©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-1 Accounting Information Systems 9 th Edition Marshall.

Slides:



Advertisements
Similar presentations
Fraud and Internal Control Presented by Andy Harper Pugh & Company, P.C. April 28, 2011.
Advertisements

Computer Crimes A criminal act committed through the use of a computer. It can also involve the theft of a computer and any equipment associated with the.
Introduction and Overview of Digital Crime and Digital Terrorism
FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT
Copyright © 2015 Pearson Education, Inc. Computer Fraud Chapter
Computer Fraud Chapter 5.
Computer Fraud Chapter 5.
1 Non-Cash Assets Chapter 9. 2 List the five categories of tangible non-cash misappropriations discussed in this chapter. Discuss the data on non-cash.
Chapter 11: Computer Crime, Fraud, Ethics, and Privacy
Accounting Information Systems 9th Edition
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Employee, Vendor, and Other Frauds against the Organization Other Frauds against the Organization McGraw-Hill/Irwin Copyright © 2012 by.
2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.
PERSONAL FINANCIAL MANAGEMENT
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 5-1.
Chapter 5 Computer Fraud Copyright © 2012 Pearson Education 5-1.
Computer Fraud and Security Merle P. Martin College of Business CSU Sacramento 7/11/02.
©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-1 Accounting Information Systems 9 th Edition Marshall.
Chapter 9 Information Systems Ethics, Computer Crime, and Security
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
COMPUTER CRIME An Overview Agenda u Background and History u Potential Criminals u Ethics Survey u Criminal Activity u Preventative Measures u Background.
Chapter 3 Cash Larceny.
Security, Privacy, and Ethics Online Computer Crimes.
Computer-Based Information Systems Controls
Accounting Information Systems 9th Edition
Audit Procedures for Misappropriation of Assets Pertemuan XXIV Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
Chapter 9 Information Systems Ethics, Computer Crime, and Security
1 of 51 C © 2006 Prentice Hall Business Publishing Accounting Information Systems, 10/e Romney/Steinbart CHAPTER 5 Computer Fraud and Security.
Computer Fraud Pertemuan XVI Matakuliah: F0184/Audit atas Kecurangan Tahun: 2007.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Chapter 11 Security and Privacy: Computers and the Internet.
Copyright ©2011 by Pearson Education, Inc. publishing as Pearson [imprint] Professionalism: Skills for Workplace Success, 2/e Lydia E. Anderson Sandra.
Financial Management Financial Planning
Prepared by: Dinesh Bajracharya Nepal Security and Control.
 2004 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, by Bodnar/Hopwood 4 – 1 Transaction Processing and the Internal Control.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Chapter 10: Crimes Against Property
Computer Security Management: Assessment and Forensics Session 8.
5-1 Electronic Presentation by Douglas Cloud Pepperdine University Carl S.Warren Survey of Accounting.
First Look at Security and Privacy Jeremiah Burleson.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
1 Payroll Schemes Chapter 6. 2 List and understand the three main categories of payroll fraud. Understand the relative cost and frequency of payroll frauds.
LESSONS ENTREPRENEURSHIP: Ideas in Action© SOUTH-WESTERN PUBLISHING Chapter 7 FINANCE, PROTECT, AND INSURE YOUR BUSINESS Put Together a Financial.
Chapter 6 Payroll Schemes.
CONTROLLING INFORMATION SYSTEMS
Fraud and Forensic Auditing Pertemuan 23-24
Chapter 10 – Crimes Against Property. Arson The willful and malicious burning of a person’s property Intentionally burning a building to defraud the insurance.
CHAPTER 12 FINANCIAL MANAGEMENT Financial Planning FINANCIAL PLANNING Ongoing Operations Revenue – all income that a business receives over a period.
7-1 FRAUD, INTERNAL CONTROL, AND CASH 7 Remember… people will lie, cheat and steal! Not everybody…. and not all the time.… but they do….
Issues for Computer Users, Electronic Devices, Computer and Safety.
Security, Ethics and the Law. Vocabulary Terms Copyright laws -software cannot be copied or sold without the software company’s permission. Copyright.
Analyzing Credit and Debt  When you use credit responsibly it can be very convenient because you can use it to buy things now and pay for them later by.
By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Information Systems Security
Add video notes to lecture
Cyber Crimes Chunlian QU 9/18/2018.
Chapter 3: IRS and FTC Data Security Rules
Henri Teittinen Aling with the textbook: Romney & Steinbart (2012)
Computer Fraud Chapter 5.
BCT 2.00 Analyze Technology Issues
Societal Issues in Computing (COMP466)
Financial, Funding, and More Fun
CCP 420: FRAUD DETECTION AND MANAGEMENT
Accounting Information Systems & Computer Fraud
Presentation transcript:

