Forensic and Investigative Accounting

Slides:



Advertisements
Similar presentations
Security and Control Soetam Rizky. Why Systems Are Vulnerable ?
Advertisements

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems
Control and Accounting Information Systems
ITAuditing Using GAS & CAATs
AUDITING CHAPTER 7 Audit Process & Detecting Fraud By David N. Ricchiute.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Computer Forensics By: Stephanie DeRoche Benjamin K. Ertley.
Agenda COBIT 5 Product Family Information Security COBIT 5 content
Auditing Computer-Based Information Systems
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
We’ve got what it takes to take what you got! NETWORK FORENSICS.
BACS 371 Computer Forensics
The Islamic University of Gaza
Security Controls – What Works
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
IS Audit Function Knowledge
Pertemuan 7-8 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
AUDITING INFORMATION TECHNOLOGY USING COMPUTER ASSISTED AUDIT TOOLS AND TECHNIQUES.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
The Information Systems Audit Process
Forensic and Investigative Accounting Chapter 2 Forensic Accounting Education, Institutions, and Specialties © 2007 CCH. All Rights Reserved W. Peterson.
Chapter 4 Internal Controls McGraw-Hill/Irwin
Who Watches the Watchers Tyler Hamilton Marissa Kaprow Jeff Reifeiss.
Auditing for Security Management By Cyril Onwubiko Network Security Analyst at COLT Telecom Invited Guest Lecture delivered at London Metropolitan University,
Proving Your Case - Computer Security Terrence P. Maher Abrahams Kaslow & Cassman
Evolving IT Framework Standards (Compliance and IT)
Chapter 3 Internal Controls.
What is FORENSICS? Why do we need Network Forensics?
Security in Practice Enterprise Security. Business Continuity Ability of an organization to maintain its operations and services in the face of a disruptive.
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #6 Forensics Services September 10, 2007.
CMGT400 Intro to Information Assurance and Security (University of Phoenix) Lecture, Week 5 Tom Olzak, MBA, CISSP.
Chapter Three IT Risks and Controls.
Considering Internal Control
Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.
Everyone’s Been Hacked Now What?. OakRidge What happened?
Chapter 1: Accounting Information Systems and the Accountant
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 Computer Forensics Data Recovery and Evidence Collection September.
Advanced Accounting Information Systems Day 20 Control and Security Frameworks October 9, 2009.
Everyone’s Been Hacked Now What?. OakRidge What happened?
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
1 Policy Types l Program l Issue Specific l System l Overall l Most Generic User Policies should be publicized l Internal Operations Policies should be.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.
AUDIT IN COMPUTERIZED ENVIRONMENT
Advanced Accounting Information Systems Day 19 Control and Security Frameworks October 7, 2009.
Chapter 9: Introduction to Internal Control Systems
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
IS 630 : Accounting Information Systems Auditing Computer-based Information Systems Lecture 10.
Chapter 1 Introduction to Professional Research. Learning Objectives Importance of research to professional accountants Importance of research to professional.
TMS - Cooperation partner of TÜV SÜD EFFECTIVE SERVICE MANAGEMENT based on ISO/IEC & ISO/IEC
Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
Chapter 3-Auditing Computer-based Information Systems.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
Forensic and Investigative Accounting Chapter 13 Computer Forensics: A Brief Introduction © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago,
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
Lecture 5 Control and AIS Copyright © 2012 Pearson Education 7-1.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
IT Audit for non-IT auditors Cornell Dover Assistant Auditor General 31 March 2013.
Chapter 9 Control, security and audit
Securing Information Systems
Forensic and Investigative Accounting
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

Forensic and Investigative Accounting Chapter 13 Investigation of Electronic Data: A Brief Introduction © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085 1 800 248 3248 www.CCHGroup.com

Definition of Computer Forensics Computer forensics is the analysis of electronic data and residual data for the purposes of its recovery, legal preservation, authentication, reconstruction, and presentation to solve or aid in solving technology-based crimes. Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting Digital Forensics Digital forensics is the investigation of all electronic devices such as cell phones, Blackberries, and iPods as well as computers to meet all the collection and preservation goals of computer forensics. Chapter 13 Forensic and Investigative Accounting

SAS No. 99 Guidelines for Testing Digital Data SAS No. 99 states: In an IT environment, it may be necessary for the auditor to employ computer-assisted audit techniques (for example, report writers, software or data extraction tools, or other system-based techniques) to identify the journal entries or other adjustments to be tested. Chapter 13 Forensic and Investigative Accounting

IT Guidelines under COSO Framework Guidelines have been established for these areas: Internal control environment Objective setting Event identification Risk assessment Risk response Control activities Information and communication Monitoring Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting COBIT’s Goals COBIT’s goals are to set control objectives for IT compliance using a strategic planning perspective and at the same time to outline, in detail, the proper procedures to be followed for specific compliance measures. Chapter 13 Forensic and Investigative Accounting

ISO/IEC 1799:2005 Information Technology – Security Techniques Guidelines published by the International Organization for Standardization and used as standardization for security. They include standards for security policy; the organization of information security; asset management; human resources security; physical and environment security; communication management; access controls; information acquisition; incident management; continuity management; and compliance Chapter 13 Forensic and Investigative Accounting

Technical Skills for Digital Evidence Collection Necessary skills are based on the following requirements: Understanding of various operating systems Quickly identifying pertinent digital data Properly preserving data Properly securing data Properly collecting data Maintaining a proper chain of custody Chapter 13 Forensic and Investigative Accounting

Forensic Investigative Tools Imaging software: EnCase SafeBack Data extraction or data mining software: ACL Data Extraction and Analysis (IDEA) Chapter 13 Forensic and Investigative Accounting

Data Mining Strategies Link Analysis: Identify correlations in the database Case Base Reasoning: Associations with past data Sequence Analysis: Relationships based on timelines Cluster Analysis: Separating groups into their distinctive characteristics Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting Zipf’s Law Uses frequency distributions to identify anomalies that may be an indicator of financial fraud. Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting Audit Trails Computer logs found in software such as PeopleSoft and SAP can be used to trace the activities of employees to determine if they are following unauthorized policies that may be an indicator of fraudulent activity. Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting Log Parsers Log Parsers are utility programs that allow the investigator to be able to format raw log entries into a format that is useful for an investigation. Chapter 13 Forensic and Investigative Accounting

Forensic and Investigative Accounting Conclusions Expanded methods to standardize security policies are being made in an attempt ot make it more difficult for cybercrimes to attack the financial databases of companies. The passage of time will determine the success of these methods. Chapter 13 Forensic and Investigative Accounting

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.