NCJ Number
65124
Journal
Management Accounting Volume: 59 Issue: 10 Dated: (APRIL 1978) Pages: 61-64
Date Published
1978
Length
4 pages
Annotation
COMPUTER-ASSISTED FRAUD IS A MAJOR PROBLEM THAT IS EXPECTED TO GROW EVEN GREATER WITH THE PROLIFERATION OF COMPUTER SYSTEMS, PARTICULARLY IN THE WAKE OF THE FAST-GROWING MINICOMPUTER INDUSTRY.
Abstract
ONE COMPUTER SECURITY CONSULTANT ESTIMATED COMPUTER FRAUD AT A HALF-BILLION DOLLARS A YEAR, INCREASING TO OVER A BILLION DOLLARS A YEAR BY 1980. THE EXTENT OF THIS CRIME IS DIFFICULT TO ASSESS BECAUSE MOST COMPUTER-ASSISTED CRIMES GO UNREPORTED EITHER FOR REASONS OF CRIME PREVENTION OR FEAR OF UNFAVORABLE PUBLICITY. APPROXIMATELY 5 PERCENT OF COMPUTER-ASSISTED CRIMES ARE PUBLISHED IN THE NEWSPAPERS, WHILE ANOTHER 5 PERCENT IS KNOWN BY THE LAW ENFORCEMENT COMMUNITY. TOGETHER, THESE AMOUNTS TOTAL A RECORDED 10 PERCENT OF ACTUAL CRIMES. IN ADDITION, DISTINGUISHING COMPUTER-ASSISTED CRIMES FROM SIMPLE ERROR IS SOMETIMES DIFFICULT. BUT THE MOST SIGNIFICANT FACT OF COMPUTER FRAUD IS THE LOW RISK OF GETTING CAUGHT. THE TYPICAL COMPUTER CRIMINAL IS A WHITE-COLLAR INDIVIDUAL WHO ONLY GETS INVOLVED IN LOW-RISK SITUATIONS AND WHO IS USUALLY CAUGHT BY ACCIDENT. MOREOVER, MINICOMPUTER GROWTH INCREASES OPPORTUNITIES FOR PEOPLE TO PERPETUATE FRAUDS. THE GROWING POTENTIAL FOR FRAUD AND EMBEZZLEMENT WITH THE USE OF ELECTRONIC DATA PROCESSING SYSTEMS HAS DEVELOPED A NEW INDUSTRY DESIGNED TO HELP SOLVE THESE AS WELL AS OTHER PROBLEMS. ONE COMPUTER AUDITING REPORT SUGGESTS (1) THAT TOP MANAGEMENT TAKE THE RESPONSIBILITY FOR AUDITING AND CONTROLLING ANY EDP SYSTEMS, (2) THAT IMPROVED INTERNAL CONTROLS ARE NEEDED FOR DATA PROCESSING AND THE REPORTS THAT RESULT FROM IT, AND (3) THAT INTERNAL AUDITORS SHOULD ACTIVELY PARTICIPATE IN THE DEVELOPMENT OF SYSTEMS FOR THEIR ORGANIZATION. COMPUTER SECURITY EXPERTS ALSO RECOMMEND THAT CORPORATIONS ESTABLISH POLICIES AND STANDARDS FOR COMPUTER SECURITY SO THAT EXTERNAL AUDITORS WILL BE ABLE TO EVALUATE THE SYSTEM'S COMPLIANCE WITH WRITTEN PROCEDURES AND POLICIES. A LIST OF SOURCES ON COMPUTER FRAUD SECURITY AND A DIAGRAM OF AN ENCRYPTED COMMUNICATIONS SESSION BETWEEN A HOST IBM/370 AND A CONTROL UNIT DISPLAY TERMINAL ARE INCLUDED. (AOP)