Professional Documents
Culture Documents
Chapter 3 cont’…
Week 4: Lecture # 2
Internal controls & Computer fraud
System
System of
of Accounting
Accounting Internal
Internal Controls
Controls
Objectives of an internal control system are:
1. Safeguard assets (from fraud or errors).
Verification Programming
Training
Serialisation
Insurance
Responsibility
Review
1. Control environment
2. Risk Assessment
• circumstances that may impede the ability of a department
or a project to achieve its objectives. Determine risk & plan.
Components of Internal Control
3. Control Activities
• policies and procedures designed to ensure
that management directives are carried out.
E.g authorisation, segregation, security,
reconciliation, adequacy, checks…
5. Monitoring
• assess the performance quality of the department to ensure it
continues to be effective.
Good Internal Control System
• accurate & reliable accounting data.
• efficiency & effectiveness.
• prevent fraud, error, theft, damage and other
discrepancies.
• adhere to company policies and procedures.
• avoid bottlenecks (conflicts).
• smooth flow of operations.
• delegate responsibilities to staff.
• safeguard assets
• internally checks
• reliable and experienced personnel
Principles of Control within an AIS
Accounting
Control
3 - Key
Areas for
Effective
AIS
Accessibility of
Efficiency
Information
6 Effective Internal Control Procedures
Preventive Feedback
Controls Controls
Corrective Directive
Controls Controls
Compensating Detective
Controls Controls
Limitations of Internal Control Systems
• Missing documents
• Delayed bank deposits
• Numerous outstanding checks or bills
• Employees who do not take vacations
• A large drop in profits
2 categories of crime:
– Violent
– Nonviolent
5-16
Computer Fraud/Crime
2. Program manipulation
a. Salami technique – altering a program to slice a small
amount from several accounts.
b. Trojan horse programs – malacious software allowing
unauthorised backdoor into the system and stealing
confidential files. Used to manipulate computer system.
c. Trap door alterations – is a valid programming tool that is
missused to commit fraud (hidden entrance to enter into
computer programs).
• Definition:
• The obsessive use of computers, or the
unauthorized access and use of networked
computer systems.
Cyber Theft
• Definition:
• Computer crime involving the theft of money.
Espionage or Tresspassing
23
Computer fraud
Cyber-war
Cyber-theft
Cyber-storm
Cybercrimes
Cyber-activist
Cyber-terrorism
Cyber-blackmail
Hacker
Crackers
24
Information Extortion
25
Identity Theft
26
Chapter
3
End of Lecture!