Escolar Documentos
Profissional Documentos
Cultura Documentos
Fourteenth Edition
Chapter 5
Computer Fraud
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Threats to AIS
• Natural and Political disasters
• Software errors and equipment malfunctions
• Unintentional acts
• Intentional acts
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Fraud
• Any means a person uses to gain an unfair advantage
over another person; includes:
– A false statement, representation, or disclosure
– A material fact, which induces a victim to act
– An intent to deceive
– Victim relied on the misrepresentation
– Injury or loss was suffered by the victim
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Two Categories of Fraud
• Misappropriation of assets
– Theft of company assets which can include physical assets (e.g.,
cash, inventory) and digital assets (e.g., intellectual property such
as protected trade secrets, customer data)
• Fraudulent financial reporting
– “cooking the books” (e.g., booking fictitious revenue, overstating
assets, etc.)
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Auditor’s Responsibility
SAS No. 99 (AU-C Section 240) requires auditor’s to:
• Understand fraud
• Discuss the risks of material fraudulent misstatements
• Obtain information
• Identify, assess, and respond to risks
• Evaluate the results of their audit tests
• Document and Communicate findings
• Incorporate a technology focus
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Conditions for Fraud
These three conditions must be
present for fraud to occur:
• Pressure • Opportunity to:
– Employee – Commit
Financial – Conceal
Lifestyle – Convert to personal gain
Emotional
• Rationalize
– Financial Statement
– Justify behavior
Financial
Management – Attitude that rules don’t
Industry conditions apply
– Lack personal integrity
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Fraud Triangle
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Computer Fraud
• If a computer is used to commit fraud it is called computer
fraud.
• Computer fraud is classified as:
– Input
– Processor
– Computer instruction
– Data
– Output
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Preventing and Detecting Fraud
1. Make Fraud Less Likely to Occur
Organizational Systems
• Create a culture of integrity • Develop security policies to guide
• Adopt structure that minimizes and design specific control
fraud, create governance (e.g., procedures
Board of Directors) • Implement change management
• Assign authority for business controls and project development
objectives and hold them acquisition controls
accountable for achieving those
objectives, effective supervision
and monitoring of employees
• Communicate policies
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Preventing and Detecting Fraud
2. Make It Difficulty to Commit
Organizational Systems
• Develop strong internal controls • Restrict access
• Segregate accounting functions • System authentication
• Use properly designed forms • Implement computer controls
• Require independent checks and over input, processing, storage
reconciliations of data and output of data
• Use encryption
• Fix software bugs and update
systems regularly
• Destroy hard drives when
disposing of computers
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Preventing and Detecting Fraud
3. Improve Detection
Organizational Systems
• Assess fraud risk • Audit trail of transactions through
• External and internal audits the system
• Fraud hotline • Install fraud detection software
• Monitor system activities (user
and error logs, intrusion
detection)
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Preventing and Detecting Fraud
4. Reduce Fraud Losses
Organizational Systems
• Insurance • Store backup copies of program
• Business continuity and disaster and data files in secure, off-site
recovery plan location
• Monitor system activity
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved
Key Terms
• Sabotage • Pressure
• Cookie • Opportunity
• Fraud • Rationalization
• White-collar criminals • Lapping
• Corruption • Check kiting
• Investment fraud • Computer fraud
• Misappropriation of assets
• Fraudulent financial reporting
Copyright © 2017, 2016, 2015 Pearson Education, Inc. All Rights Reserved