This presentation provides an overview to preventing and detecting payroll fraud. It is of interest to payroll managers, finance directors, shared services specialists, and internal auditors.
Rushmore Forensic is a specialist forensic accounting firm based in Sydney, Australia.
Payroll fraud is real, it is detectable and it is avoidable. Learn about recent payroll fraud cases in Australia and how to avoid and detect payroll fraud in your organisation.
Fundamental controlling tool of fraud prevention and detection designed for company owners and top management. Protect at work and in business those honest against those unfair.
www.forensicline.eu
Payroll fraud is the most common form of employee theft and of all the accounting fraud scams it’s one of the hardest to detect. One of the difficulties in stopping payroll fraud is the different types of scams that exist. How can you implement policies, procedures and strategies to identify, eliminate and prevent payroll fraud?
Join Peter Goldmann, president of FraudAware as he outlines strategies for detecting and preventing payroll fraud.
Payroll fraud is real, it is detectable and it is avoidable. Learn about recent payroll fraud cases in Australia and how to avoid and detect payroll fraud in your organisation.
Fundamental controlling tool of fraud prevention and detection designed for company owners and top management. Protect at work and in business those honest against those unfair.
www.forensicline.eu
Payroll fraud is the most common form of employee theft and of all the accounting fraud scams it’s one of the hardest to detect. One of the difficulties in stopping payroll fraud is the different types of scams that exist. How can you implement policies, procedures and strategies to identify, eliminate and prevent payroll fraud?
Join Peter Goldmann, president of FraudAware as he outlines strategies for detecting and preventing payroll fraud.
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
An organization’s accounts payable (AP) department offers many opportunities for fraud – by both internal and external perpetrators. After all, any money leaving the organization goes through this department. Fortunately, many accounts payable fraud schemes are easy to detect, as long as you know what to look for. They are also preventable, with strong controls and oversight.
Join Peter Goldmann, CFE and president of FraudAware, as he outlines strategies for detecting and preventing accounts payable fraud.
The webinar will cover:
Common accounts payable fraud schemes
Red flags of accounts payable fraud
How to implement effective accounts payable fraud detection measures
Best practices for accounts payable fraud prevention
Prevention and detection strategies from actual AP fraud cases
We continued our Celebrating 40 Years of Excellence! Fall Webinar Series with a webinar titled Fraud Prevention and Detection: Surprise Fraudsters Before They Surprise You. This webinar was hosted by Sam BowerCraft, Senior Manager and Dave Hammarberg , IT Director with McKonly & Asbury.
Check out our Upcoming Events page for news and updates on our future seminars and webinars at http://www.macpas.com/events/.
View a full recap of this webinar at http://www.macpas.com/fraud-prevention-and-detection-webinar/.
Slide deck from Workshop on Fraud Investigation delivered in January 2018 in Lahore arranged by the Institute of Chartered Accountants of Pakistan.
This slide deck provides a standard
On December 5, 2013, Ron Steinkamp, principal, government advisory services at Brown Smith Wallace, presented at the 2013 MIS Training Institute Governance, Risk & Compliance Conference. Ron focused on the following keys to fraud prevention, detection and reporting:
1. Anti-fraud culture
2. Fraud policy
3. Fraud awareness/training
4. Hotline
5. Assess fraud risks
6. Review/investigation
7. Improved controls
Accounts Payable Fraud: Keys to Detection and PreventionCase IQ
An organization’s accounts payable (AP) department offers many opportunities for fraud – by both internal and external perpetrators. After all, any money leaving the organization goes through this department. Fortunately, many accounts payable fraud schemes are easy to detect, as long as you know what to look for. They are also preventable, with strong controls and oversight.
Join Peter Goldmann, CFE and president of FraudAware, as he outlines strategies for detecting and preventing accounts payable fraud.
