Question

The impact of weak internal controls can affect an employee’s fraud behavior. The role of information technology (IT) controls facilitate and help detect fraud.

• Design a method from the accounting information system (AIS) readings to help eliminate such employee fraud activity. Chapter 3 in your textbook discusses the need for a code of ethics and internal controls.

Be sure to respond to at least one of your classmates' posts.

The impact of weak internal controls can affect an employee’s fraud behavior. The role of information technology (IT) controls facilitate and help detect fraud.

• Design a method from the accounting information system (AIS) readings to help eliminate such employee fraud activity.

Answer 1

Internal control System is the sum of a large number of activities comprising of policies, procedures, bylaws, technological infrastructure ,etc.

All these activities aim to protect the organisational resources, sustain efficiency of operations, and ensure reliability of financial statements.

Another crucial aim is to prevent any fraud or wastage of resources.

All these processes are executed by the top management with the help of members / employees t each level of organisation.

Fraud Prevention is one of the biggest challenges to the organizations across the world. What are the advanced measures that can be explored to ensure Fraud Prevention in a more effective manner? What role can Information Security play to enhance the Fraud Prevention mechanisms in your organization?

1. Ensure to align Information Security Program and activities with Fraud Prevention measures in the organization
2. Carry out a Fraud Risk Assessment in the context of Information Security Threats – From Internal and External perspective
3. Identify, design and implement critical controls required to protect the organization, staff and its customers from frauds – People, Process and Technology Controls. In some cases, it may be just through improved awareness among the people.
4. Ensure to have proactive monitoring and detective mechanisms to predict frauds through early warnings.
5. Formulate “use cases” by collecting intelligence through internal and external sources of information to detect potential fraud for a timely response.
6. Focus on ensuring effective controls on the protection of information from internal and external threats – Confidentiality, Integrity, and Availability of the data. Authorized parties only should have access and authority to view and change the information and its status, with adequate audit trails.
7. Develop and practice incident response plan for handling potentially fraudulent activities (due to information security breaches), where fraud management/investigation teams may need to be involved. In some instances, HR department too, if the potential fraud attempt includes the involvement of the staff.
8. Develop and implement specific controls for all online channels to be resilient to fraudulent activities – Technical and Procedural.
9. Ensure to perform multiple checks and Maker-Checker based approvals for critical/sensitive actions or transactions with appropriate segregation in duties.
10. Develop customized security awareness training to educate the staff and customers about the importance of Information Security best practices for Fraud Prevention.

It is generally a computer-based method for tracking accounting activity in conjunction with information technology resources. An AIS combines traditional accounting practices, such as the use of Generally Accepted Accounting Principles (GAAP), with modern information technology resources.

An accounting information system (AIS) involves the collection, storage, and processing of financial and accounting data used by internal users to report information to investors, creditors, and tax authorities. It is generally a computer-based method for tracking accounting activity in conjunction with information technology resources. An AIS combines traditional accounting practices, such as the use of Generally Accepted Accounting Principles (GAAP), with modern information technology resources.