fraud and role of information technology
play

Fraud and Role of Information Technology September 2008 Agenda IT - PowerPoint PPT Presentation

Feb 23, 2024 •340 likes •839 views

Fraud and Role of Information Technology September 2008 Agenda IT Value Proposition Fraud and the Role of IT Slide 2 Prior Interpretations of Internal Control Structure Have Addressed Three Separate Parts Which Were Audited Somewhat

  1. Fraud and Role of Information Technology September 2008

  2. Agenda • IT Value Proposition Fraud and the Role of IT Slide 2

  3. Prior Interpretations of Internal Control Structure Have Addressed Three Separate Parts Which Were Audited Somewhat Independently. But This Is No Longer Possible – Technology Has Changed Our World Enterprise Management Customer-Facing Apls Customer Experience Finance / Accounting Business Process Business Process Business Process Business Process Business Process Sales/Marketing Contact Centers Program Changes, Program Development, IT General Access to Programs and Data, Computer Controls Operations Fraud and the Role of IT Slide 3

  4. While Audit Approaches Toward Fraud Have Changed, So Have the Tools and Approaches Taken By Today’s Fraudster Fraud is now committed using As Companies Implement New Manual Fraud Controls, Our Fraudster Has Also Used Automated Means To Override Them. We Have To Both Validate That Current Key Controls Work and Think Of New Ways These Perpetrators May Challenge Them in the Future Fraud and the Role of IT Slide 4

  5. Failed ITGCs can Adversely Impact our Integrated Audit Types of Controls General Business Activities AS5’s Focus Includes: Enterprise Management  Identifying risks and controls related to financial reporting. Entity Level Controls Understanding and  leveraging company level Customer-Facing Apls Customer Experience Finance / Accounting controls and their relationship Business Process Business Process Business Process Business Process Business Process Contact Centers Sales/Marketing to financial statement assertions. Manual and Application Level Controls  Understanding the role of relevant information technology general controls for both automated and IT dependent controls and IT General Controls processes. Evaluating, validating and  documenting our conclusion Program Changes, Program Development, IT General on the operating Access to Programs and Data, Computer Controls Operations effectiveness of the key controls A failure in the ITGCs can provide the opportunity for the rest of the control framework to fail Fraud and the Role of IT Slide 5

  6. Along with ITGCs, Addressing Fraud in the Integrated Audit Includes Evaluating Key Application Controls and Application User Access Security Controls and Their Role in the Key Business Process Controls Financial Statement Transaction / Sub- Line Item Transaction (Significant Account) Follow up of Application User Access Business Process exceptions Controls (Manual Control) Security Controls identified by control reports Automated Application Application Controls / Processes Generated Key Reports Information Technology General Computer Controls (ITGCs) Each of the Areas in Yellow Offer the Potential Fraudster Opportunities to Commit Fraud. Deficiencies in These Areas Can Impact Our Substantive Testing Plan and our Fraud Procedures Including Journal Entry Testing Fraud and the Role of IT Slide 6

  7. Layers of ITGCs and their relative risk INF HS APP Increasing Level of Risk DB Infrastructure (INF) Host Server (HS) Application (APP) Database (DB) Fraud and the Role of IT Slide 7

  8. Layers within ITGCs Which may be Prone to Higher Fraud Risks INF HS Increased Potential for Fraud APP Increased Potential for Fraud DB Infrastructure (INF) Host Server (HS) Application (APP) Database (DB) Fraud and the Role of IT Slide 8

  9. IT and Business Process Redundant and Compensating Controls Some relative considerations on the risk and potential mitigation of IT General Controls issues Some deficiencies in INF these areas may be determined to have a HS direct impact on data or a financial statement APP assertion and need to be evaluated in the Some deficiencies in context of the business DB these areas would not process redundant and have a direct impact on compensating controls data or a financial statement assertions and may be mitigated by other IT General Controls at the Application and Database layer Fraud and the Role of IT Slide 9

  10. Effective Auditing in a Complex IT Environment Requires Effective Coordination Among All Specialist Groups Core Audit Prior to start of year-end Data Mgmt IT Audit testing At Planning Meeting Once 1 st test During SAS 99 results in Brainstorming Session Reviewing final During Completion of test results the Fraud Risk Prior to start Assessment Memo of Qtrly 1 - 3 Testing Planning Execution Final Typical Audit Process Timeline Meeting the Requirements of SEC and PCAOB Regulations (SAS 99, AS5) Efficiently and Effectively Makes Close Coordination Important Fraud and the Role of IT Slide 10

  11. Value Drivers for IT Audit Coordinated Involvement In the Integrated Audit IT Audit’s involvement can serve to expand and strengthen the audit team’s understanding of the overall business processes and controls as well as the integration of financial processes with systems. • We can help determine whether Fraud Risks are completely identified, presented to the Audit Team to be addressed in a coordinated manner and tested in an efficient, effective manner. • We can address the concerns noted in the PCAOB 4010 report regarding fraud detection and how it can be applied to engagements. • With IT Audit’s coordinated involvement, we can identify and respond with integrated audit procedures to unique areas of fraud risk in systems and business processes. • Many IT Audit professionals have industry specific business process skills that can be deployed on engagements to drive an integrated effort and improve audit quality. • Including IT Audit’s understanding of the application systems architecture when developing SAS 99 testing, we can facilitate focused testing based upon risk. Fraud and the Role of IT Slide 11

  12. Along with Enhanced Delivery in the Integrated Audit Environment, Numerous Other Areas Exist to Add Value Is My Investment Can My IT Trading Auditors Fraud
Found
At
 Environment XYZ!
 Become Secure and Forensic- Controlled To Capable? Prevent Fraud? What Other IT Is My Data Areas Open Up Protected From The Abuse As It Opportunity For Travels Fraud? Overseas? We Only Have to Think of the Challenges Faced In Meeting Other Regulatory Requirements Fraud and the Role of IT Slide 12

  13. Making The Vision A Reality Fraud and the Role of IT Slide 13

  14. Overall Anti-Fraud Framework Fraud and the Role of IT Slide 14

  15. Developing a Fraud Risk Response Internal Control Environment and Objective Setting Oversight by Audit Code of Conduct/ Whistle-blower / Investigation / Hiring and Promotion Other Control Environment Committee and Board Ethics hotline Remediation Procedures Considerations Event Identification, Risk Assessment and Risk Response Identify Identify Business Identify Fraud Significant Areas Units / Locations Define Risk Schemes of Risk within where Fraud Spectrum Related to each Each Fraud Schemes are Fraud Category Category applicable Consider Likelihood, Significance and Pervasiveness of the Risks identified Monitoring Control Activities Reassess Fraud Monitor the Risk. Change in Evaluate Design Identified Link Control circumstances. & Effectiveness Controls Activities to Acquisitions/ of Controls Fraud risks divestitures. Identified Perform Fraud identified Restructurings. Auditing Control issues Procedures Information and Communication Change System Access to Programs Computer Management Implementation and Data Operations Fraud and the Role of IT Slide 15

  16. Fraud Schemes and Audit Risk Response Financial Statement Audit  Procedures designed to provide reasonable assurance that financial statements free of material misstatements due to fraudulent financial reporting or misappropriation Financial Disclosure of assets Statement Manipulation  Does not extend to other categories of fraud or misconduct Sr Mgmt or  Limited to fraud risks, having potential material financial Employees with Misappropriation of statement impact Significant Role Assets in Financial Reporting Internal Controls Audit Unauthorized  Management must develop pervasive and specific Receipts and programs and control activities to prevent and timely Aiding & Abetting Expenditures detect  Auditor evaluates design and validates effectiveness of management’s antifraud programs and controls  Limited to fraud and misconduct risks, having potential material financial statement impact Fraud and the Role of IT Slide 16

  17. Evaluating Antifraud Programs and Controls Control / Internal Environment Control Activities • Tone at top • Linking controls to identified fraud risks • Code of conduct/ethics • Ethics hotline Information / Communication • Hiring and promotion • Information systems & technology • Oversight committee • Knowledge management • Investigative process • Training • Remediation Monitoring Fraud Risk Assessment • Ongoing monitoring by management • Systematic process • Level within agency • Separate “after the fact” evaluations by internal audit • Likelihood and significance Fraud and the Role of IT Slide 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager

The Role of Internal Controls in the Fight Against Fraud A Tale of Fraud! Payroll manager makes $2.25MM disappear! It must be Magic! Fraud Statistics 5% of GWP lost to employee fraud & abuse More than $3.5 Trillion per year

