Chapter 5 51 Learning Objectives Explain the threats faced by modern information systems Define fraud and describe both the different types of fraud and the process one follows to perpetuate a fraud ID: 244539
Download Presentation The PPT/PDF document "Computer Fraud" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Computer Fraud
Chapter 5
5-1Slide2
Learning Objectives
Explain the threats faced by modern information systems.
Define fraud and describe both the different types of fraud and the process one follows to perpetuate a fraud.
Discuss
who perpetrates fraud and why it occurs, including the pressures, opportunities, and rationalizations that are present in most frauds.
Define computer fraud and discuss the different computer fraud classifications.Explain how to prevent and detect computer fraud and abuse.
5-
2Slide3
Threats to AIS
Natural and Political disasters
Software errors and equipment malfunctions
Unintentional acts
Intentional acts
5-3Slide4
Fraud
Any means a person uses to gain an unfair advantage over another person; includes:
A false statement, representation, or disclosureA material fact, which induces a victim to actAn intent to deceive
Victim relied on the misrepresentation
Injury or loss was suffered by the victim
Fraud is white collar crime5-4Slide5
Two Categories of Fraud
Misappropriation of assetsTheft of company assets which can include physical assets (e.g., cash, inventory) and digital assets (e.g., intellectual property such as protected trade secrets, customer data)Fraudulent financial reporting
“cooking the books” (e.g.,booking fictitious revenue, overstating assets, etc.)
5-
5Slide6
Conditions for Fraud
These three conditions must be present for fraud to occur:
PressureEmployeeFinancial
Lifestyle
Emotional
Financial StatementFinancialManagement Industry conditions
Opportunity
to:
Commit
Conceal
Convert to personal gain
Rationalize
Justify behavior
Attitude that rules don’t apply
Lack personal integrity
5-
6Slide7
Fraud Triangle
5-
7Slide8
Computer FraudIf a computer is used to commit fraud it is called computer fraud.
Computer fraud is classified as:InputProcessorComputer instruction
Data Output
5-
8Slide9
Preventing and Detecting Fraud1. Make Fraud Less Likely to Occur
Organizational
Systems
Create a culture of integrity
Adopt structure that minimizes fraud, create governance (e.g., Board of Directors)
Assign authority for business objectives and hold them accountable for achieving those objectives, effective supervision and monitoring of employeesCommunicate policiesDevelop security policies to guide and design specific control proceduresImplement change management controls and project development acquisition controls5-
9Slide10
Preventing and Detecting Fraud2. Make It Difficulty to Commit
Organizational
Systems
Develop strong internal controls
Segregate accounting functions
Use properly designed formsRequire independent checks and reconciliations of dataRestrict accessSystem authenticationImplement computer controls over input, processing, storage and output of data
Use encryption
Fix software bugs and update systems regularly
Destroy hard drives when disposing of computers
5-
10Slide11
Preventing and Detecting Fraud3. Improve Detection
Organizational
Systems
Assess fraud risk
External and internal audits
Fraud hotlineAudit trail of transactions through the systemInstall fraud detection softwareMonitor system activities (user and error logs, intrusion detection)5-11Slide12
Preventing and Detecting Fraud4. Reduce Fraud Losses
Organizational
Systems
Insurance
Business continuity and disaster recovery plan
Store backup copies of program and data files in secure, off-site locationMonitor system activity5-12Slide13
Key Terms
SabotageCookieFraudWhite-collar criminalsCorruptionInvestment fraud
Misappropriation of assetsFraudulent financial reportingPressureOpportunityrationalization
Lapping
Check kiting
Computer fraud5-13