The webinar will cover:
Common accounts payable fraud schemes
Red flags of accounts payable fraud
How to implement effective accounts payable fraud detection measures
Best practices for accounts payable fraud prevention
Prevention and detection strategies from actual AP fraud cases
We continued our Celebrating 40 Years of Excellence! Fall Webinar Series with a webinar titled Fraud Prevention and Detection: Surprise Fraudsters Before They Surprise You. This webinar was hosted by Sam BowerCraft, Senior Manager and Dave Hammarberg , IT Director with McKonly & Asbury.
Check out our Upcoming Events page for news and updates on our future seminars and webinars at http://www.macpas.com/events/.
View a full recap of this webinar at http://www.macpas.com/fraud-prevention-and-detection-webinar/.
Slide deck from Workshop on Fraud Investigation delivered in January 2018 in Lahore arranged by the Institute of Chartered Accountants of Pakistan.
This slide deck provides a standard
On December 5, 2013, Ron Steinkamp, principal, government advisory services at Brown Smith Wallace, presented at the 2013 MIS Training Institute Governance, Risk & Compliance Conference. Ron focused on the following keys to fraud prevention, detection and reporting:
1. Anti-fraud culture
2. Fraud policy
3. Fraud awareness/training
4. Hotline
5. Assess fraud risks
6. Review/investigation
7. Improved controls
Risk Assessments Best Practice and Practical Approaches WebinarAviva Spectrum™
Risk assessments are the primary component when planning, executing and delivering value in an internal audit. They are the building blocks of your internal audit activities and operational audit program. Sonia Luna CPA, CIA, CEO of Aviva Spectrum and Monica Raffety, CIA
Senior Manager, Financial Controls at Kaiser Permanente will help you to:
Understand risk assessment tools available
Learn how and when to apply risk assessment techniques
Leverage different forms of quantitative and qualitative analysis techniques
Learn when to deviate from risk assessment templates with a memo or scoring
Understand what external auditors, management and the Board need to know when executing a risk assessment.
Understand how risk assessment impact the internal audit activities, from walkthroughs to testing
Sarbanes-Oxley was passed in the wake of a number of notable corporate accounting scandals including Enron and WorldCom.
And now in this training presentation, you will understand why and how this is important for us.
This presentation will highlight statistics for security and fraud of non-profit organizations. The webinar will also involve reviewing two non-profit case studies and the best practices that would have prevented a fraud or data breach event from occurring. We will look into how you protect your most valuable assets (employees, donors, the people you serve, etc.) and what it is that you have that fraudsters want. The webinar will give you information that you can use to start protecting your organization immediately.
During this workshop, Mr. Taylor will be discussing
how this growing crime is affecting individuals, families and small businesses.
Never before has there been a greater need for understanding identity theft and its impact.
In the workshop you will:
• Learn what ID Theft is and how to minimize the devastating effects
• Be introduced to the major types of identity theft
• Learn how to better protect personal and small business information
• Learn about restoration services and credit monitoring plans
Anti-Fraud and eDiscovery using Graph Databases and Graph Visualization - Cor...Neo4j
Investigating fraud often involves identifying suspicious patterns among mountains of uninteresting transactional data. A new partnership between Neo Technologies and Cambridge Intelligence allows fraud investigators and data analysts to uncover these patters far more easily. By combining the power of Neo4j's graph database and the visualization capabilities of KeyLines, a web-based graph visualization engine tightly integrated with Neo4j's data model, these investigators and analysts can visually drill down from aggregate data to the individual suspicious data elements quickly and without requiring significant technical expertise in query languages. This presentation will summarize the Neo Technology and Cambridge Intelligence partnership, discuss the technical integration between the two products, and demonstrate a number of different scenarios of uncovering fraud across multiple domains and data types.
During this workshop, Mr. Taylor will be discussing
how this growing crime is affecting individuals, families and small businesses.
Never before has there been a greater need for understanding identity theft and its impact.
In the workshop you will:
• Learn what ID Theft is and how to minimize the devastating effects
• Be introduced to the major types of identity theft
• Learn how to better protect personal and small business information
• Learn about restoration services and credit monitoring plans
PTA Seminar Preventing theft in_your_pta, the most common problems in PTA that needs solution, as school head and division tends to cover up. as this will affect the performance, points of the school head, superintendent and teachers.
Fraud specialist and published author Pamela Mantone presented "Fraud - Real Life Horror Stories" at the 2013 Decosimo Accounting Forum hosted by the University of North Alabama on July 19.
Insider Threat: Cases and Controls to Prevent Internal Fraud and PreventionCase IQ
“I never would have imagined”, said the company owner, manager, colleague, or workplace friend. It is hard to reconcile that people would engage in fraudulent behavior in the workplace, let alone the depth of these schemes. Financial misconduct and internal fraud are among the biggest threats to today’s organizations. Without the right controls and prevention measures in place, companies are at financial and reputational risk.
Join financial crime compliance advisory and training specialist Michael Schidlow, as he reviews recent cases of internal fraud, what we can learn from them, and controls that companies can put in place to prevent fraud
Poonawalla Fincorp and IndusInd Bank Introduce New Co-Branded Credit Cardnickysharmasucks
The unveiling of the IndusInd Bank Poonawalla Fincorp eLITE RuPay Platinum Credit Card marks a notable milestone in the Indian financial landscape, showcasing a successful partnership between two leading institutions, Poonawalla Fincorp and IndusInd Bank. This co-branded credit card not only offers users a plethora of benefits but also reflects a commitment to innovation and adaptation. With a focus on providing value-driven and customer-centric solutions, this launch represents more than just a new product—it signifies a step towards redefining the banking experience for millions. Promising convenience, rewards, and a touch of luxury in everyday financial transactions, this collaboration aims to cater to the evolving needs of customers and set new standards in the industry.
NO1 Uk Divorce problem uk all amil baba in karachi,lahore,pakistan talaq ka m...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
Introduction to Indian Financial System ()Avanish Goel
The financial system of a country is an important tool for economic development of the country, as it helps in creation of wealth by linking savings with investments.
It facilitates the flow of funds form the households (savers) to business firms (investors) to aid in wealth creation and development of both the parties
how to sell pi coins effectively (from 50 - 100k pi)DOT TECH
Anywhere in the world, including Africa, America, and Europe, you can sell Pi Network Coins online and receive cash through online payment options.
Pi has not yet been launched on any exchange because we are currently using the confined Mainnet. The planned launch date for Pi is June 28, 2026.
Reselling to investors who want to hold until the mainnet launch in 2026 is currently the sole way to sell.
Consequently, right now. All you need to do is select the right pi network provider.
Who is a pi merchant?
An individual who buys coins from miners on the pi network and resells them to investors hoping to hang onto them until the mainnet is launched is known as a pi merchant.
debuts.
I'll provide you the Telegram username
@Pi_vendor_247
The secret way to sell pi coins effortlessly.DOT TECH
Well as we all know pi isn't launched yet. But you can still sell your pi coins effortlessly because some whales in China are interested in holding massive pi coins. And they are willing to pay good money for it. If you are interested in selling I will leave a contact for you. Just telegram this number below. I sold about 3000 pi coins to him and he paid me immediately.
Telegram: @Pi_vendor_247
what is the future of Pi Network currency.DOT TECH
The future of the Pi cryptocurrency is uncertain, and its success will depend on several factors. Pi is a relatively new cryptocurrency that aims to be user-friendly and accessible to a wide audience. Here are a few key considerations for its future:
Message: @Pi_vendor_247 on telegram if u want to sell PI COINS.
1. Mainnet Launch: As of my last knowledge update in January 2022, Pi was still in the testnet phase. Its success will depend on a successful transition to a mainnet, where actual transactions can take place.
2. User Adoption: Pi's success will be closely tied to user adoption. The more users who join the network and actively participate, the stronger the ecosystem can become.
3. Utility and Use Cases: For a cryptocurrency to thrive, it must offer utility and practical use cases. The Pi team has talked about various applications, including peer-to-peer transactions, smart contracts, and more. The development and implementation of these features will be essential.
4. Regulatory Environment: The regulatory environment for cryptocurrencies is evolving globally. How Pi navigates and complies with regulations in various jurisdictions will significantly impact its future.
5. Technology Development: The Pi network must continue to develop and improve its technology, security, and scalability to compete with established cryptocurrencies.
6. Community Engagement: The Pi community plays a critical role in its future. Engaged users can help build trust and grow the network.
7. Monetization and Sustainability: The Pi team's monetization strategy, such as fees, partnerships, or other revenue sources, will affect its long-term sustainability.
It's essential to approach Pi or any new cryptocurrency with caution and conduct due diligence. Cryptocurrency investments involve risks, and potential rewards can be uncertain. The success and future of Pi will depend on the collective efforts of its team, community, and the broader cryptocurrency market dynamics. It's advisable to stay updated on Pi's development and follow any updates from the official Pi Network website or announcements from the team.
USDA Loans in California: A Comprehensive Overview.pptxmarketing367770
USDA Loans in California: A Comprehensive Overview
If you're dreaming of owning a home in California's rural or suburban areas, a USDA loan might be the perfect solution. The U.S. Department of Agriculture (USDA) offers these loans to help low-to-moderate-income individuals and families achieve homeownership.
Key Features of USDA Loans:
Zero Down Payment: USDA loans require no down payment, making homeownership more accessible.
Competitive Interest Rates: These loans often come with lower interest rates compared to conventional loans.
Flexible Credit Requirements: USDA loans have more lenient credit score requirements, helping those with less-than-perfect credit.
Guaranteed Loan Program: The USDA guarantees a portion of the loan, reducing risk for lenders and expanding borrowing options.
Eligibility Criteria:
Location: The property must be located in a USDA-designated rural or suburban area. Many areas in California qualify.
Income Limits: Applicants must meet income guidelines, which vary by region and household size.
Primary Residence: The home must be used as the borrower's primary residence.
Application Process:
Find a USDA-Approved Lender: Not all lenders offer USDA loans, so it's essential to choose one approved by the USDA.
Pre-Qualification: Determine your eligibility and the amount you can borrow.
Property Search: Look for properties in eligible rural or suburban areas.
Loan Application: Submit your application, including financial and personal information.
Processing and Approval: The lender and USDA will review your application. If approved, you can proceed to closing.
USDA loans are an excellent option for those looking to buy a home in California's rural and suburban areas. With no down payment and flexible requirements, these loans make homeownership more attainable for many families. Explore your eligibility today and take the first step toward owning your dream home.
Turin Startup Ecosystem 2024 - Ricerca sulle Startup e il Sistema dell'Innov...Quotidiano Piemontese
Turin Startup Ecosystem 2024
Una ricerca de il Club degli Investitori, in collaborazione con ToTeM Torino Tech Map e con il supporto della ESCP Business School e di Growth Capital
Falcon stands out as a top-tier P2P Invoice Discounting platform in India, bridging esteemed blue-chip companies and eager investors. Our goal is to transform the investment landscape in India by establishing a comprehensive destination for borrowers and investors with diverse profiles and needs, all while minimizing risk. What sets Falcon apart is the elimination of intermediaries such as commercial banks and depository institutions, allowing investors to enjoy higher yields.
how can I sell my pi coins for cash in a pi APPDOT TECH
You can't sell your pi coins in the pi network app. because it is not listed yet on any exchange.
The only way you can sell is by trading your pi coins with an investor (a person looking forward to hold massive amounts of pi coins before mainnet launch) .
You don't need to meet the investor directly all the trades are done with a pi vendor/merchant (a person that buys the pi coins from miners and resell it to investors)
I Will leave The telegram contact of my personal pi vendor, if you are finding a legitimate one.
@Pi_vendor_247
#pi network
#pi coins
#money
What website can I sell pi coins securely.DOT TECH
Currently there are no website or exchange that allow buying or selling of pi coins..
But you can still easily sell pi coins, by reselling it to exchanges/crypto whales interested in holding thousands of pi coins before the mainnet launch.
Who is a pi merchant?
A pi merchant is someone who buys pi coins from miners and resell to these crypto whales and holders of pi..
This is because pi network is not doing any pre-sale. The only way exchanges can get pi is by buying from miners and pi merchants stands in between the miners and the exchanges.
How can I sell my pi coins?
Selling pi coins is really easy, but first you need to migrate to mainnet wallet before you can do that. I will leave the telegram contact of my personal pi merchant to trade with.
Tele-gram.
@Pi_vendor_247
when will pi network coin be available on crypto exchange.DOT TECH
There is no set date for when Pi coins will enter the market.
However, the developers are working hard to get them released as soon as possible.
Once they are available, users will be able to exchange other cryptocurrencies for Pi coins on designated exchanges.
But for now the only way to sell your pi coins is through verified pi vendor.
Here is the telegram contact of my personal pi vendor
@Pi_vendor_247
3. • Timesheet fraud
• Ghost employees
• False expense claims
What are the Major Types of Payroll Fraud?
4. • Data mining tests
– More than 2 pay rises in a year
– Greater than 30% difference in wages between 2 employees who
have the same Position description.
– Multiple employees with the same bank account number
– Overtime charged during a slow period
– Compare security gate records with timesheet submitted
• Random checks to source data
How do we prevent & detect timesheet frauds?
5. • Cross reference list of employees from
payroll reports to other sources eg.
– Building access cards
– Windows Log On
– Company phone book
– Budgets.
• Review HR records for anomalies
• Data Mining Routines
– Identify employees with missing, or
duplicate master file information
How do we detect ghost employees?
6. Other payroll data mining tests
(# 4) Multiple employee records with same mobile phone number
(# 1) Multiple employee records with same bank account
(# 1) Multiple employee records with same bank account
(# 4) Multiple employee records with same mobile phone number
(# 5) Multiple employee records with same TFN
(# 8) Multiple employee records with same date of birth and some other common
characteristic e.g. same Suburb
(# 9) Multiple employees with the same Super fund account number
(# 14) Identify employees who have not taken any annual leave during the year
(# 22) Identify employees that have an algorithmically incorrect TFN
(e.g. 111 222 333)
7. How do we detect false employee expense
claims?
100% review of all supporting
documentation within a set period
18. 6) Gambling and gambling related debts are
common precursors to payroll fraud
“They treated me like a queen.
They reserved my favourite
machine for me. I was like a
zombie.”
“Everyone thought she was
an extremely loyal
employee always looking
after the books.”
19. Patterns to look out for include:
• Absenteeism
• Regular ill health or “shaky” appearance
• Easily making and breaking promises and
commitments
• Series of creative “explanations”
• High level of self absorption
• Inconsistent or illogical behaviour
• Forgetfulness or memory loss
• Family problems
• Evidence of deceit (small or large)
Addiction problems
20. High risk or hot air? How vulnerable is your company
to payroll fraud?
24. 25% of people, if given the opportunity will commit
fraud against their employer (Source: ACFE)
25. 1. Consolidate multiple payroll systems
2. Document process and identify vulnerabilities e.g. access to
electronic bank transfer file, number of cheque signatories
3. Ad-hoc audits and random checks to source documents
4. Reconciliation of headcount from month to month (ons and offs).
Also sub ledgers to main ledgers and bank reconciliations.
5. Open communication channel for Tip offs (e.g. new staff being
asked to manipulate timesheet) fraud hotline, email etc
6. Segregation of duties – don’t give any one employee too much
control
7. Make employee background and criminal record checks part of the
standard hiring process.
8. Regular Data Mining reviews
9. Monitor access to Payroll system at suspicious times e.g. late at
night, or on weekends
10. Limit IT access, including read-only access, to the payroll system
to only those individuals that need it.
10 key steps to beat payroll fraud
29. Case Study 1: Clive Peeters, Victoria
Sonya Causer
photographed by The
Age after successfully
bidding for a new car at
a charity auction prior to
coming clean over the
missing $19.3m.
30. Background
• Payroll manager admitted to embezzling $19m over 18 months.
Used the funds to buy more than 40 properties & luxury cars.
She was jailed for 8 years with a non parole period of 2 years.
Personal details
• 39 year old female from Victoria.
How was the ‘fraud’ conducted?
• Used a loophole in the company’s Internet Banking with NAB.
• Falsified payroll records
• Transferred cash to her bank account
• Signatory to the company’s bank account
• Covered her trail by changing financial records.
How was it detected?
• An accountant noticed a $2m variation between 2 company
ledgers.
• Auditors then discovered that the amount was closer to $20m.
Case Study 1: Sonya Causer, Clive Peeters
32. Background
• Payroll clerk admitted to stealing $1m over 6 years.
• Money lost through mortgage payments and possibly through
poker machines.
Personal details
• 42 year old female from Sydney, NSW.
• The fraud started shortly after the woman separated from her
husband.
How was the ‘fraud’ conducted?
• Used employee codes of five past staff members
• Created fake teachers (ghost employees)
• Remitted PAYG tax to the ATO
• Transferred cash to her bank account
How was it detected?
• Money was directed into joint bank account with ex-husband.
• Husband discovered the fraud and made her confess to the
school.
Case Study 2: SCEGGS Redlands, NSW
34. Background
• Payroll clerk accused of stealing $120,000 over 2 years.
Personal details
• 29 year old female from Broome, WA.
How was the ‘fraud’ conducted?
• Appears that either used ghost employees or overpaid herself
• Remitted PAYG tax to the ATO
• Transferred cash to her bank account
How was it detected?
• It’s unknown at this stage how the fraud was detected.
Case Study 3: Cable Beach Club, WA
35. • St George Fraud
Case Study 4: St George Bank, NSWCase Study 4: St George Bank, NSW
36. Background
• Senior Lending Officer admitted to stealing $1.4m over 8
years.
Personal details
• 46 year old female from Sydney, NSW.
• No trace of the money has been found.
How was the ‘fraud’ conducted?
• Used her employee number and password to approve
overdraft loans in her name, and those of her father and
former husband. This was in breach of company policy.
How was it detected?
• The Bank discovered the fraud.
Case Study 4: St George Bank, NSW
38. Background
• Extensive and systemic corruption over a number of years.
Organisation details
1. The very structure of the organisation and the way it operated
allows and encourages corruption;
- Reporting arrangements
- Management competence
- Culture; and
- Oversight arrangements.
All contributed to endemic corruption.
How was the ‘fraud’ conducted?
1. Falsified timesheets
2. Sharing of passwords
3. Creation of false vendors
4. Changing of master data by administrator.
Case Study 5: Railcorp, NSW
39. • Cross check payroll master data to AP data
• Name
• Address
• BSB and Bank account number
• Phone
• ASIC Personal extract searches on key
employees, cross reference to Vendor records
• Cross reference to other data sources (Banned
directors, Court records)
How payroll can be used to find other frauds in
your organisation?
40. • 90 percent of occupational fraud cases go
undetected. And of the remaining 10 percent,
only 20 percent of those are detected by
internal controls.
• 66% of perpetrators acted alone.
• Over 35% of frauds were conducted by those
aged between 41 and 50
• Males accounted for almost 60% of
perpetrators
• Over 87% of perpetrators had no past
criminal history
• Source: ACFE 2008 Report to the Nation
Key facts and figures
42. People
• Culture of “excellence” - from the top down
• People are made accountable
Processes
• Documented and kept up to date
• Segregation of key duties
• Vulnerabilities identified and fixed
Systems
• The system can handle the complexity without manual
workarounds
• Passwords are regularly changed and not shared
• User accounts are terminated when employees exit
• Master data change logs are functioning & regularly reviewed
How do we avoid mediocre behaviour?