SlideShare a Scribd company logo

ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEMS Topic 7.ppt

Download as PPT, PDF
P
PascalOtieno

STATS AND FINANCE

Technology
1 of 32
Accounting Information Systems PRESENTED BY: EDGAR OTIENO Lecture 7 Ethics Fraud & Internal Control and Auditing computerized financial systems 1
Ethics Fraud & Internal Control Objectives  Broad issues pertaining to business ethics  Ethical issues related to the use of information technology  Distinguish between management fraud and employee fraud  Common types of fraud schemes  Objects and application of physical controls 2
Business Ethics  Why should we be concerned about ethics in the business world?  Ethics-acceptable code of conduct within a given proffession.  Ethics are needed when conflicts arise—the need to choose  In business, conflicts may arise between:  employees  management  stakeholders 3
Business Ethics, cont ….  Business ethics involves finding the answers to two questions:  How do managers decide on what is right in conducting their business?  Once managers have recognized what is right, how do they achieve it? 4
Four Main Areas of Business Ethics 5
Computer Ethics  Computer ethics is concerned with the social impact of computer technology (hardware, software, and telecommunications).  What are the main computer ethics issues? 6  Privacy  Security—accuracy and confidentiality  Ownership of property  Equity in access  Environmental issues  Artificial intelligence  Unemployment and displacement  Misuse of computer Computer Crimes/cybercrimes/online fraud Moral decay Hacking
Legal Definition of Fraud  False representation - false statement or disclosure  Intent to deceive must exist  The misrepresentation must have caused injury or loss 7
Factors that Contribute to Fraud 8
Employee Fraud vs Management fraud Employee Fraud  Committed by non-management personnel  Usually consists of: an employee taking cash or other assets for personal gain by circumventing a company’s system of internal controls Management fraud  Perpetrated at levels of management above the one to which internal control structure relates  Frequently involves using financial statements to create an illusion that an entity is more healthy and prosperous than it actually is  Involves misappropriation of assets, it frequently is shrouded in a maze of complex business transactions 9
Fraud Schemes  Three categories of fraud schemes according to the Association of Certified Fraud Examiners: A. fraudulent statements B. corruption C. asset misappropriation 10
A. Fraudulent Statements  Misstating the financial statements to make the copy appear better than it is  Usually occurs as management fraud  May be tied to focus on short-term financial measures for success  May also be related to management bonus packages being tied to financial statements 11
B. Corruption  Examples:  bribery  illegal gratuities  conflicts of interest  economic extortion 12
C. Asset Misappropriation  Most common type of fraud and often occurs as employee fraud  Examples:  making charges to expense accounts to cover theft of asset (especially cash)  lapping: using customer’s cheque from one account to cover theft from a different account  transaction fraud: deleting, altering, or adding false transactions to steal assets 13
14 Using the general IS model, explain how fraud can occur at the different stages of information processing?
Data Collection Fraud  This aspect of the system is the most vulnerable because it is relatively easy to change data as it is being entered into the system.  Also, the GIGO (garbage in, garbage out) principle reminds us that if the input data is inaccurate, processing will result in inaccurate output. 15
Data Processing Fraud Program Frauds  altering programs to allow illegal access to and/or manipulation of data files  destroying programs with a virus Operations Frauds  misuse of company computer resources, such as using the computer for personal business 16
Database Management Fraud  Altering, deleting, corrupting, destroying, or stealing an organization’s data.  May be in the form of SQL injection attacks  Oftentimes conducted by disgruntled or ex-employee 17
Information Generation Fraud Stealing, misdirecting, or misusing computer output Scavenging  searching through the trash cans on the computer center for discarded output (the output should be shredded, but frequently is not) 18
