linkedin facebook  twitter


 or Call (888) 634-0001

Fraud Awareness & Prevention: Access Control

Posted by William Prohn, CISSP, CISA, CGEIT, CRISC

May 29, 2015 10:56:00 AM

Let's consider the following scenario: Your organization enforces mandatory vacations in an effort to prevent occupational fraud. A current employee is perpetrating a fraud scheme involving a fictitious employee and must access your accounting system bi-weekly to continue the fraudulent activity. Unfortunately for you, employees are allowed to work from home and the fraudster in question simply logs in after-hours and performs the necessary steps to maintain his/her scheme. 

This scenario highlights the importance of IT controls, as we see that the fraudster was able to circumvent the organization's anti-fraud efforts by taking advantage of a weakness in the IT control environment.

Read More

Topics: Information Security, information techology, fraud, forensics, Monitoring, Fraud Prevention, Logging, Access Control, IT Controls, Fraud awareness, Fraud Investigation, Fraud Detection, Administrators

Can you afford $145K in employee fraud?

Posted by Bart F. McGloin, CPA CFE CFF

Apr 1, 2015 12:47:41 PM

The Association of Certified Fraud Examiners reported the typical organization loses 5% of its annual revenue to occupational fraud. Applied to the estimated 2013 Gross World Product, that’s potentially more than $3.7 trillion fraud loss, up from $2.9 trillion total in 2009. You may be stunned to learn the report also found:

Read More

Topics: fraud, forensic accounting, employee fraud, occupational fraud

Internal Audit Function: Do we really need it?

Posted by The Dopkins Assurance Services Group

May 19, 2014 12:35:00 PM

With recent developments such as the Health Care Reform Act, the Updated COSO Internal Control Framework and the release of the Non-Profit Revitalization Act there are plenty of reasons to ‘need’ internal audit. The amount of resources allocated to an internal audit function varies greatly depending on the size of a firm, but every organization has some internal audit function be it formal, or informal. Simply operating in a business environment comes with certain degrees of risk, and internal audit serves an important role in ensuring that unexpected risks to the company are, at the very least, understood and communicated.

Staying abreast of these regulatory changes has kept us all very busy, but how can we really be sure that all the necessary changes have been made, and have achieved their objective? Enter internal audit. The primary difference between the external audit function and the internal audit function is their focus. Internal audit focuses on all risks facing a business, as opposed to external audit, which is primarily focused on external financial statement reporting risks. Internal audit provides the knowledge and expertise necessary to evaluate risks associated with:

Controls and Control Deficiencies

  • Once risks have been identified and assessed it is important that appropriate measures are implemented to ensure that the identified risks are mitigated to an acceptable level that aligns with the risk appetite of the organization. If controls have been put into place but are not effective in achieving their objective, management and board members could be lulled into a false sense of security. 

Compliance Assurance

  • Internal Compliance – Organizations that have established policies and procedures to gain assurance that business risks have been appropriately identified and mitigated can employ an internal audit function to help ensure that these controls are operating effectively, and identify areas where significant risk remains unchecked.
  • External Compliance – Ensuring that an organization is in compliance with regulations or laws can be a significant function of internal audit. Taking preventative action is typically far less costly than penalties for violations, not to mention that deficiencies have to be corrected after these penalties have been assessed which can often be more costly.

Assessment of Operational and Financial Data

  • What value does internal reporting provide if the reliability of the reporting is questionable, especially in instances where this information is relied on to make strategic business decisions that can have lasting impacts? Internal audit can help to ensure that the process used to generate this information is operating effectively, and provide recommendations for continued improvement in operations.

Reducing the Opportunity for Fraud, Waste, and Abuse

  • An important goal of an internal audit function is to focus on identifying areas of exposure, whereas other business functions are working to achieve strategic objectives and, accordingly, are more focused on the day-to-day operations of the organization. Internal audit can offer a different perspective that identifies waste and abuse of company resources, the legitimacy of liabilities, the appropriate acquisition of assets, and detection and prevention of fraud. 

Should You Still Be Living Without It?

Read More

Topics: Not-for-Profit revitalization act, health care reform, fraud, compliance, internal audit, assurance, COSO

Join Our Mailing List

Recent Blogs

Posts by Topic

see all