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-1 Accounting Information Systems 9 th Edition Marshall B. Romney Paul John Steinbart

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-2 Computer Fraud Chapter 9

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-3 Learning Objectives 1.Describe fraud and describe the process one follows to perpetuate a fraud. 2.Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds. 3.Compare and contrast the approaches and techniques that are used to commit computer fraud. 4.Describe how to deter and detect computer fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-4 Introduction Jason Scott finished his tax return. Everything was in order except his withholding amount. For some reason, the federal income tax withholdings on his final paycheck was $5 higher than on his W-2 form. What did he discover?

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-5 Introduction Most of the 1,500 company employees had a $5 discrepancy between their reported withholdings and the actual amount withheld. The W-2 of Don Hawkins, one of the programmers in charge of the payroll system, showed that thousands of dollars more in withholding had been reported to the IRS than had been withheld from his paycheck.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-6 Introduction What constitutes a fraud, and is the withholding problem a fraud? If this is indeed a fraud, how was it perpetrated?

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-7 Introduction Why did the company not catch these mistakes earlier? Was there a breakdown in controls? What can the company do to detect and prevent fraud? Just how vulnerable are computer systems to fraud?

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-8 Introduction This chapter describes the fraud process. It also explores the reasons that fraud occurs. The chapter also describes the approaches to computer fraud and the specific techniques used to commit it. Finally, several methods to deter and detect fraud are analyzed.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-9 Learning Objective 1 Understand what fraud is and the process one follows to perpetuate a fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-10 The Fraud Process Most frauds involve three steps. The theft of something The conversion to cash The concealment

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-11 The Fraud Process What is a common way to hide a theft? – to charge the stolen item to an expense account What is a payroll example? – to add a fictitious name to the company’s payroll

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-12 The Fraud Process What is lapping? In a lapping scheme, the perpetrator steals cash received from customer A to pay its accounts receivable. Funds received at a later date from customer B are used to pay off customer A’s balance, etc.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-13 The Fraud Process What is kiting? In a kiting scheme, the perpetrator covers up a theft by creating cash through the transfer of money between banks. The perpetrator deposits a check from bank A to bank B and then withdraws the money.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-14 The Fraud Process Since there are insufficient funds in bank A to cover the check, the perpetrator deposits a check from bank C to bank A before his check to bank B clears. Since bank C also has insufficient funds, money must be deposited to bank C before the check to bank A clears. The scheme continues to keep checks from bouncing.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-15 Learning Objective 2 Discuss why fraud occurs, including the pressures, opportunities, and rationalizations that are present in most frauds.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-16 Why Fraud Occurs Researchers have compared the psychological and demographic characteristics of three groups of people: White-collar criminals Violent criminals General public Few differences Significant differences

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-17 Why Fraud Occurs What are some common characteristics of fraud perpetrators? Most spend their illegal income rather than invest or save it. Once they begin the fraud, it is very hard for them to stop. They usually begin to rely on the extra income.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-18 Why Fraud Occurs Perpetrators of computer fraud tend to be younger and possess more computer knowledge, experience, and skills. Some computer fraud perpetrators are more motivated by curiosity and the challenge of “beating the system.” Others commit fraud to gain stature among others in the computer community.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-19 Why Fraud Occurs Three conditions are necessary for fraud to occur: 1 A pressure or motive 2 An opportunity 3 A rationalization

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-20 Pressures What are some financial pressures? – living beyond means – high personal debt – “inadequate” income – poor credit ratings – heavy financial losses – large gambling debts

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-21 Pressures What are some work-related pressures? – low salary – nonrecognition of performance – job dissatisfaction – fear of losing job – overaggressive bonus plans

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-22 Pressures What are other pressures? – challenge – family/peer pressure – emotional instability – need for power or control – excessive pride or ambition

