We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byMaria Nourse
Modified about 1 year ago
Copyright © Pearson Education Limited Computer Fraud Chapter 5 5-1
Copyright © Pearson Education Limited Learning Objectives Explain the threats faced by modern information systems. Define fraud and describe both the different types of fraud and the process one follows to perpetuate a fraud. Discuss who perpetrates fraud and why it occurs, including the pressures, opportunities, and rationalizations that are present in most frauds. Define computer fraud and discuss the different computer fraud classifications. Explain how to prevent and detect computer fraud and abuse. 5-2
Copyright © Pearson Education Limited Threats to AIS Table 5-1 Natural and Political disasters Software errors and equipment malfunctions Unintentional acts Intentional acts 5-3 Integrative case on page 148
Copyright © Pearson Education Limited AIS Threats Pages
Copyright © Pearson Education Limited Focus 5-1 Electronic Warfare Stuxnet 60 Minutes 5-5
Copyright © Pearson Education Limited Fraud Any means a person uses to gain an unfair advantage over another person; includes: ▫A false statement, representation, or disclosure ▫A material fact, which induces a victim to act ▫An intent to deceive ▫Victim relied on the misrepresentation ▫Injury or loss was suffered by the victim The ACME estimates ….. Page 152 Fraud is white collar crime 5-6
Copyright © Pearson Education Limited Two Categories of Fraud Misappropriation of assets page 153 ▫Theft of company assets which can include physical assets (e.g., cash, inventory) and digital assets (e.g., intellectual property such as protected trade secrets, customer data) Fraudulent financial reporting page 154 ▫“cooking the books” (e.g.,booking fictitious revenue, overstating assets, etc.) 5-7
Copyright © Pearson Education Limited Conditions for Fraud These three conditions must be present for fraud to occur: Pressure ▫Employee Financial Lifestyle Emotional ▫Financial Statement Financial Management Industry conditions Opportunity to: ▫Commit ▫Conceal ▫Convert to personal gain Rationalize ▫Justify behavior ▫Attitude that rules don’t apply ▫Lack personal integrity 5-8
Copyright © Pearson Education Limited Fraud Triangle 5-9
Copyright © Pearson Education Limited Computer Fraud If a computer is used to commit fraud it is called computer fraud. See “The rise in computer fraud” in page 160; Cyber sleuths in page 161 Computer fraud is classified as: ▫Input ▫Processor ▫Computer instruction ▫Data ▫Output 5-10
Copyright © Pearson Education Limited Preventing and Detecting Fraud 1. Make Fraud Less Likely to Occur OrganizationalSystems Create a culture of integrity Adopt structure that minimizes fraud, create governance (e.g., Board of Directors) Assign authority for business objectives and hold them accountable for achieving those objectives, effective supervision and monitoring of employees Communicate policies Develop security policies to guide and design specific control procedures Implement change management controls and project development acquisition controls 5-11
Copyright © Pearson Education Limited Preventing and Detecting Fraud 2. Make It Difficulty to Commit OrganizationalSystems Develop strong internal controls Segregate accounting functions Use properly designed forms Require independent checks and reconciliations of data Restrict access System authentication Implement computer controls over input, processing, storage and output of data Use encryption Fix software bugs and update systems regularly Destroy hard drives when disposing of computers 5-12
Copyright © Pearson Education Limited Preventing and Detecting Fraud 3. Improve Detection OrganizationalSystems Assess fraud risk External and internal audits Fraud hotline Audit trail of transactions through the system Install fraud detection software Monitor system activities (user and error logs, intrusion detection) 5-13
Copyright © Pearson Education Limited Preventing and Detecting Fraud 4. Reduce Fraud Losses OrganizationalSystems Insurance Business continuity and disaster recovery plan Store backup copies of program and data files in secure, off-site location Monitor system activity 5-14
Copyright © Pearson Education Limited Key Terms Sabotage Cookie Fraud White-collar criminals Corruption Investment fraud Misappropriation of assets Fraudulent financial reporting Pressure Opportunity rationalization Lapping Check kiting Computer fraud 5-15
1 CHAPTER 9 INFORMATION SECURITY Management Information Systems, 9 th edition, By Raymond McLeod, Jr. and George P. Schell © 2004, Prentice Hall, Inc.
