Fraud And Forensic Auditing Information Technology Essay

This paper discusses fraudulence and forensic auditing, and specifically, how it affects information technology. The three main elements necessary in order to create scams are pressure, rationalization, and opportunity. Financial scams is a powerful, ever changing market that changes every day with raises in new technology, resulting in the need for computer forensics to reconstruct occasions and completely analyze all electronic research to provide correct documentation and maintain the integrity of the data. Advanced education and training are broadening as the field of Forensic Auditing and Accounting is growing.


Fraud and forensic auditing is becoming

more relevant in business today. Fraud has always been a business matter, but as information technology becomes more frequent, so will the necessity for more advanced scam and forensic auditing techniques. Formal fraud and forensic auditing surfaced through the 1970's and 1980's with the starting point of more computerized business technology. Early techniques started with an administrator viewing information systems for 'red-flags' and has changed into intricate, computerized software. This software has created the thought of computer forensics, which is the mixture of computer research and regulation to accurately assess information and generate data that can be used to accuse or defend. As scam and forensic auditing is widening, the need for teaching and trained in higher education accounting programs is increasing. Not only are new programs expanding for forensic auditing, but also financial auditing programs are growing their material to protect fraud and forensic auditing techniques.

Overview of Fraud

The Fraud Triangle

Fraud has become an important theme in the current business environment, especially in the light of scandals such as Enron and WorldCom. While many think of top corporate executives committing deceptive acts, especially those considering financial reporting, it is important to notice that lower level employees also add to the risk of scam in a company. The scam triangle shows the three main elements necessary to be able to create fraudulence: pressure, rationalization, and opportunity [1].

Financial pressure is often the first reason someone within the corporation would like to commit fraud. This could take the form of less level worker who detects himself in a difficult personal situation and is convinced that he'd only reap the benefits of stealing from the business [2]. Alternatively, a worker may commit fraudulence because they think that the company or their job could be in jeopardy if indeed they do not meet their explained financial goals for the period. In either situation, the employee could be a normally moral person, but noticed pressure to meet personal or company expectations [3].

The second factor essential for fraudulence is rationalization. That's where the worker justifies to himself that committing the fraudulence isn't as bad as it seems. Often a worker will rationalize by stating that the money will be paid back if it is stolen, or that the company could make in the deficits later, if the issue involves financial confirming [2].

Finally, there should be an opportunity for the perpetrator to commit the fraud. This is usually made possible by weak inside controls in the company and weak build at the very top regarding the ethical responsibility of employees. This is the most important aspect of the scams triangle because without opportunity, the staff would have no chance of actually carrying out the fraudulent activity [3].

There are three main ways that companies can mitigate the risks associated with fraud. First, establish a firm tone at the top, ensuring that all employees understand and devote commitment to their ethical duties. Management's view of ethics is of the most importance. Subsequently, auditors should view companies with a wholesome sense of skepticism in all work performed, remember that anyone can commit fraudulence. Finally, the business should make sure that there is enough of communication by any means degrees of the supply string [4].

Information Technology's Impact on Fraud

Information technology can be both cause to fraudulence and the solution to fraudulence. Auditors can use information technology to aid within an audit, while a corporation can use software applications to make records easier to collect.

Information technology is becoming an increasingly more important part of an company's business strategy. Even though many companies are counting on information technology to curb fraudulence, it also raises some risks. The usage of information technology can lead to unauthorized usage of important company data and information. This could cause someone having the ability to record nonexistence ventures or change information that was already updated in the machine. Additionally, because the utilization of information technology in accounting systems may necessitate technical expertise in using the machine, it is easier for many who can say for certain how to use the systems to improve the control buttons or programs. These increased hazards can increase fraud in the financial assertions. With the use of information technology, auditors must become more aware of the implications of information technology on the chance of fraud from the audit [5].

Additionally, cybercrime is of particular concern to companies that make an online search for any part of the functions. Many cybercriminals are able to incorporate their computer skills with social engineering to be able to access critical company information and personal customer data. Hacking techniques, such as phishing, have become more of a problem. Hackers are keeping up with cyber security, and organizations must be sure that they are aware of the proceedings when it comes to their computer systems. In a very business environment that more and more depends more on information technology to assist operations, it is now more very important to management and auditors to understand any technological changes made to systems in order to keep an eye on any issues that could bring about deceptive financial reporting [6].

