Accounting Information Systems

Fourteenth Edition

Chapter 5
Computer Fraud

ALW AYS LEARNING Copyright ©

Copyright © 2017,
2017, 2016,
2016, 2015
2015 Pearson
Pearson Education,
Education, Inc.
Inc. All
All Rights
Rights Reserved
Reserved
 Learning Objectives
• Explain the threats faced by modern information systems.
• Define fraud and describe both the different types of fraud
and the auditor’s responsibility to detect fraud.
• Discuss who perpetrates fraud and why it occurs, including
the pressures, opportunities, and rationalizations that are
present in most frauds.
• Define computer fraud and discuss the different computer
fraud classifications.
• Explain how to prevent and detect computer fraud and
abuse.

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Threats to AIS
• Natural and Political disasters
• Software errors and equipment malfunctions
• Unintentional acts
• Intentional acts

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Fraud
• Any means a person uses to gain an unfair advantage
over another person; includes:
– A false statement, representation, or disclosure
– A material fact, which induces a victim to act
– An intent to deceive
– Victim relied on the misrepresentation
– Injury or loss was suffered by the victim

Fraud is white-collar crime

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Two Categories of Fraud
• Misappropriation of assets
– Theft of company assets which can include physical assets (e.g.,
cash, inventory) and digital assets (e.g., intellectual property such
as protected trade secrets, customer data)
• Fraudulent financial reporting
– “cooking the books” (e.g., booking fictitious revenue, overstating
assets, etc.)

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Auditor’s Responsibility
SAS No. 99 (AU-C Section 240) requires auditor’s to:
• Understand fraud
• Discuss the risks of material fraudulent misstatements
• Obtain information
• Identify, assess, and respond to risks
• Evaluate the results of their audit tests
• Document and Communicate findings
• Incorporate a technology focus

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Conditions for Fraud
These three conditions must be
present for fraud to occur:
• Pressure • Opportunity to:
– Employee – Commit
 Financial – Conceal
 Lifestyle – Convert to personal gain
 Emotional
• Rationalize
– Financial Statement
– Justify behavior
 Financial
 Management – Attitude that rules don’t
 Industry conditions apply
– Lack personal integrity

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Fraud Triangle

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Computer Fraud
• If a computer is used to commit fraud it is called computer
fraud.
• Computer fraud is classified as:
– Input
– Processor
– Computer instruction
– Data
– Output

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Preventing and Detecting Fraud
1. Make Fraud Less Likely to Occur
Organizational Systems
• Create a culture of integrity • Develop security policies to guide
• Adopt structure that minimizes and design specific control
fraud, create governance (e.g., procedures
Board of Directors) • Implement change management
• Assign authority for business controls and project development
objectives and hold them acquisition controls
accountable for achieving those
objectives, effective supervision
and monitoring of employees
• Communicate policies

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Preventing and Detecting Fraud
2. Make It Difficulty to Commit
Organizational Systems
• Develop strong internal controls • Restrict access
• Segregate accounting functions • System authentication
• Use properly designed forms • Implement computer controls
• Require independent checks and over input, processing, storage
reconciliations of data and output of data
• Use encryption
• Fix software bugs and update
systems regularly
• Destroy hard drives when
disposing of computers

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Preventing and Detecting Fraud
3. Improve Detection
Organizational Systems
• Assess fraud risk • Audit trail of transactions through
• External and internal audits the system
• Fraud hotline • Install fraud detection software
• Monitor system activities (user
and error logs, intrusion
detection)

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Preventing and Detecting Fraud
4. Reduce Fraud Losses
Organizational Systems
• Insurance • Store backup copies of program
• Business continuity and disaster and data files in secure, off-site
recovery plan location
• Monitor system activity

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
 Key Terms
• Sabotage • Pressure
• Cookie • Opportunity
• Fraud • Rationalization
• White-collar criminals • Lapping
• Corruption • Check kiting
• Investment fraud • Computer fraud
• Misappropriation of assets
• Fraudulent financial reporting

Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved