1
Q
What are the 3 Classifications of Fraud on the Association of Certified Fraud Examiners (ACFE)’s “Fraud Tree”?
A
CMFS
(1) Corruption schemes
- Ex: Kickback
(2) Asset misappropriation schemes
(3) Fraudulent statement schemes
2
Q
What are 3 conditions present when Fraud occurs or “Fraud Triangle”?
A
- Incentive/Pressure - Reason to commit fraud, something personal that motivates person to commit fraud
- Opportunity - Absence of controls, ineffective controls, or ability of mgmt to override controls, person in a position of trust or of tenure
- Rationalization - Mental process to justify why fraudster NOT committing a crime
3
Q
What are examples of when “Opportunities” are increased to commit Fraud?
A
- Large amts of cash on hand or processed
- Inventory items small in size, high value or high demand
- Easily convertible assets, like bearer bonds, diamonds, or computer chips
- Fixed assets small in size, marketable, or lacking observable ID of ownership
4
Q
Describe the steps of using IT Skills in Fraud Investigations:
A
(1) Evaluate Relevant Systems and Software
(2) Evaluate IT Antifraud Controls
(3) Examine Logical Access
(4) Observable Digital Data Sources
(5) Nonobservable Digital Data Sources
- Metadata
5
Q
What is AU316?
A
- AU316 (codification of SAS 99), “Consideration of Fraud in FS Audit”
- Describes process where auditors assess RMM related to fraud
- Describes factors that s/b present throughout audit
- Applying this standard s/b the best way to assess RMM related to fraud in FS audit.
6
Q
What is the definition of “Fraud” according to AU316.05 SAS 99?
A
- Fraud is an intentional act that results in a material misstatement in FS that are subject of audit
7
Q
When is “Data Mining and Analysis” beneficial in a fraud investigation?
A
- When events or transactions are large in volume w/in which potential evidence of fraudulent events or transaction exists (ability to isolate or ID fraud transactions become difficult to do manually)
- When paper documents large in volume but same info exists in data
- When multiple and disparate systems are used (often purposely designed to obfuscate a fraud)
- When data mining and analysis clearly more efficient than alternative substantive or manual detective/investigation procedures
8
Q
What is “Observable Data”?
A
- Data easily observed in electronic form on electronic devices, through O/S, apps and other interfaces
9
Q
What is “Nonobservable Data” and give examples?
A
- Data sometimes not known to users and not in transactional data
- Ex: Metadata, latent data
10
Q
What is the meaning of the slang term “back door”?
A
- Access to data or applications via bypassing the normal access controls interfaced w/ networks and apps, and accessing them via O/S controls
- Without proper O/S access controls, employee, esp a mgr, could have “keys to the kingdom”
- Missing or weak O/S controls allow person to gain access to all databases and/or apps
11
Q
What is “Latent Data”?
A
- Latent data is undiscovered, concealed, misplaced, missing or hidden data on disk drives not converted to observable info.
- Data is usually not accessible by apps.
- Latent data is very fragile and subject to loss by its nature.
- A type of nonobservable data
- Examples:
• Deleted files (can be recovered)
• Slack space (download temp files stored there)
• RAM data (if computer is powered up)
• Temporary files (from application processes)
• Windows swapped files
• Stored printer images
12
Q
What is “Metadata”?
A
- Metadata is data about data
- Valuable in fraud detection and investigation
- A type of nonobservable data
- Ex: Properties of MS Office documents not viewable in document, but viewable w/ properties function
- Metadata also exists in the following:
• Email headers
• Spreadsheet formulas and inked data
• Database structures and relationships
• Edit history (track changes in MS Word)
• System logs of users’ activities
• Windows NFTS/FAT files (directories)
• Certain HTML code, aspects of XML files
CITP
flashcards
Decks in class (29)
# Cards
-
Risk Assessment (a)9
-
Fraud Considerations12
-
Internal Controls & IT General Controls 115
-
Evaluate, Test and Report 1(a)(iii)13
-
Information Management and BI 3(b)10
-
Information Management and BI 2(b) - SAELC13
-
Fraud Considerations 212
-
Risk Assessment 310
-
Internal Controls & IT General Controls 2(b)(ii) - SDLC12
-
Information Management and BI 3(c)(i)12
-
Evaluate, Test and Report 1(b)-1(d) - SOC11
-
Evaluate, Test and Report 2(d)9
-
Information Management and BI 1(a)11
-
Random7
-
Information Management and BI 1(b)15
-
Information Management and BI 2(a)10
-
Information Management and BI 3(c)(iii) & 412
-
Information Management and BI 1(b) (Part 2)6
-
Internal Controls & IT General Controls 1 (Part 2)10
-
Internal Controls & IT General Controls 2(a)9
-
Internal Controls & IT General Controls 2(b)(iii) to 2(b)(vi)12
-
Internal Controls & IT General Controls 2(c) and 2(d)13
-
Internal Controls & IT General Controls 3 & CDLC8
-
Evaluate, Test and Report 1(a)(iv)5
-
Risk Assessment (b)10
-
Risk Assessment (c)(i) and (c)(ii)14
-
Risk Assessment (c)(iii) and (d)9
-
Evaluate, Test and Report 2(a)-2(c)15
-
Evaluate, Test and Report 1(a)(i)-(ii) and 411
