Because computers lie at the heart of most organizations’ accounting information systems today, the topic of computer fraud is of special importance to auditors. Although the objectives of the fraud are the same—misappropriation of assets—the techniques used to commit computer fraud vary greatly. We saw in a previous section of this chapter that fraud loss estimates for 2008 exceed $990 billion. How much of this can actually be traced to computer fraud is difficult to say. One reason for uncertainty is that computer fraud is not well defined. For example, we saw in the ethics section of this chapter that some people consider coping commercial computer software to be neither unethical nor illegal. On the other side of this issue, software vendors consider such acts to be criminal. Regardless of how narrowly or broadly computer fraud is defined, most agree that it is a rapidly growing phenomenon. For our purposes, computer fraud includes the following:
The theft, misuse, or misappropriation of assets by altering computer-readable records and files.
• The theft, misuse, or misappropriation of assets by altering the logic of computer software.
• The theft or illegal use of computer-readable information.
• The theft, corruption, illegal copying, or intentional destruction of computer software.
• The theft, misuse, or misappropriation of computer hardware.
The general model for accounting information systems , conceptually, the key stages of an information system. Each stage in the model—data collection, data processing, database management, and information generation—is a potential area of risk for certain types of computer fraud.( Information Technology Auditing and Assurance, Third Edition, James A. Hall page 601)
Fraud Losses by Education
Frauds committed by high school graduates averaged only $100,000, whereas those with bachelor’s degrees averaged $210,000. Perpetrators with advanced degrees were responsible for frauds with a median loss of $550,000.
Fraud Losses by Gender
The median fraud loss per case caused by males ($250,000) was more than twice that caused by females ($110,000).
Indeed the opportunity factor explains much of the financial loss differential in each of the demographic categories presented in the ACFE study:
• Position. Individuals in the highest positions within an organization are beyond the internal control structure and have the greatest access to company funds and assets
Gender. Women are not fundamentally more honest than men, but men occupy high corporate positions in greater numbers than women. This affords men greater access to assets.
• Age. Older employees tend to occupy higher-ranking positions and therefore generally have greater access to company assets.
• Education. Generally, those with more education occupy higher positions in their organizations and therefore have greater access to company funds and other assets.
• Collusion. One reason for segregating occupational duties is to deny potential perpetrators the opportunity they need to commit fraud. When individuals in critical positions collude, they create opportunities to control or gain access to assets that otherwise would not exist. ( Information Technology Auditing and Assurance, Thir