FREE ELECTRONIC LIBRARY - Dissertations, online materials

Pages:     | 1 |   ...   | 11 | 12 || 14 | 15 |   ...   | 16 |

«Item type text; Dissertation-Reproduction (electronic) Authors DUNN, THURMAN STANLEY. Publisher The University of Arizona. Rights Copyright © is ...»

-- [ Page 13 ] --

Other applications of computer audit programs include preparation of financial statements, preparation of accounts receivable aging analysis, printing and addressing confirmation requests, comparison of budgetal and actual amounts, computation of ratios and other statistics, listing slow moving inventory items, matching credit limits to receivable balances, comparing physical inventory counts with master files, etc.

For computer fraud investigations, as with general audits, generalized computer audit packages can provide valuable assistance.

However, they should be viewed as tools which can facilitate the investigative process rather than a means for actually performing the investigation.

Further discussion of computer audit programs is provided in Appendix B.

Investigation Of Threats From The Typology In the remainder of this chapter an attempt will be made to provide some insight into the investigation of the computer fraud threats identified in the typology. Recall that twenty-one scheme/perpetrator threats were identified in the typology. These threats and their associated threat values are shown in Chapter 3 Figure 13. The threats in Figure 13 may be grouped into the following

broad categories:

1. Transaction Manipulation Schemes

2. Unauthorized Program Modification Schemes

3. File Manipulation Schemes

4. Improper Operation The approach for investigating these schemes from the typology varies as does the applicability of the above audit approaches. The relationship between these schemes and the above audit approaches and

other suggested investigative schemes is provided below:

Transaction Manipulation Schemes Recall that transaction manipulation schemes may be further

categorized as:

1. Transactions Added

2. Transactions Altered

3. Transactions Deleted A primary factor in determining the investigative approach for transaction manipulation schemes is the existence or nonexistence of transaction registers. If the system automatically records critical information anytime a transaction is processed whether it is added, altered or deleted, it may be feasible to "Audit Around the Computer".

However, the mere existence of a transaction register providing an apparent audit trail may not be adequate. If the transaction register can be bypassed or manipulated its use would be questionable.

If there is not a transaction register, or if the register may be bypassed or manipulated it will probably be necessary to use more stringent investigative procedures. The use of IIAuditing Through the Computer" with Test Data or Reprocessing schemes might be adequate.

However, in certain cases it might be possible for the computer fraud perpetrator to distort the results of this approach. For example, program. changes or "patches" might have been invoked when certain data was originally processed allowing transactions to process fraudulently.

These changes or "patches" may have since been removed causing Test Data to process accurately.

It is suggested that a more aggressive investigative approach might be required. This approach which will be entitled "Live Monitoring" would select certain 1ive transactions as they are being processed for investigation. Since these transactions would be randomly selected and unannounced it is possible that, in the above instance, a transaction being processed whi le the fraudulent program changes or "patches" were in place would be investigated, leading to the disclosure of fraudulent activity.

In summary, Transaction Manipulation - the most common type of computer fraud reported, may require any or all of several investigative approaches. Although the less aggressive approaches might be adequate in certain situations, their use should always be evaluated from the viewpoint of the fraud perpetrator who quite possibly is clever enough to cover up his or her tracks.

Unauthorized Program Modification Schemes Program Modification Schemes are, perhaps,. the most insidious of schemes and the most difficult to investigate. Program patches may be included in a "special" run, then removed so that the programs behave appropriately for normal operations. Further, part of the patch may be a special process to wipe out any evidence of the special run.

Obviously, the typical perpetrator, clever enough to invoke such a scheme,. is not going to leave a documented record of his or her activities for an auditor to review after the fact. Thus, it is suggested that a ilL ive Monitoring" approach simi lar to that described above for difficult Transaction Manipulation Schemes will be required to effectively investigate Unauthorized Program Modification Schemes.

File Manipulation Schemes File Maniputation Schemes are typically variants of Transaction Manipulation and Program Modification Schemes. Thus, the investigative approaches described in those sections generally apply. Once again, it may be necessary to invoke a ilL ive Monitoring" approach since "dummiedup files" can be run, then replaced with authentic files with no trace of the activity. The ilL ive Monitoring" approach enables the investigator to catch the perpetrator "red-handed" during the fraudulent process.