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-23 Opportunities An opportunity is the condition or situation that allows a person to commit and conceal a dishonest act. Opportunities often stem from a lack of internal controls. However, the most prevalent opportunity for fraud results from a company’s failure to enforce its system of internal controls.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-24 Rationalizations Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior. What are some rationalizations? The perpetrator is just “borrowing” the stolen assets. The perpetrator is not hurting a real person, just a computer system. No one will ever know.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-25 Learning Objective 3 Compare and contrast the approaches and techniques that are used to commit computer fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-26 Computer Fraud The U.S. Department of Justice defines computer fraud as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution. What are examples of computer fraud? – unauthorized use, access, modification, copying, and destruction of software or data

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-27 Computer Fraud – theft of money by altering computer records or the theft of computer time – theft or destruction of computer hardware – use or the conspiracy to use computer resources to commit a felony – intent to illegally obtain information or tangible property through the use of computers

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-28 The Rise in Computer Fraud Organizations that track computer fraud estimate that 80% of U.S. businesses have been victimized by at least one incident of computer fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-29 The Rise in Computer Fraud No one knows for sure exactly how much companies lose to computer fraud. Why? There is disagreement on what computer fraud is. Many computer frauds go undetected, or unreported. Most networks have a low level of security. Many Internet pages give instructions on how to perpetrate computer crimes. Law enforcement is unable to keep up with fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-30 Computer Fraud Classifications Computer instruction fraud Processor fraud Data fraud Input fraud Output fraud

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-31 Computer Fraud and Abuse Techniques What are some of the more common techniques to commit computer fraud? – Cracking – Data diddling – Data leakage – Denial of service attack – Eavesdropping – forgery and threats

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-32 Computer Fraud and Abuse Techniques – Hacking – Internet misinformation and terrorism – Logic time bomb – Masquerading or impersonation – Password cracking – Piggybacking – Round-down – Salami technique

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-33 Computer Fraud and Abuse Techniques – Software piracy – Scavenging – Social engineering – Superzapping – Trap door – Trojan horse – Virus – Worm

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-34 Learning Objective 4 Describe how to deter and detect computer fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-35 Preventing and Detecting Computer Fraud What are some measures that can decrease the potential of fraud? 1 Make fraud less likely to occur. 2 Increase the difficulty of committing fraud. 3 Improve detection methods. 4 Reduce fraud losses. 5 Prosecute and incarcerate fraud perpetrators.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-36 Preventing and Detecting Computer Fraud 1 Make fraud less likely to occur. Use proper hiring and firing practices. Manage disgruntled employees. Train employees in security and fraud prevention. Manage and track software licenses. Require signed confidentiality agreements.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-37 Preventing and Detecting Computer Fraud 2 Increase the difficulty of committing fraud. Develop a strong system of internal controls. Segregate duties. Require vacations and rotate duties. Restrict access to computer equipment and data files. Encrypt data and programs.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-38 Preventing and Detecting Computer Fraud 3 Improve detection methods. Protect telephone lines and the system from viruses. Control sensitive data. Control laptop computers. Monitor hacker information.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-39 Preventing and Detecting Computer Fraud 4 Reduce fraud losses. Maintain adequate insurance. Store backup copies of programs and data files in a secure, off-site location. Develop a contingency plan for fraud occurrences. Use software to monitor system activity and recover from fraud.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-40 Preventing and Detecting Computer Fraud 5 Prosecute and incarcerate fraud perpetrators. Most fraud cases go unreported and unprosecuted. Why? Many cases of computer fraud are as yet undetected. Companies are reluctant to report computer crimes.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-41 Preventing and Detecting Computer Fraud Law enforcement officials and the courts are so busy with violent crimes that they have little time for fraud cases. It is difficult, costly, and time consuming to investigate. Many law enforcement officials, lawyers, and judges lack the computer skills needed to investigate, prosecute, and evaluate computer crimes.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-42 Case Conclusion What did Jason present to the president? A copy of his own withholding report filed with the IRS and a printout of withholdings from the payroll records.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-43 Case Conclusion How did Jason believe the fraud was perpetrated? The payroll system had undergone some minor modifications. The payroll project had been completed without the usual review by other systems personnel. An unusual code subtracted $5 from most employees’ withholdings and added it to Don’s.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-44 Case Conclusion What guidelines should Jason suggest to prevent this from happening again? Strictly enforce existing controls. New controls should be put into place to detect fraud. Employees should be trained in fraud awareness, security measures, and ethical issues. Jason also urged the president to prosecute the case.

©2003 Prentice Hall Business Publishing, Accounting Information Systems, 9/e, Romney/Steinbart 9-45 End of Chapter 9