1 / 32

Chapter 10

Chapter 10. Using Information Technology for Fraud Examination and Financial Forensics. Critical Thinking Exercise. A married couple goes to a movie. During the movie the husband strangles the wife. He is able to get her body home without attracting attention. How is this possible?.

mei
Télécharger la présentation

Chapter 10

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 10 Using Information Technology for Fraud Examination and Financial Forensics

  2. Critical Thinking Exercise A married couple goes to a movie. During the movie the husband strangles the wife. He is able to get her body home without attracting attention. How is this possible?

  3. The Digital Environment • “Garbage-in, garbage-out” • Maintain data integrity • Be able to prove origins and credibility of the data

  4. Overview of Information Technology Controls • IT audit • Planning • Tests of controls • Substantive tests • Computer-Aided Audit Tools and Techniques (CAATT) • Application controls • Source documents • Data coding controls • Batch controls • Validation controls • Record validation • Examination of application input system

  5. Overview of Information Technology Controls • Processing controls • Ensure processed data maintains its integrity as it moves within the system • Output controls • Spooling • Print programs and bursting • Monitor waste • Identify responsibility

  6. Overview of Information Technology Controls • General framework for viewing IT risks and controls • IT operations • Data management systems • New systems development and integration • Systems maintenance • Systems back-up and contingency planning • Electronic commerce • Control over computer operations

  7. IT Audits and Assurance Activities • Black box approach • Develop understanding of the system • Test integrity of data and system • White box approach • System walk-throughs (tracing) • Authenticity • Accuracy • Completeness • Redundancy • Access audit trail • Rounding error test

  8. IT Audits and Assurance Activities • IT systems personnel may be colluding to conceal fraud • Few understand information technology • IT professional may substitute inappropriate version of software to alter data • IT auditor must ensure entire control environment is examined

  9. Digital Evidence • Digital evidence analysis helps sift through, organize and analyze large amounts of evidence • Must be examined with speed and accuracy • Electronic Imaging • Computer forensics • Warrant or subpoena required to obtain digital evidence • Probable cause • Initial acquisition • Maintain good work papers

  10. Tools Used to Gather Digital Evidence • Road MASSter • Portable computer forensic lab • Acquire and analyze electronic data • Preview and image hard drives • Completely remove and erase stored files and programs from hard drives • EnCase • Investigate and analyze data in multiple platforms • Identify information despite efforts to hide, cloak or delete data • Manage large volumes of computer evidence

  11. Recovering Deleted Files • Deleted files aren’t removed from hard drive • Until computer reuses space where file resides, the data in the file will remain intact • Defrag command • Reorganize hard drive for more efficient data storage • Undelete software • Searches for clues as to the locations of the disk space where the deleted file resides • Examine unallocated disk space

  12. Recovering Deleted Email • Emails are stored in mail folders • Each folder is considered a separate file • Prior to compaction, deleted emails may be recovered using software • E-discovery rules require organizations to provide electronic files going back in time • Probability of deleted email recovery is greatly enhanced

  13. Restoring Data • More sophisticated approach • Restore lost files under more challenging circumstances • Stop writing to drive to increase probability of recovering data • High security or privacy software make the chance of restoring files non-existent • Manual restoration is sometimes needed • Cost-benefit analysis

  14. Detection and Investigation in a Digital Environment • Must have understanding of what could go wrong • Targeted approach required • “Flat file” • Sequential, indexed, hashing and pointer file structures • “Hierarchical and network database” • Relational • “Rifle shot approach”

  15. Data Extraction and Analysis Software Functions • Sorting • Record selection and extraction • Joining files • Multi-file processing • Correlation analysis • Verifying multiples of a number • Compliance verification • Duplicate searches • Vertical ratio analysis • Horizontal ration analysis • Date functions • Recalculations • Transactions and balances exceeding expectations

  16. Data Extraction and Analysis Software • Choose based on individual case • Which is most appropriate for current investigation? • Two categories of data mining and knowledge discovery software • Public domain/shareware/freeware • Commercial applications

  17. IDEA data Analysis Software • Interactive Data Extraction & Analysis • Generalized audit software • Imports data in differing file formats • Examine file statistics and observe raw data values underlying those statistics • Bender’s Law analyses • Compare and recalculate invoices • Helps organize work

  18. ACL • Audit Control Language • Audit analytics and continuous monitoring software • Ensure internal controls compliance • Investigate and detect fraudulent activity • Continuous auditing • Independent verification of transactional data • ACL uses in digital environment • Audit analytics • Continuous auditing and monitoring • Fraud detection and investigation • Regulatory compliance • Secure data access

  19. Picalo • Data extraction and analysis tools • Used to analyze • Financial information • Employee records • Purchasing systems • Accounts receivable and payables • Sales • Inventory systems • Can be programmed to • analyze network activities • web server logs • system login records • import email into relational or text-based databases

  20. Graphics and Graphics Software • Most people are overwhelmed by a page of numbers • Three roles in an investigation • Investigative tool • Identify holes • Communicate investigative findings, conclusions and results • Types of graphics software • The association matrix • Link charts • Flow Diagrams • Time Lines

  21. The Association Matrix • Identifies major players who are central to an investigation • Identify linkages between those players • Starting point for reflecting important data in a simplified format • Helps investigator visually see important links

  22. The Association Matrix

  23. Link Charts • More complex than association matrices • Graphically represent important relationships • Linkages between people, businesses and “organizations” • Create graphic representation of known and suspected associations that are involved in criminal activity

  24. Link Charts

  25. Flow Diagrams • Analyze movement of events, activities and commodities • Discover meaning of activities and their importance to the investigation

  26. Flow Diagram

  27. Timeline • Chronologically organize information about events or activities • Help determine what has or may have occurred and the impact those actions had

  28. Timeline

  29. Other Graphical Formats

  30. Case Management Software • Manage cases and case data • Organize case data in meaningful ways • Present information for use in reports or during testimony • Used to initiate investigations • Case management software tools • Analyst’s Notebook i2 • Lexis-Nexis CaseMap

  31. Analyst’s Notebook i2 • Visualize complex schemes • Organize and analyze large volumes of seemingly unrelated data • Bring clarity to complex investigations, schemes and scenarios • Increase evidence management efficiency

  32. Lexis-Nexis CaseMap • Central repository for case knowledge • Organize information, facts, evidence, documents, people, case issues and applicable law • Evaluates relationships between different attributes of the case information • TimeMap • TextMap • NoteMap • DepMap

More Related