Wereldstage is actief op Curaçao en helpt je aan betaald werk, stages, vrijwilligerswerk en de invulling van een 'gap programma'. Ze organiseren voor alle leeftijden programma's van een paar weken of langer, waarbij je erachter komt welke toekomst bij jou past. Lokale initiatieven worden gesteund door vrijwilligers te plaatsen, en financieel bij te dragen aan de vele goede doelen op Curaçao.
Computer fraud - Chapter 5
This chapter introduced the topic computer fraud. What is fraud? How was fraud perpetrated? How vulnerable is de company’s computer system?
As accounting information systems grow more complex to meet our escalating needs for information, companies face the growing risk that their systems may be compromised. Recent surveys show that 67% of companies had a security breach, over 45% were targeted by organized crime, and 60% reported financial losses.
There are four types of threats to accounting information systems.
Natural and political disasters.
For example: fire or excessive heat. Floods, earthquakes, landslides, hurricanes, tornadoes, blizzards, snowstorms, and freezing rain. Also, war and attacks by terrorists.
Software errors and equipment malfunction.
For example: hardware of software failure, software errors or bugs, operating system crashes, power outages and fluctuations, and undetected data transmissions errors.
For example: accidents caused by human carelessness, failure to follow established procedures, and poorly trained or supervised personnel. Or innocent errors or omissions. Also logic errors, and lost, erroneous, destroyed, or misplaced data. Another example: systems that do not meet company needs or cannot handle intended tasks.
Intentional acts (computer crimes).
For example: sabotage, corruption, computer fraud, financial statement fraud, misappropriation of assets, and misappropriation, false use, or unauthorized disclosure of data.
A cookie contains data a website stores on your computer to identify the website to your computer so that you do not have to log on each time you visit the site.
Fraud is gaining an unfair advantage over another person. Legally, for an act to be fraudulent there must be:
A false statement, representation, or disclosure
A material fact, which is something that induces a person to act
A intent to deceive
A justifiable reliance. That is the person relies on the misrepresentation to take an action
A injury or loss suffered by the victim
An estimated 75% to 90% of computer fraud perpetrators are knowledgeable insiders with the requisite access, skills, and resources. Because employees understand a company’s system and its weaknesses, they are better able to commit and conceal a fraud. The controls used to protect corporate assets make it more difficult for an outsider to steal from a company. Fraud perpetrators are often referred to as white-collar criminals.
Fraud takes two forms
Misappropriation of assets: is the theft of company asset. The most significant contributing factor in most misappropriations is the absence of internal controls and/or the failure to enforce existing internal control.
Fraudulent financial reporting defined as intentional or reckless conduct, whether by act or omission, that results in materially misleading financial statements. Financial statements are falsified to deceive investors and creditors, increase a company’s stock price, meet cash flow needs, or hide company losses and problems.
The Treadway Commission recommended four actions to reduce fraudulent financial reporting:
Establish an organizational environment that contributes to the integrity of the financial reporting process.
Identify and understand the factors that lead to fraudulent financial reporting.
Assess the risk of fraudulent financial reporting within the company.
Design and implement internal controls to provide reasonable assurance of preventing fraudulent financial reporting.
The Association of Certified Fraud Examiners found that an asset misappropriation is 17 times more likely than fraudulent financial reporting but that the amounts involved are much smaller.
SAS No. 99 (Statement on Auditing Standards) was adopted to clarify the auditor’s responsibility to detect fraud. It requires auditors to:
Discuss the risk of material fraudulent misstatements
Identify, assess, and respond to risks
Evaluate the results of their audit tests
Document and communicate findings
Incorporate a technology focus
When researches compared the psychological and demographic characteristics of white-collar criminals, violent criminals, and the public, they found significant differences between violent and white-collar criminals. Fraud perpetrators look just like you and me. Some are disgruntled and unhappy with their jobs and seek revenge against employers. Most have no previous criminal record. Some are motivated by curiosity, a quest for knowledge, the desire to learn how things work and the challenge of beating the system.
Three conditions are present when fraud occurs.
Pressure. A pressure is a person’s incentive or motivation for committing fraud. There are three types of pressure. The first one is financial pressure. Financial pressure often motivate misappropriation frauds by employees. A second type of pressure is emotional. Many frauds are motivated by greed. Some employees turn to fraud because they have strong feelings or resentment or believe they have been treated unfair. A third type of employee pressure is a person’s lifestyle. The person may need funds to support a gambling habit or support a drug or alcohol addiction. Some people commit fraud to keep pace with other family members.
Opportunities. This is the condition or situation that allows a person or organization to do three things.
Commit the fraud
Conceal the frand
Lapping: a perpetrator steals the cash or checks customer A mails in to pay its accounts receivable.
Kiting: cash is created using the lag between the time a check is deposited and the time it clears the bank.
