Fraud and Information Technology Audit
Red Flags Present That Suggest the Possibility of Fraud
The lack of detailed testing by the company due to accelerated growth is a red flag and a possible opportunity for fraud. The lack of detail means that there are areas not adequately covered since some hitches would be overlooked. A new system is likely to have some minor hiccups that could prove detrimental to the overall system. The assumption that the company employees would highlight any discrepancies is an oversight.
The fact that the IT manager has access to the software that is not adequately tested is a fraud opportunity. A gambling history means that the IT manager has money problems. The fraud opportunity thus is facilitated out of a pressure/need for extra money to promote the managers’ lifestyle. The manager has access to both the development and operation aspects of the software. As a result, the increase in their pay is made possible.
Impact of the Fraud on Financial Statements
The manager commits financial fraud. It involves an action taken illegally with the intent of self-gain (“Fraud and Financial Crimes – FindLaw”, 2020). The financial statements would be affected since the increase would be reflected. However, the management may not be in a position to adequately explain the increase since it would not be aware of it despite its reflection. The amount though small, would hugely reflect on the annual statements making a huge difference. Don't use plagiarised sources.Get your custom essay just from $11/page
The payroll account, for example, would be misstated. The IT manager changes the payroll amount of his pay before the payroll department starts operating the new system. The bank financial statements would also be overdrawn by 208dollars every month. The payroll department is in charge of paying salaries. However, since the software is not adequately tested before use, the manager is highly likely to get his first paycheck without the payroll department noticing the fraud.
Detecting the Fraud
The detailed testing of the software would have eliminated chances of the salary increase fraud. Thoroughly testing the software would have covered the general and application aspects of the software. General controls that are weak affect application controls. In this case, access given to the IT manager at the development and operation level made it possible to access the payroll hence adjusting it. A thorough test would detect fraud at both the development and operation level. The fraud takes place at the operation level. An actual test on the development and operation would give a better view of the general and application aspects that are flawed. The use of artificial intelligence (machines) could also detect fraud (Goodnight, 2020). Machines can be set to automatically detect fraud within the parameters within which fraud is most likely in a company.
Recommendations
Thoroughly testing IT systems before the operation is essential. Giving restriction access to only authorized personnel is equally important. The IT manager having access to the payroll system is not necessary. Access should only be given to the payroll department. Safeguards should also be in place in case of a system breach. IT is not devoid of errors and possible violations. A sound system should factor in breach and error control. Fraud occurs as a result of a system breach that is not detected. System access control is a considerable component of breach control. Access to general and application aspects should thus involve an efficient clearance protocol. Periodically analyzing financial data would also deal with financial fraud (Tie, 2013), such as the one experienced by the company. Data analysis, therefore, is essential in detecting fraud.
References
Goodnight, J. (2020). 4 strategies that will change your approach to fraud detection. Retrieved 18 February 2020, from https://www.sas.com/en_us/insights/articles/risk-fraud/strategies-fraud-detection.html#/
Tie, R. (2013). Devil in the details: anti-fraud data analytics. Retrieved 18 February 2020, from https://www.fraud-magazine.com/article.aspx?id=4294976364