AIS 102B o abuse of power

o there is a bribe in order to get

CH4_COMPUTER FRAUD
what he/she wants
2. Investment fraud is misrepresenting or leaving
out facts in order to promote an investment that
A. Common Threats to AIS promises fantastic profits with little or no risk.
1. Natural Disasters and Terrorist Threats o misrepresenting information in
o natural disasters are unavoidable and can order to persuade someone
affect hardware and operations of the o e.g. networking sites about
business investments
o examples of natural disasters includes,
earthquake, tsunami, typhoon, volcanic
eruption, and etc. Association of Certified Fraud Examiners (ACFE)
o terrorist threats are intentional war and
o world's largest anti-fraud organization
attacks by terrorist
and premier provider of anti-fraud
2. Software Errors and/or Equipment
training education and certification.
Malfunction
o hardware or software failure
o software errors or bugs C. Forms of Fraud
3. Unintentional Acts (Human Error)
a. Misappropriation of assets
o accidents caused by human carelessness,
o Theft of a company’s assets
failure to follow established procedures,
o Largest factors for theft of assets:
and poorly trained or supervise personnel
i. Absence of internal control system
o first and common threat to AIS
ii. Failure to enforce internal control
4. Intentional Acts (Computer Crimes)
system
o sabotage
o e.g. embezzlement, kickbacks, still
o there is an intention to deceive, harm, and
logged on to companies account
cause damage

b. Fraudulent financial reporting

o intentional or reckless conduct, whether
B. Fraud by act or omission, that results in
Gaining an unfair advantage over another person materially misleading financial
statements (The Treadway Commission)
o A false statement, representation, or
disclosure o changing financial statements to mislead
o A material fact that induces a person to or deceive investors
act
o An intent to deceive Treadway Commission
o A justifiable reliance on the fraudulent o an organization who fights corporate
fact in which a person takes action fraud
o An injury or loss suffered by the victim
Individuals who commit fraud are referred to as white- D. Reasons for fraudulent FS
collar criminals. 1. Deceive investors or creditors
2. Increase a company's stock price
1. Corruption is dishonest conduct by those in 3. Meet cash flow needs
power and it often involves actions that are 4. Hide company losses or other problems
illegitimate, immoral, or incompatible with
ethical standards.
o can be seen in both public and
private
E. Treadway Commission Actions to Reduce Fraud I. Fraud Triangle
1. Establish environment which supports the o method or framework used by an auditor
integrity of the financial reporting process. o used to explain why someone commits fraud
2. Identification of factors that lead to fraud. o consists of reasons why someone commits fraud
3. Assess the risk of fraud within the company. which includes pressure, opportunity, and
4. Design and implement internal controls to rationalization – they should all be present
provide assurance that fraud is being prevented.
I. Pressure
F. Auditor’s Responsibilities o Motivation or incentive to commit fraud
o Auditors consist of internal and external
2 types of pressure:
o internal auditors focuses primarily on the
a. Employee: personal pressure
organization if they followed the
i. Financial: personal debt/
company’s policies
inadequate salary
o external auditors are third party that
ii. Emotional: greed/ job
checks and evaluate the FS of an
dissatisfaction/ fear of losing job
organization
iii. Lifestyle: gambling/ drug
addiction/ peer pressure
1. Understand fraud: this is needed to know so that
they can understand it and how or why is it
b. Financial: organization pressure
committed
i. Industry conditions: external
2. Discuss risks of material fraudulent factors
statements: while planning the audit, team
ii. Management characteristics:
members discuss among themselves how and
qualities and traits
where the companies FS are susceptible to fraud
3. Obtain information: look for fraud risk factors
II. Opportunity
4. Identify, assess, and respond to risk
o conditions or situation that allows a
5. Evaluate the results of audit tests: determine
person or organization to commit,
impact of fraud on financial statements
conceal fraud, and convert theft
6. Document and communicate findings
7. Incorporate a technological focus
a. Commit the fraud: theft of an asset,
overstatement of assets or revenues
G. Who commits Fraud? b. Conceal the fraud: to prevent detection by
o individuals who earned a degree
concealing the theft
o individuals in position of trust
- Lapping: misappropriation of AR or collections
o individuals who the most unexpected or
- Kiting: fraudulent us of checks
least expected to commit fraud
c. Convert the theft or misrepresentation to
o those who worked for at least 5 years
personal gain: using companies resources for
since they already know the operations of
own benefit
the company

H. Why they commit fraud?

III. Rationalization
1. disgruntled and unhappy with their jobs and seek o Justification of illegal behavior
revenge against employers. o excuse used by a person
2. dedicated, hard-working, and trusted employees.
3. no previous criminal record; they were honest, a. Justification: not being honest
valued, and respected members of their b. Attitude: honesty is not required
community. c. Lack of personal integrity: theft is valued
higher than honesty or integrity
J. Computer Fraud
o any illegal act in which knowledge of computer
technology is necessary for perpetration,
investigation, and prosecution
o fraud that involves technology or electronic
devices by gaining access whereby they are
protected

K. Computer Fraud Classifications

a) Input Fraud
o simplest and most common
o alteration or falsifying input

b) Processor Fraud
o unauthorized system use

c) Computer instructions fraud

o modifying software
o illegal copying of software

d) Data Fraud
o illegally using, copying, browsing,
searching, or harming company data

e) Output Fraud
o stealing, copying, or misusing computer
printouts or displayed information

L. Preventing computer crime

o enlist top management support
o increase employee awareness and
education
o assess security policies ad protect
passwords