Using Kerberos Integrated Windows Authentication Adapters

1. The three aspects of fraud - Perceived pressure, Rationalization, and Opportunity were present in the CIT case as follows:

Professional auditing standards discuss the three key “conditions” that are typically present when a financial fraud occurs and identify a lengthy list of “fraud risk factors.”

There are various procedures that could be taken in to account that would, if properly implemented, would have detected the frauds that occurred within the companies. There are many control risks that should have been taking regarding inventory along with preliminary audit strategies for the inventory and substantive test to be done that would have raised many flags during the typical audits as well as in depth ones.

Using your own organisation information to identify a specific area of data. Analyse the data and present your findings in a way that will assist an aspect of decision making in the area of data selected. Your analysis should be presented in a report covering:

17.Which of the following is probably the primary reason accountants should be concerned about computer crime and abuse?

All organizations are at risk of fraud, each with its own way of preventing it such as implementing specific policies, procedures, programs and training. However, preventive measures cannot guarantee that fraud will not be committed.

The organizations audit controls and internal controls must be reviewed and changed so that the fraud and misappropriation of funds can be handled and bring back the integrity of the company.

Information security controls include disk encryption for Servers with NPI data, encrypted backups, password protected databases,

Access control. Technical policies need to be created that permit access only to those individuals who have right to do so. For this purpose unique user identification is required. In case of emergency situation define who is allowed to access to PHI, rather than the person assigned originally. Automatic log-off, encryption, decryption are essential for protection PHI.

Fraudulent, erroneous, and illegal acts committed by a public company, usually at a managerial or executive level, have been a very serious problem for many years and have prompted development of strict and updated regulations, such as the Sarbanes-Oxley Act, in an attempt to prevent these occurrences. Unfortunately, these new or updated regulations are not enough to prevent these acts from happening, thus not alleviating the auditors of their responsibility to detect fraud. Some methods that management and auditors can employ to prevent and detect fraud, errors, and illegal acts are: improving knowledge, improving skills,

Identification of controls already in place – including policies, firewalls, applications, intrusion and detection prevention systems, virtual private networks, data loss prevention and encryption.

Internal controls provide a system of checks and balances intended to identify irregularities, prevent waste, fraud and abuse from occurring, and assist in resolving discrepancies that are accidentally introduced in the operations of the business. When consistently applied throughout, these policies and procedures assure that information technology resources are protected from a range of threats in order to ensure business continuity and maximize the return on

Reducing these three key aspects of fraud will reduce the act of fraud in a business

•Provide an example of a data integrity error that could occur if each of these types of input control were not in place.

The implementation of privilege access control, role-based access control and logical access control which all leverage on tackling insider threats, closely monitoring and managing all administrative activities performed on information systems. Their functionality is based on provision and denying of access to commands and items on the basis of authentication, identification and appropriateness.