Responsibility for Fraud

According to auditing specifications, auditors are not accountable for making assertions on scams, but rather are in charge of determining whether or not the financial claims are free of materials misstatement. Therefore, the responsibility of fraud lies in the hands of a company's management [5].

The General public Company Accounting Reform and Investor Protection Action of 2002 (better known as the Sarbanes-Oxley Function) was put into effect partially to revive investor self confidence in financial assertions after a series of deceptive financial reporting happenings [4]. This Work made management much more responsible for scams in financial statements than ever before. Section 303 of this action requires that the principle Financial Official and CEO of the business sign off on the final statements and verify they are valid. Inevitably, management will be accountable for fraud, but there's always the debate that if fraud is found that someone will seek compensation from the auditors [7].

Why Fraud and Forensic Auditing?

History of Scam and Forensic Auditing

Now that people have a simple knowledge of what scams and forensic auditing is, it's important for us to examine the annals of the field. Scams and forensic auditing emerged through the 1970s and 1980s with the explosion of technology-based business functions. As we realize all too well, technology can increase efficiency, while all together increasing dangers to security and fraud. Also during this time, concerns about scams, government throw away, and criminal offenses (white-collar and blue-collar) were being plastered on the news. Therefore, it was quickly noticeable that businesses needed some form of intrusion detection systems to manage the risks of incorrect activities, thus resulting in the discipline of scams and forensic auditing [7].

This new form of auditing goes beyond government regulations and is designed to be utilized in litigation for cases of insurance, bankruptcy, embezzlement, computer scam, and other related offences. Computer crimes and financial fraudulence are carefully calculated, intuitive disorders by criminals. Therefore, fraudulence and forensic auditing requires more than simply a basic set of standards; it requires intuition. Because scam is often diagnosed by accident, fraud auditors have developed a couple of "scenarios" to learn to be proactive and think such as a criminal. Jack port Bologna, leader of Computer Coverage Systems, Inc. in 1984, explained that the best training for fraud auditors was on-the-job training. Bologna went on to say that because of the great degree of variability in scams there is no clear way to learn everything in the class, although scam auditors must have a basic understanding of accounting and auditing. Thus, the best experience originates from employed in the field [7].

Fraud and forensic auditing is a strong and speedily changing willpower. The first fraudulence and forensic auditing tools (known as intrusion detection systems) involved systems administrators enjoying a computer gaming console to monitor user's actions. The goal of these intrusion detection systems was to identify unauthorized or against the law use of the systems. Systems administrators searched for "red-flags" on the machine, such as, vacationing employees remotely logging in to the system or a seldom-used computer element suddenly being fired up for no clear reason. The results of the early intrusion diagnosis devices were logged on bed linens of folded computer paper that were subsequently stacked several toes high by the end of every week. The systems administrators were then faced with the daunting task of filtering through these stacks of information to find potential scams. Although the purpose of this system was to discover fraud and improper or unlawful use of the systems, it was more reactive than proactive. The procedure was gradual and intricate with the recognition system logs run at night and not analyzed until the following day. Therefore, most intrusions weren't detected until once they had already took place. However, in the 1990s, real-time intrusion diagnosis scanners were launched allowing systems administrators a better opportunity to review systems information as it was produced and the capability to reply in real-time. This much more proactive strategy increased the potency of the intrusion diagnosis systems, and in some cases, allowed administrators the capability to assault preemption [8].

However, as the intrusion detection systems changed, so have the types of fraud. Currently, the Securities and Exchange Percentage hear over 100 situations of financial scam and accounting situations per year, which is a stark increase prior to the explosion of technology running a business before the 1970s. In some instances, big known as companies, such as, Bausch and Lomb, Sunbeam, and Knowledgeware experienced to restate financial information due to fraudulence. Therefore impacts stock prices, and often leads to bankruptcy, changes in possession, and layoffs, among other problems. In terms of financial scams cases, however, no more than 2% make it to trial, 20% are dismissed; the rest are resolved out of judge. Prosecution is costly both to the federal government and to investors and company employees. Nevertheless, as financial times worsen, as we've seen in modern times, the quantity and variety of scams cases boosts. Financial fraud is a powerful, ever changing market that changes every day with boosts in new solutions [9].

