefront ► Higher Performance ► Scalability retrieves data.
⬛ Mobile Ticketing ► Simplicity ► Flexibility ► Contains methods to connect to Database Layer.
⬛ Mobile Marketing & Advertising ► Multiple Users ► Performs required action e.g. insert, update, delete etc.
⬛ Mobile Customer Support & Information
► Example, User gets the mails on inbox retrieving information from
⬛ Mobile Banking
database layer

3. Three-Tier Architect
Advantages Dis-advantages
► Clear separation of user-interface control & data presentation from application layer ► Increased need for network traffic management, server load balancing and fault tolerance
► Dynamic Load Balancing ► Immature and Complex
► Change Management ► Inadequate Maintenance Tools
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 5

E-Commerce
 E-Commerce Architecture Vide Internet

 Presentation Layer  Application Layer  Database Layer


Approach: User, Internet, Web Browser (Internet Explorer/ Approach: Application Server and Back End Server Approach: Stores data relating to products, price etc.
Chrome/Firefox), and Web Server. Example: E-Merchants, Reseller and Logistics Partner Purpose: Accessible to user through application layer.
Example: User buys a product from e-Commerce. Purpose: Customer logs into merchant systems. Allows
Purpose: e-Commerce customer connects to e-Commerce customer to check the products available on merchant’s
merchant website.

 E-Commerce Architecture Vide Mobile Apps

 Presentation Layer  Application Layer  Database Layer

Approach: Mobile Web Browser and Internet Approach: Application Server and Back End Server Approach: Stores data relating to products, price etc.
Example: Mobile App, User Example: E-Merchants, Reseller, Logistics Partner, and Purpose: Accessible to user through application layer.
Purpose: e-Commerce customer connects to e-Commerce Payment Gateway
merchant Purpose: Customer logs into merchant systems. Allows
customer to check the products available on merchant’s
website.

E-Commerce
 Risks  Controls
3.
1. Infrastructure D. Security and Credit Card Issue 4. Transaction Internal Control, as defined in accounting and
auditing is a process for assuring achievement
A. Infrastructure • Cloning debit cards and credit cards A. Problem of anonymity of an organization’s objectives in operational
• Poses security threats and financial loss effectiveness and efficiency, reliable financial
• Need digital infrastructure • Identify & authenticate users reporting, and compliance with laws, regulations
• Roads and Railways E. Data Loss or Theft or Duplication • Anyone from anywhere buy & sell and policies.
• Data transmitted over internet 4.
2. Technology B. Repudiation of contract  Objectives
• Lost, duplicated, tampered with or relayed
A. Need Access to Internet & Lack of • Electronic transaction for purchase & sale • System effectiveness objectives
F. Problem of Piracy denied
Personal Touch
• System efficiency objectives
• Intellectual Property not protected C. Lack of authenticity of transactions
• Additional cost
• Transaction through e-Commerce • Safeguard assets from un-authorized access
• Lacks personal touch • Electronic transactions

3. Product • Not reliable & authentic • Ensure data integrity
B. Privacy and Security
A. Quality Issues D. Denial of service
• Personalized info. vulnerable to misuse • Prevent loss of computer hardware, software
• Poses a higher degree of threats by hackers • Original product differ from ordered • Non-availability of system and personnel
• Viruses, e-Mail Bombs & Floods
C. Attack from hackers • Prevent organizational costs of data Loss
B. Delay in delivery of goods & hidden cost
E. Lack of audit trails
• Vulnerable to hackers • Delay in delivery of goods • Prevent loss from incorrect decision-making
• Incomplete logs
• Hidden costs for cross-border transaction • Prevent from high costs of computer Error
• Too voluminous & Easily tempered
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 6

E-Commerce
 Controls
 Persons in Value Chain
1. Users 2. Sellers/Buyers/Merchants 3. Network Service Providers 4. Technology Service Providers 5. Logistic Service Providers
 
• Genuine users • Product catalogues • Availability & security of • Cloud computing back ends • Timely product deliveries
• Accounts hacked • Price catalogues network • Application back ends
• Buy products and services • Discounts & promotional • Downtime of network • Risk of availability & Security 7. Government
schemes • Tax accounting
• Product returns 6. Payment Gateways • Legality of products
• Accounting for cash received
through cash on delivery mode of • Efficient, effective & foolproof
sales

E-Commerce
 Communication

⬛ Educating the participants about ▪ Communication of organizational ▪ Ensure compliance with industry ▪ Protect e-Commerce business
the nature of risks policies to its customers body standards from intrusion
► Infrastructure policies and guidelines: ► Privacy policies ► Compliances and adherence to law of land ► Viruses
► Frequency & nature of education ► Information security ► Hackers
programs ► Shipping & billing policies ► Passwords
► Participants ► Refund policies ► Regular software updates
► Sensitive data
E-Commerce, M-Commerce and Emerging Technologies CA Pradip K Agrawal Chapter 4 Page 7

E-Commerce
 Cyber Security Risk Consideration

► E-Commerce platform operates on ever changing and evolving technology environment.


► It is imperative for the consideration of cyber security risks in the audit procedures.
► Risk Assessment is always a very important part of the audit procedures.
► It must give due consideration to the changing risks in the entity and its environment due to the ever-evolving technology landscape
► It can have a potential impact on the financial statements.
 Impact  Standard on Auditing (SA-31)

 Direct Financial Impact  Indirect Operational Impact  Programs processing data inaccurately,  Unauthorized changes to data in master files.
 inaccurate data or both.  Unauthorized changes to systems or programs.
▪ Weak Password at OSI ▪ Leakage of sensitive  Risk of unauthorized access of data  Failure to make necessary changes to systems
layers customer information  IT access privileges and breaking SoDs or programs.
▪ Issue of integrity of data ▪ Legal & regulatory actions  Inappropriate manual intervention.
 Potential loss of data or inability to access
data as required

 Control

1. IT Infrastructure Landscape 5. Firewalls 10. Baseline configuration review 14. Awareness campaigns
• Diagram-Servers, Databases, Hubs, • Internet activity in accordance with rules • Established under security standards • Employee awareness
Routers, Internal & External networks defined. • Periodically reviewed • Focusing on methods of intrusion
• Stopped based on individual actions
2. IT Infrastructure Assets 6. Access Approval Process 11. Vulnerability scan or penetration
testing
• List of digital assets • Approval process exists before access
• Physical location of assets granted • Scan or testing performed
• IT managers responsible for protection • Findings noted
7. Authentication
3. Policy and procedure document of IT 12. Annual Review
infrastructure Assets • Two factor authentication for remote
access • CIO review digital assets and IT
• Criticality of digital assets • Username, password, pin, token etc. infrastructure
• Use • Critical cyber security risks
8. Issue resolution process for cyber •
• Direct impact on the financial statements Design control to address
• Access restrictions security breach
13. Skill set & training of IT managers
• Actions for breach
4. IT Security Policy
• Controls from occurring • Skilled & trained to perform the
• Circulated to all employees functions
• Adherences to procedures accessing IT
9. Back-up plan
system or resources
• Back-up schedules timely & properly
• Password security, restricted use of
• Applicable for outsourced assets:
internet etc.
• Server maintenance
• Security

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy