Submitted by: Submitted by lizng
Views: 128
Words: 1276
Pages: 6
Category: Business and Industry
Date Submitted: 02/05/2014 07:42 AM
Types of Computer Fraud
2 Levels
a. Employee Fraud
- Committed by non-management personnel
- Usually consists of an employee taking cash or inventory for personal gain by circumventing a company’s system of internal controls
b. Management Fraud
- Perpetrated at levels of management above the one to which internal control structure relates
- Frequently involves using financial statements to create an illusion that an entity is more healthy and prosperous than it actually is
- Misappropriation of assets frequently shrouded in a maze of complex business transactions
4 stages of information processing (general Infomation System model)
a. Data Collection Fraud
- This aspect of the system is the most vulnerable because it is relatively easy to change data as it is being entered into the system.
- Also, the GIGO (garbage in, garbage out) principle reminds us that if the input data is inaccurate, processing will result in inaccurate output.
b. Data Processing Fraud
- Program Frauds: altering programs to allow illegal access to and/or manipulation of data files or destroying programs with a virus
- Operations Frauds: misuse of company resources, e.g. use computer for personal business
c. Database Management Fraud
- Altering, deleting, corrupting, destroying, or stealing an organization’s data
- Often conducted by disgruntled or ex-employee
d. Information Generation Fraud
- Stealing, misdirecting, or misusing computer output
- Scavenging: searching through the trash cans on the computer center for discarded output (the output should be shredded, but frequently is not)
Internal Controls
|Preventive controls |Key strategies: |
| |Supervision (Supervising physical access, CCTV,...