Upload
coral-malone
View
219
Download
4
Embed Size (px)
Citation preview
Chapter 5Computer Fraud
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall5-1
Learning Objectives
Explain the threats faced by modern information systems.
Define fraud and describe the process one follows to perpetuate a fraud.
Discuss who perpetrates fraud and why it occurs, including: the pressures, opportunities, and rationalizations that
are present in most frauds.
Define computer fraud and discuss the different computer fraud classifications.
Explain how to prevent and detect computer fraud and abuse.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-2
Common Threats to AIS
Natural Disasters and Terrorist Threats
Software Errors and/or Equipment Malfunction
Unintentional Acts (Human Error)
Intentional Acts (Computer Crimes)
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-3
What Is Fraud?
Gaining an unfair advantage over another person A false statement, representation, or disclosure A material fact that induces a person to act An intent to deceive A justifiable reliance on the fraudulent fact in which a
person takes action An injury or loss suffered by the victim
Individuals who commit fraud are referred to as white-collar criminals.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-4
Forms of Fraud
Misappropriation of assets Theft of a companies assets. Largest factors for theft of assets:
Absence of internal control system Failure to enforce internal control system
Fraudulent financial reporting “…intentional or reckless conduct, whether by act or
omission, that results in materially misleading financial statements” (The Treadway Commission).
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-5
Reasons for Fraudulent Financial Statements
1. Deceive investors or creditors
2. Increase a company’s stock price
3. Meet cash flow needs
4. Hide company losses or other problems
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-6
Treadway Commission Actions to Reduce Fraud
1. Establish environment which supports the integrity of the financial reporting process.
2. Identification of factors that lead to fraud.
3. Assess the risk of fraud within the company.
4. Design and implement internal controls to provide assurance that fraud is being prevented.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-7
SAS #99
Auditors responsibility to detect fraud Understand fraud Discuss risks of material fraudulent statements
Among members of audit team Obtain information
Look for fraud risk factors Identify, assess, and respond to risk Evaluate the results of audit tests
Determine impact of fraud on financial statements Document and communicate findings
See Chapter 3 Incorporate a technological focus
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-8
The Fraud Triangle
Pressure
Opportunity
Rationalization
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-9
Pressure
Employee
Financial
Emotional Lifest
yle
• Motivation or incentive to commit fraud
•Types:
1.Employee• Financial• Emotional• Lifestyle
2.Financial• Industry conditions• Management
characteristics
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-10
Financial Reportin
g
Industry Conditio
ns
Mgmt Characteristics
Opportunity
Opportunity
Commit
Conceal Conv
ert• Condition or situation that allows a person or organization to:
1.Commit the fraud
2.Conceal the fraud• Lapping• Kiting
3.Convert the theft or misrepresentation to personal gain
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-11
Rationalizations
Rationalizati
on
Justification
Attitude
Lack of Peronal Integrity
•Justification of illegal behavior
1.Justification• I am not being
dishonest.2.Attitude
• I don’t need to be honest.
3.Lack of personal integrity• Theft is valued
higher than honesty or integrity.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-12
Computer Fraud
Any illegal act in which knowledge of computer technology is necessary for: Perpetration Investigation Prosecution
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-13
Rise of Computer Fraud
1. Definition is not agreed on
2. Many go undetected
3. High percentage is not reported
4. Lack of network security
5. Step-by-step guides are easily available
6. Law enforcement is overburdened
7. Difficulty calculating loss
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-14
Computer Fraud Classifications
Input Fraud Alteration or falsifying input
Processor Fraud Unauthorized system use
Computer Instructions Fraud Modifying software, illegal copying of software, using software in an
unauthorized manner, creating software to undergo unauthorized activities
Data Fraud Illegally using, copying, browsing, searching, or harming company
data
Output Fraud Stealing, copying, or misusing computer printouts or displayed
information
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-15