The Internal Controls Shield 19
Preventive, Detective, and Corrective Controls 20
Six Types of Physical Controls  These controls relate to the human activities employed in accounting systems.  Transaction Authorization  Segregation of Duties  Supervision  Accounting Records  Access Control  Independent Verification 21
AUDITING COMPUTER SYSTEMS Auditing of computerised systems especially where they are distributed may be complex in the following aspects:-  Cost – Auditing of computerised may be expensive especially where CAATs are used.  Data stored in magnetic files may be subject to manipulation without leaving any visible trail.  The auditor may not be able to visit all the company branches because of their location and therefore he may rely on sampling which sometimes may increase his potential liability.  Loss of audit trail, the auditor may not be able to trace totals and balances of individual transactions through the system from source to completion and vice versa, this because some of the intermediary records may be missing. 22
AUDIT APPROACH IN COMPUTERISED ENV. Auditing through the computer  This is where the auditor is expected to have the knowledge of inputs, processing and output technology. He studies the equipment, processing and controls incorporated to ensure that all transactions are accounted for. The emphasis of auditing through the computer is to ensure existence and sufficiency of internal control system in processing. The reasons for auditing through the computer are:-  Loss of audit trail  There are too many transactions  There are sophisticated processing program Advantages  It uses the computer as the auditing tool and hence increase the auditors knowledge of the computer.  There are thorough audit procedures which ensure completeness, accuracy and validity of financial information.  It is the only auditing method which can be used by large organisation.  Faster and easier to use. 23
Auditing around the computer (black-box auditing)  This is where the auditor is assumed to be computer illiterate. He can only evaluate manual sample and compares it with the computer output. If both are consistent or correct processing is assumed to have been correct also.  Advantages  There is no need for knowledge on computer technology  Its the only method used by small companies 24
AUDIT TRAIL  This is tracing of totals and balances of individual translations through a system from source to completion or vice versa. The need for audit trail is vital for two reasons:-  To identify errors  To detect frauds 25
COMPUTER ASSITED AUDIT TECHNIQUES (CAATS)  These are techniques which help the auditor to overcome loss of audit trail. They also reduce the chances of errors during auditing and speed up audit examination. CAATs normally come in form of audit packages. 26
IMPORTANCE OF CAATS  To locate errors and potential fraud by comparing and analysing user criteria.  They can be used to re-calculate and verify balance i.e. as a means of getting audit evidence.  To identify control issues and ensure compliance with standards.  To age and analyse accounts receivables, payables and any other business transactions.  To test for unauthorised employee, or supplier relationships.  To automate repetitive tasks by creating automised application software.  To identify trends and pinpoint exceptions and potential areas of audit trail.  In using CAATs, the auditor may need to consider the risk element, time and the nature of internal control system. 27
TYPES OF CAATS a)Test data  This is inputting some data and processing it inorder to test processing data in the way it should be. The auditor may enter sample data and compare the expected results with actual results. 28
Cont… b)Audit interrogation software This software interrogates all the stages of transactions in a computerised system. He comes up with the programs and uses them to process the data that has been collected by the client. The auditor must take care not to rely too much on this software because it can hinder this creativity. 29
Cont… c)Embedded audit facilities.  This allows a continuous review of the data recorded and treated by the systems. The embedded facility has a monitory system over the enterprises accounting system. 30
Factors affecting choice of CAATS  Cost  Expertise  Application area  Features available on the CAATs 31
END 32

Recommended

James hall ch 3
James hall ch 3James hall ch 3
James hall ch 3David Julian
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management WorkshopStacy Willis
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Information 2nd lesson
Information 2nd lessonInformation 2nd lesson
Information 2nd lessonAnne ndolo
 
Information systems and its components ii
Information systems and its components iiInformation systems and its components ii
Information systems and its components iiAshish Desai
 

Recommended

James hall ch 3
James hall ch 3James hall ch 3
James hall ch 3David Julian
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
Ethics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sEthics fraud & internal control ppt @ dom s
Ethics fraud & internal control ppt @ dom sBabasab Patil
 
CONTROL AND AUDIT
CONTROL AND AUDITCONTROL AND AUDIT
CONTROL AND AUDITRos Dina
 
2016 Risk Management Workshop
2016 Risk Management Workshop2016 Risk Management Workshop
2016 Risk Management WorkshopStacy Willis
 
Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Lecture 16 internal control - james a. hall book chapter 3
Lecture 16 internal control - james a. hall book chapter 3Habib Ullah Qamar
 
Information 2nd lesson
Information 2nd lessonInformation 2nd lesson
Information 2nd lessonAnne ndolo
 
Information systems and its components ii
Information systems and its components iiInformation systems and its components ii
Information systems and its components iiAshish Desai
 
Information systems and its components iii
Information systems and its components iiiInformation systems and its components iii
Information systems and its components iiiAshish Desai
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1dGene Kim
 
Chapter 6
Chapter 6Chapter 6
Chapter 6Nur Dalila Zamri
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveBernadette Ramos
 
Computerized Environment
Computerized EnvironmentComputerized Environment
Computerized EnvironmentVadivelM9
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasiNur Fatrianti
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Bankauditin it env
Bankauditin it envBankauditin it env
Bankauditin it envDr Vijay Pithadia Director
 
Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersShikha Gupta
 
53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdf53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdfKritiChoudhary9
 
Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6Sharah Ayumi
 
bankauditinITEnv
bankauditinITEnvbankauditinITEnv
bankauditinITEnvDr Vijay Pithadia Director
 
bankauditinITEnv
bankauditinITEnvbankauditinITEnv
bankauditinITEnvDr Vijay Pithadia Director
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxJoshJaro
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control envPhillys Sebastiane
 
CISA (1).pdf
CISA (1).pdfCISA (1).pdf
CISA (1).pdfInfosec Train
 
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEWFREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEWinfosec train
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Sazzad Hossain, ITP, MBA, CSCA™
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

More Related Content

Similar to ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEMS Topic 7.ppt

Information systems and its components iii
Information systems and its components iiiInformation systems and its components iii
Information systems and its components iiiAshish Desai
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1dGene Kim
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveBernadette Ramos
 
Computerized Environment
Computerized EnvironmentComputerized Environment
Computerized EnvironmentVadivelM9
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasiNur Fatrianti
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3grimesjo
 
Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersShikha Gupta
 
53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdf53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdfKritiChoudhary9
 
Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6Sharah Ayumi
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxJoshJaro
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control envPhillys Sebastiane
 
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEWFREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEWinfosec train
 

Similar to ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEMS Topic 7.ppt (20)

Information systems and its components iii
Information systems and its components iiiInformation systems and its components iii
Information systems and its components iii
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d
 
Chapter 6
Chapter 6Chapter 6
Chapter 6
 
Ch 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspectiveCh 1 notes the is an accountants perspective
Ch 1 notes the is an accountants perspective
 
Computerized Environment
Computerized EnvironmentComputerized Environment
Computerized Environment
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3
 
Tugas control & audit sistem informasi
Tugas control & audit sistem informasiTugas control & audit sistem informasi
Tugas control & audit sistem informasi
 
Heartlandpt3
Heartlandpt3Heartlandpt3
Heartlandpt3
 
Bankauditin it env
Bankauditin it envBankauditin it env
Bankauditin it env
 
Core Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computersCore Areas of a CA- Interlinked with computers
Core Areas of a CA- Interlinked with computers
 
53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdf53064476-Frauds-in-Bank-ppt.pdf
53064476-Frauds-in-Bank-ppt.pdf
 
Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6Auditing by CIS . Chapter 6
Auditing by CIS . Chapter 6
 
bankauditinITEnv
bankauditinITEnvbankauditinITEnv
bankauditinITEnv
 
bankauditinITEnv
bankauditinITEnvbankauditinITEnv
bankauditinITEnv
 
Overview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptxOverview-of-an-IT-Audit-Lesson-1.pptx
Overview-of-an-IT-Audit-Lesson-1.pptx
 
Internal control.. control env
Internal control.. control envInternal control.. control env
Internal control.. control env
 
CISA (1).pdf
CISA (1).pdfCISA (1).pdf
CISA (1).pdf
 
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEWFREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
FREQUENTLY ASKED QUESTIONS IN CISA CERTIFIED ROL INTERVIEW
 
Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9Audit Risk Assessment Chapter 9
Audit Risk Assessment Chapter 9
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

ETHICS FRAUD AND INTERNAL CONTROL AND AUDITING COMPUTERIZED FINANCIAL SYSSTEMS Topic 7.ppt

  • 1. Accounting Information Systems PRESENTED BY: EDGAR OTIENO Lecture 7 Ethics Fraud & Internal Control and Auditing computerized financial systems 1
  • 2. Ethics Fraud & Internal Control Objectives  Broad issues pertaining to business ethics  Ethical issues related to the use of information technology  Distinguish between management fraud and employee fraud  Common types of fraud schemes  Objects and application of physical controls 2
  • 3. Business Ethics  Why should we be concerned about ethics in the business world?  Ethics-acceptable code of conduct within a given proffession.  Ethics are needed when conflicts arise—the need to choose  In business, conflicts may arise between:  employees  management  stakeholders 3
  • 4. Business Ethics, cont ….  Business ethics involves finding the answers to two questions:  How do managers decide on what is right in conducting their business?  Once managers have recognized what is right, how do they achieve it? 4
  • 5. Four Main Areas of Business Ethics 5
  • 6. Computer Ethics  Computer ethics is concerned with the social impact of computer technology (hardware, software, and telecommunications).  What are the main computer ethics issues? 6  Privacy  Security—accuracy and confidentiality  Ownership of property  Equity in access  Environmental issues  Artificial intelligence  Unemployment and displacement  Misuse of computer Computer Crimes/cybercrimes/online fraud Moral decay Hacking
  • 7. Legal Definition of Fraud  False representation - false statement or disclosure  Intent to deceive must exist  The misrepresentation must have caused injury or loss 7
  • 9. Employee Fraud vs Management fraud Employee Fraud  Committed by non-management personnel  Usually consists of: an employee taking cash or other assets for personal gain by circumventing a company’s system of internal controls Management fraud  Perpetrated at levels of management above the one to which internal control structure relates  Frequently involves using financial statements to create an illusion that an entity is more healthy and prosperous than it actually is  Involves misappropriation of assets, it frequently is shrouded in a maze of complex business transactions 9
  • 10. Fraud Schemes  Three categories of fraud schemes according to the Association of Certified Fraud Examiners: A. fraudulent statements B. corruption C. asset misappropriation 10
  • 11. A. Fraudulent Statements  Misstating the financial statements to make the copy appear better than it is  Usually occurs as management fraud  May be tied to focus on short-term financial measures for success  May also be related to management bonus packages being tied to financial statements 11
  • 12. B. Corruption  Examples:  bribery  illegal gratuities  conflicts of interest  economic extortion 12
  • 13. C. Asset Misappropriation  Most common type of fraud and often occurs as employee fraud  Examples:  making charges to expense accounts to cover theft of asset (especially cash)  lapping: using customer’s cheque from one account to cover theft from a different account  transaction fraud: deleting, altering, or adding false transactions to steal assets 13
  • 14. 14 Using the general IS model, explain how fraud can occur at the different stages of information processing?
  • 15. Data Collection Fraud  This aspect of the system is the most vulnerable because it is relatively easy to change data as it is being entered into the system.  Also, the GIGO (garbage in, garbage out) principle reminds us that if the input data is inaccurate, processing will result in inaccurate output. 15
  • 16. Data Processing Fraud Program Frauds  altering programs to allow illegal access to and/or manipulation of data files  destroying programs with a virus Operations Frauds  misuse of company computer resources, such as using the computer for personal business 16
  • 17. Database Management Fraud  Altering, deleting, corrupting, destroying, or stealing an organization’s data.  May be in the form of SQL injection attacks  Oftentimes conducted by disgruntled or ex-employee 17
  • 18. Information Generation Fraud Stealing, misdirecting, or misusing computer output Scavenging  searching through the trash cans on the computer center for discarded output (the output should be shredded, but frequently is not) 18
  • 20. Preventive, Detective, and Corrective Controls 20
  • 21. Six Types of Physical Controls  These controls relate to the human activities employed in accounting systems.  Transaction Authorization  Segregation of Duties  Supervision  Accounting Records  Access Control  Independent Verification 21
  • 22. AUDITING COMPUTER SYSTEMS Auditing of computerised systems especially where they are distributed may be complex in the following aspects:-  Cost – Auditing of computerised may be expensive especially where CAATs are used.  Data stored in magnetic files may be subject to manipulation without leaving any visible trail.  The auditor may not be able to visit all the company branches because of their location and therefore he may rely on sampling which sometimes may increase his potential liability.  Loss of audit trail, the auditor may not be able to trace totals and balances of individual transactions through the system from source to completion and vice versa, this because some of the intermediary records may be missing. 22
  • 23. AUDIT APPROACH IN COMPUTERISED ENV. Auditing through the computer  This is where the auditor is expected to have the knowledge of inputs, processing and output technology. He studies the equipment, processing and controls incorporated to ensure that all transactions are accounted for. The emphasis of auditing through the computer is to ensure existence and sufficiency of internal control system in processing. The reasons for auditing through the computer are:-  Loss of audit trail  There are too many transactions  There are sophisticated processing program Advantages  It uses the computer as the auditing tool and hence increase the auditors knowledge of the computer.  There are thorough audit procedures which ensure completeness, accuracy and validity of financial information.  It is the only auditing method which can be used by large organisation.  Faster and easier to use. 23
  • 24. Auditing around the computer (black-box auditing)  This is where the auditor is assumed to be computer illiterate. He can only evaluate manual sample and compares it with the computer output. If both are consistent or correct processing is assumed to have been correct also.  Advantages  There is no need for knowledge on computer technology  Its the only method used by small companies 24
  • 25. AUDIT TRAIL  This is tracing of totals and balances of individual translations through a system from source to completion or vice versa. The need for audit trail is vital for two reasons:-  To identify errors  To detect frauds 25
  • 26. COMPUTER ASSITED AUDIT TECHNIQUES (CAATS)  These are techniques which help the auditor to overcome loss of audit trail. They also reduce the chances of errors during auditing and speed up audit examination. CAATs normally come in form of audit packages. 26
  • 27. IMPORTANCE OF CAATS  To locate errors and potential fraud by comparing and analysing user criteria.  They can be used to re-calculate and verify balance i.e. as a means of getting audit evidence.  To identify control issues and ensure compliance with standards.  To age and analyse accounts receivables, payables and any other business transactions.  To test for unauthorised employee, or supplier relationships.  To automate repetitive tasks by creating automised application software.  To identify trends and pinpoint exceptions and potential areas of audit trail.  In using CAATs, the auditor may need to consider the risk element, time and the nature of internal control system. 27
  • 28. TYPES OF CAATS a)Test data  This is inputting some data and processing it inorder to test processing data in the way it should be. The auditor may enter sample data and compare the expected results with actual results. 28
  • 29. Cont… b)Audit interrogation software This software interrogates all the stages of transactions in a computerised system. He comes up with the programs and uses them to process the data that has been collected by the client. The auditor must take care not to rely too much on this software because it can hinder this creativity. 29
  • 30. Cont… c)Embedded audit facilities.  This allows a continuous review of the data recorded and treated by the systems. The embedded facility has a monitory system over the enterprises accounting system. 30
  • 31. Factors affecting choice of CAATS  Cost  Expertise  Application area  Features available on the CAATs 31