In order to keep tempo with the demand for fraudulence detection systems, scams and forensic auditors are being held in charge of the increase in the diagnosis of scams. However, as Jack port Bologna discussed, most fraud recognition systems cannot be discovered in a school room, but rather must be discovered on-the-job [7]. Third, concept, most universities today still lack curriculum in financial scam recognition. Although, the demand for auditors been trained in fraud diagnosis is increasing at a rapid tempo as the occurrence and variety of fraud increases. With the dynamic scam environment, accountants and auditors equally must stay up-to-date on fraudulence diagnosis so that auditing programs are sufficiently designed to meet the changing needs of forensic auditing. Therefore, because so many would agree, auditors must balance education and training to supply the best security to combat financial scam [9].

How is Scams and Forensic Auditing Different from a Traditional Audit?

With the development of the Sarbanes-Oxley Act of 2002, the auditing and accounting world was fired up its head. The Sarbanes-Oxley Work was a game-changer in scams detection. Before the Act, auditing companies were primarily self-regulated, which proved to be problematic [10]. Businesses, such as Arthur Anderson, demonstrated a lack of integrity conspired to commit fraudulence right along with the fraudulent companies. Therefore, Sarbanes-Oxley created the Public Company Oversight Panel (PCAOB) to provide more oversight and rules to the accounting occupation. In 2004, fraud cost the United States market $684 billion, twenty times the price tag on standard street criminal offense, further illustrating the value of a solid fraud detection system [11].

Although it may seem that scam and forensic auditing are nearly exactly like a regular audit, there are a few differences. Both scam and forensic audits and regular financial audits show the goal of detecting material misrepresentation of the financial assertions; however, fraud and forensic auditing can take auditing a step further. Fraudulence and forensic audits are at the mercy of stricter rules and guidelines and are mostly concerned with internal controls. They study audit paths for variances or deviations in strong interior control. Scams and forensic auditors tend to be referred to as one part accountant, one part attorney, one part detective, and completely professional. These auditors must have the ability to prove almost all their findings. Scam and forensic auditors rely on the utilization of methodology furniture to show flows of ventures and examine deviations. They need to have a lot detail, because they may have the burden of evidence to provide evidence to juries of non-accountants. Therefore, the data must be layed out in lay conditions and must be beyond a reasonable uncertainty [11].

Even though there are differences between a normal audit and a fraud or forensic audit, the scams and forensic auditor's work can greatly help financial accountants and auditors with their jobs. Sarbanes-Oxley Section 404 requires top management to sign-off and become accountable for all financial information, including inner control for his or her company. To the good thing about traditional auditors, scams and forensic audits assure the application of Section 404. Because fraudulence and forensic auditors ensure such levels of detail in inside handles, financial auditors can easier understand the entity's inner control framework and better design audit techniques to detect threat of material misstatement in the financial assertions. This greatly reduces the quantity of time in planning the audit and allows the financial auditors more time to design further audit steps that will be more responsible to determine the risk of material misstatement [11].

Computers and Forensic auditing

Role of Computer Forensics

Due to the increase of potential fraud, especially with computers being employed by individuals and atlanta divorce attorneys company on a day-to-day basis, forensic auditing and accounting has become an essential requirement in dealing with these obstacles. One way of quickly and easily handling fraud and abuse circumstances is through computer matching and other various computer systems and techniques. And, due to the fact computer systems and online use add for some reason to almost every kind of criminal activity existing today, the information found is the main element to the id of the thieves behind these scam activities [12].

Computer forensics is the primary source of examining research during investigations because anything done on a network can be tracked and vital information can be captured. It's the notion of reconstructing happenings and completely analyzing all electronic data to provide accurate documentation and preserve the integrity of the data to effectively accuse or protect in a judge of rules. If computer forensics is not used appropriately, then any information found may not be admissible in judge. Which means that law enforcement officers must have an over-all knowledge of computer forensics in order to properly utilize evidence and better understand how to recognize and handle information your computer may potentially have to assist in legal investigations [12, 13].

Two typical areas of computer forensics are to comprehend the potential proof they are looking for and to select the appropriate tools. Offences involving a computer can range between identity robbery to damage of intellectual property, so it is important to know what kind of research to be looking for in the research. To prevent any further harm to the files, it is important to know how to recuperate the info that might have been deleted or tampered with by way of a criminal [13].