Dentistar Inc. GROUP 4A NIRAV BHATT ERIKA GARCIA MANISHA SUCKOO ROXANA VALLIMOR.
Internal Control Chapter 7 McGraw-Hill/Irwin Copyright © 2010 by The McGraw-Hill Companies, Inc. All rights reserved.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
1 E-business Security and Control 2 Opening Case: Visa 10 commandments for online merchants – Maintaining a network firewall – Keeping security patches.
IT Security Auditing. Topics Defining IT Audit Risk Analysis Internal Controls Steps of an IT Audit Preparing to be Audited Auditing IT Applications Who.
PLANNING THE AUDIT Individual audits must be properly planned to ensure: Appropriate and sufficient evidence is obtained to support the auditors opinion;
CRICOS Provider Number 00103D 1 LN-4 Information Management Strategy ITECH 1005/5005: Business Information Systems Dr Zhaohao Sun GSITMS, University of.
FINANCIAL & BUSINESS SERVICES Welcome & Thank you for Attending Financial and Business Services Internal Controls Workshop.
Principles of Information Security, 3rd Edition2 Use this chapter as a guide for future reference on laws, regulations, and professional organizations.
Logical IT Security By Prashant Mali.
DENTISTAR, Inc. Case GROUP 5-A Silka Gonzalez Silvia Orozco Blanca Wegener.
Electronic Presentations in Microsoft ® PowerPoint ® Prepared by Brad MacDonald SIAST © 2003 McGraw-Hill Ryerson Limited.
1 Gramm-Leach-Bliley Act (GLBA) Implementation of the Safeguards Rule Information Security Program University of Minnesota (Adapted from the Federal Trade.
Fraud and Internal Control Presented by Andy Harper Pugh & Company, P.C. April 28, 2011.
Legal Issues in Information Security Chapter 5. Objectives Understand U.S. Criminal Law Understand U.S. Criminal Law Understand State Laws Understand.
1 COMPUTER GENERATED & STORED RECORDS CONTROLS Presented by COSCAP-SA.
Computer Forensics Principles and Practices by Volonino, Anzaldua, and Godwin Chapter 11: Fraud and Forensic Accounting Investigation.
Structured Analysis & OE/S Alternatives, specifications Focusing on the revenue cycle.
Copyright © 2011 Pearson Education, Inc. publishing as Prentice Hall 14-1 MANAGING INFORMATION TECHNOLOGY 7 th EDITION CHAPTER 14 INFORMATION SECURITY.
Fraud in the Workplace David Hammarberg, CPA, CFE, CISSP, CISA, MCSE
Security Presented by: Mark Davis & Shahein Moussavi.
1 Audit Risk Week Risk Assessment in Planning AR = IR x CR x DR To meet desired level of Audit Risk Need to assess each component IR & CR can be.
Learning Objectives 13.1 Explain how businesses benefit from the use of information technology (IT) Describe the components that enable IT– networks,
1 Information Security and Privacy Training for [the Agency] Information System Security Officers June 12 & 13, 2000.
Copyright © XiSEC, All rights reserved, 2002 Secure Computing Best Lifetime Achievement Award 2002 Ted Humphreys Information Security Management Goes Global.
SAS 99 – Consideration of Fraud in a Financial Statement Audit The New Fraud Standards Impact on Auditors and Financial Managers.
Part Three Tests of Controls and Tests of Details 9-1 Copyright 2010 McGraw-Hill Australia Pty Ltd PPTs t/a Auditing and Assurance Services in Australia.
March 2011 Created by: Margie Harvey & Dorraine Teitsch.
E. Gelbstein A. Kamal Information Insecurity Part II: The Solution Next slide: PgDn or Click Previous slide: PgUp To quit the presentation: Esc 1 of 48.
© 2016 SlidePlayer.com Inc. All rights reserved.