Convert the theft or misrepresentation to personal gain
Rationalization. A rationalization allows perpetrators to justify their illegal behavior. Perpetrators rationalize that they are not being dishonest, that honesty is not required of them, or that they value what they take more than honesty and integrity.
Computer fraud is any fraud that requires computer technology knowledge to perpetrate, investigate, or prosecute it. Millions of dollars can be stolen in less than a second, leaving little or no evidence. Therefore, computer fraud can be much more difficult to detect than other types of fraud.
Computer systems are particularly vulnerable for the following reasons:
People who break into corporate databases can steal, destroy, or alter massive amounts of data in very little time.
Perpetrators can steal many more assets with much less time and effort.
Some organizations grant employees, customers, and suppliers access to their system.
Computer programs need to be modified illegally only once for them to operate improperly for as long as they are in use.
Personal computers are vulnerable to security risks.
Computer systems face a number of unique challenges.
The number of incidents, the total dollar losses, and the sophistication of the perpetrators and the schemes used to commit computer fraud are increasing rapidly for several reasons:
Not everyone agrees on what constitutes computer fraud
Many instances of computer fraud go undetected
A high percentage of frauds is not reported
Many networks are not secure
Internet sites offer step-by-step instructions on how to perpetrate computer fraud and abuse
Law enforcement cannot keep up with the growth of computer fraud
Calculating losses is difficult
Computer fraud can be categorized using the data processing model
Input fraud. The simplest and most common way to commit a computer fraud is to alter of falsify computer input. It requires little skill. Perpetrators need only understand how the system operates so they can cover their tracks.
Processor fraud. It includes unauthorized system use, including the theft of computer time and services.
Computer instruction fraud. This type of fraud includes tampering with company software, copying software illegally, using software in an unauthorized manner, and developing software to carry out an unauthorized activity. The approach used to be uncommon, but today it’s more frequent.
Data fraud. This is illegally using, copying, browsing, searching, or harming company data. The biggest cause of data breaches is employee negligence. In the absence of controls, it is nog hard for employees to steal data.
Output fraud. Unless properly safeguarded, displayed or printed output can be stolen, copied, or misused. Fraud perpetrators use computers to forge authentic-looking outputs, such as a pay check.
- Choice Assistance with summaries of Accounting Information Systems - Romney & Steinbart - 14th edition
- Accounting information systems: an overview - Chapter 1
- Overview of transaction processing and enterprise resource planning systems - Chapter 2
- Systems documentation techniques - Chapter 3
- Computer fraud - Chapter 5
- Control and accounting information systems - Chapter 7
- Part 1: Information systems controls for system reliability - Chapter 8
- Part 2: Information systems controls for system reliability - Chapter 9
- Part 3: Information systems controls for system reliability - Chapter 10
- Revenue cycle: sales to cash collections - Chapter 12
- Expenditure cycle: purchasing to cash disbursements - Chapter 13
- Production cycle - Chapter 14
- The human resources management and payroll cycle - Chapter 15
- General Ledger and Reporting System - Chapter 16
- Accounting Information Systems - Romney and Steinbart - BulletPoints
- Printed summary of Accounting Information Systems - Romney & Steinbart - 13th edition
- Accounting Information Systems van Romney en Steinbart - Boek & JoHo's
JoHo 'chapter 'pagina
Wat vind je op een JoHo 'chapter' pagina?
- JoHo chapters zijn tekstblokken en hoofdstukken rond een specifieke vraag of een deelonderwerp
- Via een beperkt aantal geselecteerde webpagina's kan je verder reizen op de JoHo website
- Via alle aan het chapter verbonden webpagina's kan je verder lezen in een volgend hoofdstuk of tekstonderdeel.
- Je kunt deze pagina bewaren in je persoonlijke lijsten zoals: je eigen paginabundel, je to-do-list, je checklist of bijvoorbeeld je meeneem(pack)lijst. Je vindt jouw persoonlijke lijsten onderaan vrijwel elke webpagina of op je userpage
- Dit is een service voor JoHo donateurs en abonnees.
- Hier kun je naar de pagina om je aan te sluiten bij JoHo, JoHo te steunen en zelf en volledig gebruik te kunnen maken van alle teksten en tools.
- Hier vind je wat jouw status is als JoHo donateur of abonnee
- Dit is een service voor wie bij JoHo is aangesloten. Je kunt zelf online aantekeningen maken en bewaren, je eigen antwoorden geven op tests, of bijvoorbeeld checklists samenstellen.
- De aantekeningen verschijnen direct op de pagina en zijn alleen voor jou zichtbaar
- De aantekeningen zijn zichtbaar op de betrokken webpagine en op je eigen userpage.
- Dit is een service voor wie bij JoHo is aangesloten. Wil je een tekst overzichtelijk printen, gebruik dan deze knop.