A forensic auditor's tool equipment will consist of a number of tools and programs necessary for recovering data, disassembling some type of computer circumstance, or taking images. A few examples of tools in the toolkit include physical tools of an screwdriver and pliers, archive press, and a digital camera and software and applications including drive wiping, disk imaging, hash computations, search utilities, file and data recovery, file taking a look at, and password breaking [2].

A screwdriver and pliers are being used when having to disassemble the computer case to gain access to the hard drive. A type of archive marketing, recordable Dvd movie or CD-ROM, is utilized to copy and store the material of the hard drive and an electronic camera will be had a need to save images of the physical composition of the computer and anything that may need to be captured. Considering the applications and software, disk wiping ensures the hard disks are cleaned out and overwritten with binary information while disk imaging creates a bit-stream backup retaining the hard drive's information. Hash computations are being used to verify that the foundation and destination files have the same 32-little bit hash value. Auditors then seek out text message strings and use EnCase to recuperate and view files and data [2].

Two applications, digital evaluation and data query models, have the precise purpose of discovering fraud. Digital research uses Benford's Law, which is an exponential distribution based on the first digit of by natural means occurring numbers that not take place in a collection pattern. Telephone numbers and zip codes do have a structure and therefore can't be used; however, invoice amounts and mixture interest do not have recurring patterns and could be used. Benford's Legislation helps IT auditors find fraud by looking at the expected rate of recurrence distributions with the discovered consistency distributions. Data query models compare computer aided audit strategy results with other information obtained during the audit, ensuring the evidence is practical and facilitates assertions made [2].

Not only can computer forensics be utilized to accuse criminals, but it can be used to uncover evidence thought to have been removed in cases including the Enron scandal. Despite the initiatives of employees and many financial institutions to mislead buyers, internal e-mails, thought to have been deleted, resulted in suspicions of lending options and then the investigations of the real numbers Enron must have been confirming. Anything saved, opened or viewed on the computer is once and for all recorded anywhere. Unless it is properly overwritten, it is with the capacity of being found and restored. When McKesson, Inc. obtained HBO & Inc. and company auditors found irregularities in their accounting documents. A detailed audit using computer forensic tools recovered several deleted messages and documents removed which were part of an effort to hide HBO's falsification of the catalogs [14, 15].

Future of Computer Forensic Technology

Cyber-forensics is becoming more important and will be extremely important in the near future because pcs and the net are the fastest growing technology tools employed by criminals. These cybercrimes and white back of the shirt crimes have grown to be well-liked by criminals due to high profit produces and low risk of conviction and sentencing if caught. Computer forensics will be as essential as an officer's handcuffs or radio. The truth is that so many varieties of communication, bank, shopping, and sociable networking take place online, so by natural means, it has become the perfect place for criminals to be involved [13].

Another approaching use of information technology is the application of business intelligence with computer systems. Business cleverness is a means of extracting information and studying it through various tools. The information that is analyzed helps detect fraud through the use of patterns and functions as a guide to investigations [16].

Investigations remain led by cops and investigators, however the use of computers and computer technology aid procedures and allow for more in depth searches, the capability to evaluate relevant information, and provide the capability of tracing or retrieving documents from computer sites considering that much of fraud created today stems from online activity [16].

Future of Forensic Auditing

Trends in Forensic Auditing

Forensic auditing increased its occurrence in the auditing environment mostly due to the scams scandals of companies like Enron and WorldCom in 2002. Immediately afterwards the Auditing Requirements Board (ASB) approved a new standard, No. 99, to be able to more obviously specify the financial auditors' responsibility regarding the detection of scams [17]. However, because financial audits aren't designed to identify fraud, they can not be relied upon to discover it at any significant level. That is shown in a statistic around ten and twelve percent of most fraud detected is accredited to financial auditors [18]. For this reason lack of fraudulence diagnosis in financial auditing, a growing need for forensic auditing has arisen along with a rise in fraud education and training in all different regions of auditing.