Improper Operation The "Live Monitoring" approach is probably the only reasonable approach to investigating the Improper Operations Scheme. It is doubtful that any scheme involving the improper operation· of the computer system wi 11 be documented for the benefit of the auditor or investigator. Thus, it is suggested that random, surprise visits whereby the current operations are investigated be used.

Summary At the beginning of this chapter a distinction was drawn between an "Investigation" and an "Audit" in order to explain entitling the chapter liThe Investigation" rather than liThe Audit". It should be evident at this point that in dealing with computer fraud the examination more clearly resembles an investigation than a traditional audit. This is not to say that the examination should not be conducted by auditors. To the contrary, it most likely will be. However, in conducting the examination it is suggested that, in addition to possessing or having access to significent expertise in EDP, the auditor must think like an investigator. No longer is it adequate to come in after the fact and methodically pour through reams of source documents constituting an audit trail to piece together activities surrounding an organization and comment on their appropriateness.

"Live Monitoring" is suggested as an essential next step in the evolution of the audit process as it pertains to automated systems.



The methodologies for computer fraud detection presented in this thesis may be facilitated to varying degrees by automated analysis. The specific threat assessment in Chapter Five contains several steps such as the completion of the threat matrix and, certainly the manipulations in the Churchman-Ackoff Rank ing Process, which would benefit from automation. The Resource Optimization Model in Chapter Seven which utilizes the solution to the Combinatorial Dilemma presented in Chapter Six literally demands the use of automation.

The purpose of this chapter is to suggest specific techniques of automated analysis to support the above methodologies and provide information on available audit packages.

Threat Assessment The process of identifying and evaluating threats described in Chapter Five - "Specific Threat Assessment" lends itself quite well to automated support. The processes which would benefit the most from automation follow.

Churchman-Ackoff Process Referring back to Figures 24, 25 and 26 it is apparent that the Churchman-Ackoff process of first ranking the threats in the order of their importance; then, iteratively comparing threat values of specific threats to combinations or other threat values based on these comparisons is both labor intensive, if accomplished manually, and quite amenable to automation.

The suggested approach is an interactive computer program whereby the decision-maker or group enters their identified threats and initial values into a terminal. Then, have the computer offer the choices between the identified threats and the various combinations of other threats described in Chapter Five. Finally, the computer program should check for inconsistencies and automatically adjust threat values to correct for them, replacing the manual process demonstrated in Figures 25 and 26.

Threat Matrix Following the identification of system scheme and perpetrator threats and their ranking using the Churchman-Ackoff Method, a threat matrix such as that in Figure 29 must be developed. This process combines scheme/perpetrator combinations and their associated threat values in matrix cells. In addition it is the beginning point for the Controls Annalysis also discussed in Chapter Five.

Automation of the threat assessment routines including the Churchman-Ackoff, Threat Matrix and Controls Analysis processes should be relatively straight-forward, following the descriptions in Chapter Five.

Resource Optimization Model Automation of the Resource Optimization Model is considered a virtual necessity. Although the model might conceivably be performed manually in certain situations, its labor intensity would probably preclude manual application in all but the simplest of systems.

Following the solution to the Combinatorial Dilemma presented in the flow charf in Figure 32 (Chapter Six) and the description of the Resource Optimization Model in Chapter Seven, automation should not be too difficult.

The Iterative Discovery Sampling Technique is fairly straightforward. The process will be simplified significantly through the use of a "Random Number Generator" software package since the process requires random selection of potentially thousands of combinations.

Internal Control Lieberman (1977) developed a "Methodology for the Automation of the Internal Control." Lieberman proposed a methodology for aiding by computer an analysis of a plan of internal control. The methodology consists of three major steps. First, a formal documentation of the company being audited is prepared. This document describes those functions of the client that will be evaluated by computer. This documentation serves as a model, representing processes, people, data and their associated interrelationships. The model is constructed in a formal language called "PSL/A" and stored in a computer data base.

The second major step in Lieberman's methodology is a set of rules defined by the auditor. These rules take the form of search operations representing the evaluation criteria that the auditor uses during the audit process. The rules which are stated in a formal language called "Rules" describe allowable and required entities, conditions and relations in the model of the cl ient. The rules, in effect, describe an ideal plan of internal control and subsequently will be compared to the documented plan of internal control.

The final step in Lieberman's approach is an evaluation process wh i ch reads through each ru 1e and searches through the data base under control of that rule. Any conditions in the data base that are in violation of the rule are reported as possible weakness in the plan of internal control evaluation as performed in an interactive mode, allowing the auditor to discover possible weaknesses and then exploring them further with additional rules.

