skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 68026 Find in a Library
Title: DETECTION AND DETERRENCE - A DOUBLE BARRELED ATTACK ON COMPUTER FRAUD
Journal: FINANCIAL EXECUTIVE  Volume:45  Issue:7  Dated:(JULY 1977)  Pages:36-41
Author(s): M ROMNEY
Date Published: 1977
Page Count: 6
Format: Article
Language: English
Country: United States of America
Annotation: THE ARTICLE DETAILS SEVERAL METHODS THAT FINANCIAL EXECUTIVES CAN USE TO DETER AND DETECT COMPUTER FRAUD, INCLUDING TESTING PROGRAMS DESIGNED ESPECIALLY FOR COMPUTERS.
Abstract: COMPUTER FRAUD INVOLVES LARGE AMOUNTS OF MONEY AND INCREASES STEADILY AS COMPUTER USAGE GROWS. ELECTRONIC DATA PROCESSING SYSTEMS ARE MORE VULNERABLE TO FRAUD THAN MANUAL OPERATIONS FOR MANY REASONS, INCLUDING THE HIGH CONCENTRATION OF RECORDS KEPT IN ONE SYSTEM AND THE ABILITY TO CHANGE PROGRAMS WITHOUT LEAVING ANY TRACES. INSTALLATIONS VICTIMIZED BY FRAUD USUALLY FAIL TO SEPARATE JOB FUNCTIONS OR FINANCIAL RECORDS, ALLOW EASY ACCESS TO THE SYSTEM, AND HAVE PROBLEMS WITH EMPLOYEE MORALE. TO DETER FRAUD, A SYSTEM SHOULD HAVE BUILT-IN AUDITING CONTROLS AND SEPARATION OF DUTIES AS PART OF THE DESIGN. PERSONNEL SHOULD BE CAREFULLY SCREENED BEFORE THEY ARE HIRED AND SHOULD BE EDUCATED ABOUT THE IMPORTANCE OF THEIR JOBS AND SECURITY. TOOLS TO IMPLEMENT PSYCHOLOGICAL CONTROLS ARE IDENTIFIED, SUCH AS SPECIFYING OWNERSHIP AND VALUE ON ALL PROGRAMS, SECURITY POSTERS, AND EMPLOYEE AGREEMENTS. ALL TRANSACTIONS SHOULD BE HANDLED BY PREDETERMINED PROCEDURES WITH PROGRAM CHANGES MADE ONLY UPON AUTHORIZATION OF TOP MANAGEMENT. ACCESS TO THE SYSTEM SHOULD BE STRICTLY CONTROLLED. AN INDEPENDENT AUDIT COMMITTEE COMPOSED OF OUTSIDE DIRECTORS TO WHOM THE INTERNAL AUDITORS REPORT DIRECTLY CAN BECOME A STRONG DETERRENT FORCE. THE COMPUTER AUDIT SHOULD REVIEW ALL ASPECTS OF THE SYSTEM FROM SECURITY PROCEDURES TO PROGRAM CHANGES. SEVERAL SOFTWARE AUDIT PACKAGES ARE AVAILABLE WHICH ALLOW THE PROGRAMMER TO AUDIT THROUGH THE COMPUTER RATHER THAN AROUND IT. THE INTEGRATED TEST FACILITIES (ITF), COBOL MISSED BRANCH INDICATOR (COMBI), TAGGING SYSTEMS, AND SYSTEM MANAGEMENT FACILITIES (SMF) ARE DESCRIBED. A NEW METHOD, DATA SENTINEL, WHEREBY COMPUTERS MONITOR ONE ANOTHER, IS DISCUSSED. (MJM)
Index Term(s): Audits; Computer crime prevention measures; Computer privacy and security; Computer related crime; Computer software
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=68026

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.