Even before the Sarbanes-Oxley Act (SOX) of 2002, accounting students didn't have enough ethics or fraudulence training. Without students having that training or education, a whole lot of difficulty arose in the industry in recognizing fraudulence [17]. However, after many deceptive scandals and the passage of SOX, fraudulence and ethics training has been an essential part of every accounting student's education. These reforms resulting from SOX have specifically brought to light a number of areas where auditing organizations have been poor. A shortage or lack of staffing and experience of employees employed in audit companies are some of the poor areas that resulted in a positive style in the training of auditors. Due to auditing companies having to meet regulatory requirements and the actual fact that baby boomers are actually retiring, demand for auditors is high. Along with trained in ethics, risk management, and financial statement examination, forensic accounting is progressively being taught and offered in accounting higher education to be able to meet marketplace needs with such a higher demand for auditors [20].

Not only are components of forensic auditing being permeated into financial auditing in general, but also they are finding their way into specific areas of auditing such as interior auditing. Approaches, techniques, and targets that inner auditors use are quite a lot like those forensic auditors use, which paves a means for scams investigations to become more an integral part of inside auditing now and in the foreseeable future. Historically, internal auditors have just been involved with fraud investigations following the fact: to examine the break down of internal control buttons that resulted in the fraud and to provide recommendations to avoid it from taking place in the future [19]. However, companies are now looking to interior auditors to have significantly more of a job in fraudulence investigations. With no need to hire external resources for every fraud investigation, there's a prospect of high cost savings in the foreseeable future. However, when investigations come up where a a lot more in depth knowledge and experience in forensic auditing is needed, failing woefully to outsource for higher trained resources can become more costly over time because of a poorly carried out or failed investigation [19].

Careers in Forensic Auditing

In the forensic auditing field there aren't only specific forensic auditing careers, but also opportunities to use forensic auditing techniques to every area of auditing as afore talked about. One doesn't have to be always a forensic auditor to be trained in and use the same techniques. In the large firms, like the top Four CPA Organizations, there are particular occupations for auditors to execute fraud audits. They can be called in individually from an gross annual audit team if there is a predication of scams inside a company [17]. However, in smaller organizations where there isn't as much personnel or method of having a separate forensic department, you have the potential for financial statement auditors to be more experienced and been trained in fraudulence audits [17].

Another kind of job in auditing that we have mentioned previously is in the cyber-forensics or computer forensics field. That is a relatively new field in auditing as it has only been with us within the last 2 decades and mostly within the last ten years, but the one which is rapidly growing. There's a limited amount of cyber-forensics being shown in higher education credited to it being learned relatively recent, but as of this moment there is a greater need for it than ever before. With the surge in the digital world and it, auditors are becoming more reliant on information technology and digital information in doing audits and investigating fraudulence. These components have grown to be critical in forensic auditing [18].

Along with forensic auditing or elements of it being grafted into higher education in accounting degrees, there are also lots of certifications that may be accomplished or are required in order to really have the training and experience that auditing businesses would like in their employees. First, accounting programs for the most part prepare students to be always a Certified General public Accountant (CPA) by training them designed for the CPA exam [18]. Other specific accreditations are a qualified Information Systems Auditor (CISA) and a Certified Information Systems Security Professional (CISSP), both of which are helpful for jobs in computer forensics [18]. Particular certifications that forensic auditors can obtain which can only help them take specific routes within forensic auditing are a Certified Internal Auditor (CIA), a Certified Government Auditing Professional (CGAP), or a qualified Financial Services Auditor (CFSA) [21].


Fraud and forensic auditing will continue to impact businesses in the future. Companies should ensure that their scam practices are keeping up with emerging technologies. As technology has advanced before thirty years, so have incidences of scams. Thus, as we have seen the complexity of scams and forensic audit techniques have greatly better. Computer forensics has widened the capabilities of these techniques and will continue to grow in importance as a result of continuing growth in technology. Scams and forensic auditors are becoming more educated and trained in scam and forensic auditing which will improve the amount of fraud uncovered. Overall, scams and forensic auditing is essential to properly utilizing facts in a court of legislations.

Also We Can Offer!

Other services that we offer

If you don’t see the necessary subject, paper type, or topic in our list of available services and examples, don’t worry! We have a number of other academic disciplines to suit the needs of anyone who visits this website looking for help.

How to ...

We made your life easier with putting together a big number of articles and guidelines on how to plan and write different types of assignments (Essay, Research Paper, Dissertation etc)