The Investigation Numerous automated systems exist which can facilitate the investigative process described in Appendix A. Many of these systems are available "off-the-shelf" for general use.

Recall that the investigation encompasses such techniques as;

Evaluation of Internal Control; Auditing Around the Computer; Auditing Through the Computer; Auditing With the Computer; processing of Test Data; Reprocessing and Live Monitoring. All of these techniques may be facilitated by existing softward packages.

Audit software provides the auditor or investigator with numerous capabilities for performing the actual investigation once systems threats have been identified, categorized and ranked. Perry

and Kuory (1980) break these capabilities into fourteen categories:

Analyzing Records Performing Computations Comparing Two Files Comparing Two Fields Stratifying Files Selecting a Random Sample Resequencing Data Summarizing Data Preparing Data for Printing Bui lding Files Restructuring Information Updating Files Statistical Analysis Simulating Portions of a Whole System (by Parallel Simulation).

These capabi 1ities relate, to varying degrees to the different techniques of auditing or investigating a system for computer fraud. A

brief discussion of the capabilities from Perry and Kuory follows:

Audit Software Analyzes Records. Audit software provides the ability to perform an analysis on the information in records and data bases. The purpose of this analysis is normally to identify certain information for audit follow-up purposes. For example, audit software could analyze accounts receivable records to determine if the balances were positive or negative.

The result of this analysis would be a listing of all of the accounts receivable records that carry a negative balance. The analyst looks at one field at a time and makes decisions bases on that examination. The types of analysis that can be

performed on a specific field include:

Whether it is positive or negative Whether it has a specific value (e.g., the state of Florida) Whether it is greater, equal, or less than a specified value (e.g., greater than $1,000) Whether it is numeric or alphabetic Whether it is zero Information in data bases frequently cannot be accessed directly by audit software. However, the information in data bases can usually be converted to a "flat file" (i.e., a sequential record file) and then analyzed through the use of audit software.

Pages:     | 1 |   ...   | 11 | 12 || 14 | 15 |   ...   | 16 |

Similar works:

«LAMPETER TOWN COUNCIL MINUTES OF THE MONTHLY MEETING OF 31.10.2013 AT 7.30PM WHICH WAS HELD AT THE CHURCH HALL LAMPETER PRAYERS Members were invited to participate in prayer before the start of the meeting. Cllr Greg Evans led members in prayer. CHAIRPERSON’S WELCOME & PERSONAL MATTERS 1. The Chairman, Cllr. Mayor Dorothy Williams extended a warm welcome to all present. 2. PRESENT: Councillors: Cllr Dorothy Williams (Chairperson); Deputy-Mayor Cllr Elsie Dafis; Cllr Andrew Carter; Cllr John...»

«Análise Psicológica (2014), 4 (XXXII): 355-385 doi: 10.14417/ap.952 Counterfactual thinking: Study of the focus effect of scenarios and blame ascriptions to victim and perpetrator João Marques* / Ana Cristina Quelhas* / Csongor Juhos* / Marta Couto* / Célia Rasga* * ISPA – Instituto Universitário In two different studies we examined the focus effect of a scenario (i.e., the fact that a given character is the protagonist of a story) on two interconnected domains: the generation of...»

«B. PŘÍBALOVÁ INFORMACE 34 Příbalová informace: informace pro uživatele Hexacima injekční suspenze v předplněné injekční stříkačce Vakcína proti difterii, tetanu, pertusi (acelulární komponenta), hepatitidě B (rDNA), poliomyelitidě (inaktivovaná) a konjugovaná vakcína proti Haemophilus influenzae typu b (adsorbovaná) Přečtěte si pozorně celou příbalovou informaci dříve, než bude Vaše dítě očkováno, protože obsahuje údaje, které jsou pro něj...»

«MONITORING THE ILLEGAL KILLING OF ELEPHANTS Minutes of the East Africa Sub-regional Meeting of the Steering Committee CITES MIKE Programme Nairobi (Kenya), 7 November 2003 1. Welcome and Opening The meeting was opened by the Chair of the MIKE Sub-regional Steering Committee (SSC) for East Africa, Mr. Emmanuel Severre, who welcomed the wildlife directors and country representatives to the meeting the purpose of which was to hear the progress report by the MIKE Sub-regional Support Officer...»