559 views • 44 slides
Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw

6/5/2016 Risky Business: How Companies Fall Victim to Fraud Presented by: Tony Okray Julie Latchaw Julie Lombardi Member FDIC Agenda: Fraud Statistics Fun With Numbers Check Fraud & ACH Fraud Your Role in Preventing Fraud Fraud

238 views • 13 slides
FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a

FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a

Fraud Investigation - Clare Lewis FRAUD AND ERROR The Basics What is Benefit Fraud The Law states that anyone who submits a claim form containing false information or misses out relevant information from the form or fails to declare

162 views • 13 slides
Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul

Fraud Awareness Corporate Fraud Team Agenda for today Introduction to the session (Paul Sutton, Chief Finance Officer) The Corporate Fraud team role, how to make referrals (John Short- Interim Senior Fraud Investigations Officer)

265 views • 23 slides
Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention

Fraud Overview Agenda Fraud Overview Fraud Triangle and Red Flags Fraud Prevention Case Studies Our Commitment Spring ISD Source: ACFE & Fraud Overview What Is Fraud? Fraud is any intentional act or

405 views • 18 slides
Cyber payments fraud February 2020 Confidential For Discussion & General Information

Cyber payments fraud February 2020 Confidential For Discussion & General Information

Cyber payments fraud February 2020 Confidential For Discussion & General Information Purposes Only Online Payments fraud agenda New and evolving threats in the fraud landscape Critical strategies your organization needs for fraud

329 views • 18 slides
Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due

Onyx Fraud is rife online Online fraud aggregated 10bn in 2017 Fraud costs are increasing, due to technology sophistication Internet provides unrestricted access to a larger pool of potential victims Banks should arm themselves with

276 views • 16 slides
Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014

Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014

Innovative Fraud Monitoring Identifying and combatting fraud in real time January 2014 Technology and Shrinking Margins Easier to commit fraud more incentive to do it International Call Termination Originating Wholesalers Service

365 views • 14 slides
Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is

Fraud Prevention: The Prevention and Detection of Fraud Begins with You Takeaways What is fraud? Definition Facts Four factors Fraud risk assessment Four evaluation criteria Common fraud schemes Case studies

707 views • 60 slides
What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

What is Fraud ? The Fraud Act 2006 defines fraud as . Headed by Investigations Manager

Points to cover Leicester City Council Revenues & Benefits Investigation Team What is Fraud? Fraud Awareness Key issues for the Team Audit and Risk Committee Referrals & Investigation Process Sanctions &

69 views • 4 slides
INFORMATION & COMMUNICATION TECHNOLOGY (ICT) COVERING M2M/IOT AND ITS ROLE IN SMART CITY +

INFORMATION & COMMUNICATION TECHNOLOGY (ICT) COVERING M2M/IOT AND ITS ROLE IN SMART CITY +

INFORMATION & COMMUNICATION TECHNOLOGY (ICT) COVERING M2M/IOT AND ITS ROLE IN SMART CITY + CYBER SECURITY Prepared by Confederation of Indian Industry Presented by N. Kishor Narang INFORMATION COMMUNICATION TECHNOLOGY (ICT) COVERING

371 views • 26 slides
SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security

SP 800-16 Rev 1 (3 rd Draft) A Role-Based Model for Federal Information Technology/Cyber Security Training FISSEA Conference March 19, 2014 Pat Toth Penny Klein Computer Security Division Systegra Information Technology Laboratory NATIONAL

750 views • 40 slides
The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of

The Fraud Indicator in the UK Professor Mark Button Centre for Counter Fraud Studies Outline of Presentation General measures of fraud Past measurement of fraud The annual fraud indicator and fraud Theres no fraud here, Ive

684 views • 26 slides
Dealer Fraud Impact On Lenders Operations Fraud Drivers Customers Dealers Lenders

Dealer Fraud Impact On Lenders Operations Fraud Drivers Customers Dealers Lenders

Dealer Fraud Impact On Lenders Operations Fraud Drivers Customers Dealers Lenders Customer / Consumer Initiated Tools & Technology Identity Theft Identity Theft (Synthetic Fraud) (True Name Fraud) Know Your Customer

720 views • 42 slides
Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud

Prioritising the Fight Against Fraud: A Strategic Approach The Association of Certified Fraud Examiners (ACFE) is an international, professional organization dedicated to fighting fraud and white-collar crime . As fraud becomes increasingly more

