Prepare the answers to the following questions from Computer Fraud and Abuse Tec
ID: 2534908 • Letter: P
Question
Prepare the answers to the following questions from Computer Fraud and Abuse Techniques (Romney& Steinbart Chapters 5 and 6): Question 1 Discuss the following statement by Roswell Steffen, a convicted embezzler: "For every foolproof system, there is a method for beating it." Do you believe a completely secure computer system is possible? Explain. If internal controls are less than 100% effective, why should they be employed at all? Question 2 A client heard through its hot line that John, the purchases journal clerk, periodically enters fictitious acquisitions. After John creates a fictitious purchase, he notifies Alice, the accounts payable ledger clerk, so she can enter them in her ledger. When the payables are processed, the payment is mailed to the nonexistent supplier's address, a post office box rented by John. John deposits the check in an account he opened in the nonexistent supplier's name. (Adapted from the CIA Examination) Define fraud, fraud deterrence, fraud detection, and fraud investigation. List four personal (as opposed to organizational) fraud symptoms, or red flags, that indicate the possibility of fraud. Do not confine your answer to this example. List two procedures you could follow to uncover John's fraudulent behaviour a. b. c.Explanation / Answer
Answer 1.
It is possible to establish sufficient controls in a system so that it becomes difficult to carry out the fraud or break into the computer system, but most experts would agree that it is impossible to design a system that is 100% secure from every threat. There is bound to be someone who will think of a way of breaking into the system that designers did not anticipate and did not control against. Further, if there is a way to make a foolproof system then it is highly likely that it would be too cost prohibitive to employ.
Though internal controls can't eliminate all system threats however controls can:
Answer 2.
Fraud is gaining an unfair advantage over another person. Legally, for an act to be fraudulent there must be:
Fraud deterrence is the actions taken to discourage the perpetration of fraud.
Fraud detection is using any and all means, including fraud symptoms (also called red flags of fraud) to determine whether fraud is taking place.
Fraud investigation is performing the procedures needed to determine the nature and amount of a fraud that has occurred.
4 personal (as opposed to organizational) fraud symptoms, or red flags, that indicate possibility of fraud.
List two procedures you could follow to uncover John’s fraudulent behavior.