NCJ Number
133003
Journal
Internal Auditor Volume: 48 Issue: 4 Dated: (August 1991) Pages: 49-52
Date Published
1991
Length
4 pages
Annotation
The Institute of Internal Auditors (UK) and the Chartered Institute of Management Accountants received responses from 184 members to questionnaires regarding the extent of computer fraud and the role of internal auditors in preventing and detecting such fraud.
Abstract
The respondents represented major companies, building societies, financial and banking institutions, insurance companies, government agencies, and other public sector organizations. Nearly all of them considered the possibility of computer fraud when examining new and existing systems at the design, testing, implementation, and post-implementation levels. More attention was paid by internal auditors to the possibility of fraud when specific reviews were in progress than at the amendment stage. Respondents rated passwords, segregation of duties, and physical security as the most important controls to preventing computer fraud. The most frequently used techniques for detecting computer fraud were listed as installation review, input/output reconciliations, and interrogation software. Training of computer auditors was seen by respondents to be a perennial problem; on-the-job experience was rated as the best training method. The respondants judged minicomputers and electronic funds transfer systems as the most risky in terms of potential fraud. False computer input and unauthorized access were thought to be the most likely methods of committing computer fraud.