373 views • 24 slides
Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

Definition of Fraud Fraud is an intentional deception made for personal gain Fraud Triangle

MMTCTA Fraud Internal Controls Presented By Ron Smith & Greg Chabot, RHR Smith & Co. May 14, 2015 About RHR Smith & Company: RHR does approx 130 of Maines 500 Municipalities In the past year RHR has Investigated 23+

506 views • 39 slides
Post Session Review: Solvency Plan, Federal Stimulus, FY10 Budget and Fiscal Outlook May 1, 2009

Post Session Review: Solvency Plan, Federal Stimulus, FY10 Budget and Fiscal Outlook May 1, 2009

Legislative Finance Committee Post Session Review: Solvency Plan, Federal Stimulus, FY10 Budget and Fiscal Outlook May 1, 2009 David Abbey Director NM Legislative Finance Committee Legislative Finance Committee Financial Summary 2009

378 views • 15 slides
Half-Yearly Financial Results 2018 For the six months ended 30 June 2018 AIB Group plc Important

Half-Yearly Financial Results 2018 For the six months ended 30 June 2018 AIB Group plc Important

Half-Yearly Financial Results 2018 For the six months ended 30 June 2018 AIB Group plc Important information and forward looking statement This presentation should be considered with AIBs Annual Financial Report 2017, Q1 Trading Update April

638 views • 35 slides
Housing Performance March 2018 Diarmaid Ward Executive Member for Housing and Development Fire

Housing Performance March 2018 Diarmaid Ward Executive Member for Housing and Development Fire

Housing Performance March 2018 Diarmaid Ward Executive Member for Housing and Development Fire safety ACM3 cladding removed from (two end elevations of) Braithwaite House July 2017 Cladding replacement expected by end of October

212 views • 20 slides
SAXO CAPITAL MARKETS ACCOUNT OPENING MOVING MONEY OFFSHORE MARGIN LENDING HOW TO TRADE ACCOUNT

SAXO CAPITAL MARKETS ACCOUNT OPENING MOVING MONEY OFFSHORE MARGIN LENDING HOW TO TRADE ACCOUNT

SAXO CAPITAL MARKETS ACCOUNT OPENING MOVING MONEY OFFSHORE MARGIN LENDING HOW TO TRADE ACCOUNT OPENING Account Opening - Accounts opened with Saxo Capital Markets UK Ltd - Regulated by FSA - Paper application form completed and signed* -

380 views • 7 slides
- -gBeautiful Life s- Date:05.06.2017 To, To, Corporate Relations Department, Corporate

- -gBeautiful Life s- Date:05.06.2017 To, To, Corporate Relations Department, Corporate

Asian Granito lndia Ltd. Regd, & Corp, onrce 202,oevArc, Opp. lskcon Tempe, S,c. Highwa, Ahmedabad-38o 015. Tel.: +91-79-66125500/69a, Far +917966125600, edat: info@agtasangEntio.com Fa.tory: Ceramic Zone'Daplr, Ial. P6ntij 3a3 DO. Dist.

1.14k views • 53 slides
1 Practices and Procedures (continued) Practices and Procedures (continued) May/June 2016

1 Practices and Procedures (continued) Practices and Procedures (continued) May/June 2016

Areas to be covered Cheltenham Borough Council Legal background Role of Audit Committee Audit Committee, 21 September 2016 Accounting practices and procedures Changes to 2015/16 Financial Statements 2015/16 Statement of

392 views • 3 slides
DEEP I Indus ustries es L Limited ed Inves estor Presen entat tatio ion Feb ebruary

DEEP I Indus ustries es L Limited ed Inves estor Presen entat tatio ion Feb ebruary

DEEP I Indus ustries es L Limited ed Inves estor Presen entat tatio ion Feb ebruary 2017 2017 Safe Harbor This presentation and the accompanying slides (the Presentation), which have been prepared by Deep Industries Ltd (the

484 views • 31 slides
Assignment Description You are required within the designated group to develop a Capstone Report

Assignment Description You are required within the designated group to develop a Capstone Report

Melbourne Institute of Technology Pty Ltd CRICOS Provider No: 01545C, 03245K NSW Assessment Details and Submission Guidelines Unit Code: BB320 Unit Title: Integrated Capstone Strategy Assessment Type: Capstone Report and Presentation

319 views • 3 slides

More recommend