«Basel Committee on Banking Supervision Frequently asked questions on the revised Pillar 3 disclosure requirements August 2016 This publication is available on the BIS website (www.bis.org). © Bank for International Settlements 2016. All rights reserved. Brief excerpts may be reproduced or translated provided the source is stated. ISBN 978-92-9197-620-1 (print) ISBN 978-92-9197-621-8 (online) Contents Overview of risk management and RWA Linkages between financial statements and regulatory...»

«Journal of Alternative Perspectives in the Social Sciences ( 2009) Vol 1, No 3, 635-644 Drawbacks of Indian Democracy in Homen Borgohain’s Pita Putra And Aravind Adiga’s The White Tiger and Between The Assassinations: A Comparative Study Sebastian A. J, PhD and Nigamananda Das, PhD, Nagaland University, Kohima, Nagaland, India. Liberty and equality are two major boons of Democracy. These two vital aspects of human life are instrumental to sustainable development and Enlightenment. But...»

«DAVID MASLANKA’S SYMPHONY NO. 7: AN EXAMINATION OF ANALYTICAL, EMOTIONAL, AND SPIRITUAL CONNECTIONS THROUGH A “MASLANKIAN” APPROACH MUSICAL ARTS PROJECT A monograph submitted in partial fulfillment of the requirements for the degree of Doctor of Musical Arts in the College of Fine Arts at the University of Kentucky By Lane Weaver Hays, Kansas Director: Dr. John Cody Birdwell, Professor of Music Lexington, Kentucky 2011 Copyright © Lane Weaver 2011 Abstract OF MUSICAL ARTS PROJECT DAVID...»


«Vowel Harmony Statistical Methods for Linguistic Analysis Rebecca Knowles Haverford College Academic Year 2011-2012 Senior Linguistics Thesis (at Swarthmore College) 1 CONTENTS Abstract 1 Introduction 2 Vowel Harmony 2.1 Introduction to Vowel Harmony Systems 2.2 Disharmony 2.3 Neutral Vowels 2.4 Vowel Harmony in Multiple Dimensions 2.5 More Types of Vowel Harmony 2.6 The Harmonic Domain 2.7 Consonants 2.8 Autosegmental Analysis 3 Machine Learning and Natural Language Processing for Vowel...»

«ADDENDUM TO MED-VFC VIDEO FEAR CONDITIONING SYSTEMS APPLIES TO MED-VFC-BW VIDEO FEAR CONDITIONING BLACK & WHITE CAMERA UPGRADE DOC-105 Rev. 2.1 Copyright © 2006 All Rights Reserved Med Associates, Inc. P.O. Box 319 St. Albans, Vermont 05478 www.med-associates.com MED ASSOCIATES INC. VFC B&W UPGRADE ii MED ASSOCIATES INC. VFC B&W UPGRADE TABLE OF CONTENTS Chapter 1 Introduction Chapter 2 Modifications to the Sound Attenuating Cubicle (SAC) Chapter 3 Installing PC Firewire Card and Wiring...»

«JETS 37/2 (June 1994) 169-184 EXODUS 2 1 : 2 2 2 3 : THE MISCARRIAGE INTERPRETATION AND THE PERSONHOOD OF THE FETUS RUSSELL FULLER* Exodus 21:22-23 (KJV) reads as follows: If men strive, and hurt a woman with child, so that her fruit depart from her, and yet no mischief follow: he shall be surely punished, according as the woman's husband will lay upon him; and he shall pay as the judges determine. And if any mischief follow, then thou shalt give life for life. For the past thirty years our...»

«CONNECT CITY CHRIST BE NOT ASHAMED ROMANS 1: 16 Friendly reminders God has great plans for TBC. Remember a few weeks I talked about my dream of a TBC train station? Here is a picture drawn by one of the TBC elementary children of TBC TRAIN STATION. 2009 MISSION THEME 4 C CONNECT CITY COUNTRY CHRIST • 45 MILLION YEN • PRAY PARTNERS FOR SINGING CHRISTMAS TREE MAN OR • WOMAN.PICK UP YOUR CARD AT THE JOY CAFÉ WHITE TENT & EXTENSION SERVICE PRAY & INVITE 3 OR 4 FRIENDS TO THE CHRISTMAS...»

<<  HOME   |    CONTACTS
2016 www.dissertation.xlibx.info - Dissertations, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.