Guidelines for Investigation. 2 Investigation of computer related frauds - Outline Reasons Ways of committing frauds Prevention Aids for investigation.

Slides:

Advertisements

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Advertisements

©Centrepoint Management Services Ltd, 2007 Introducing the VIEWpoint Videotex System.

Web Plus Overview Division of Cancer Prevention and Control National Center for Chronic Disease Prevention and Health Promotion CDC Registry Plus Training.

Guidelines for Inspection of Computerized Offices.

Chapter 2 Skimming.

Investigation in Computerised Environment. Causes for fraud in computerised environment Lack of technical knowledge at supervisory level Improper exercise.

Module 10: Troubleshooting Network Access. Overview Troubleshooting Network Access Resources Troubleshooting LAN Authentication Troubleshooting Remote.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Managing Information Systems Information Systems Security and Control Part 2 Dr. Stephania Loizidou Himona ACSC 345.

MIS and interpreting data. What is MIS?- A management information system (MIS) provides information that is needed to manage an organization efficiently.

Maintaining and Updating Windows Server 2008

Department Of Computer Engineering

Managing a computerised PO Operating environment 1.

Network security policy: best practices

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Chapter 14 Network Management Business Aspects Architectures Technology.

Virtual Memory Tuning   You can improve a server’s performance by optimizing the way the paging file is used   You may want to size the paging file.

EPayment ePayment Introduction It is the process of electronic transfer of bill data between booking and payment office Department of Post collects.

Introduction to Business Organisations

WHAT Exam Practice WHY All MUST Most SHOULD Some COULD Be able to understand the requirements of the exam to achieve a grade D Be able to understand the.

Preview of AVM-2000 Electronic Signatures Function Add signatures to documents such as 337’s, 8130’s, Log Book Stickers, Work Order and Invoice RTS Statements.

Maintaining a Microsoft SQL Server 2008 Database SQLServer-Training.com.

Managing Computerised Offices Operating environment

The Islamic University of Gaza

Inspection of Computerized Offices. Objectives Correctness of implementation Effectiveness of computerized operations Preventive vigilance.

February 2007 Commercial Vehicle Drivers Hours of Service Module 24: Daily Log Audits.

Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.

DATABASE UTILITIES. D ATABASE S YSTEM U TILITIES In addition to possessing the software modules most DBMSs have database utilities that help the DBA in.

Inspection of Computerized Offices. Objectives  Correctness of implementation  Effectiveness of computerized operations  Preventive vigilance.

Loss & Fraud Cases and Investigation. Why Fraud Cases ? Non-observance rules and procedures Negligence Over dependency on sub-ordinates Laxity in Supervision.

Installation and configuration of Speednet in SPC

Security Architecture

FCS - AAO - DM COMPE/SE/ISE 492 Senior Project 2 System/Software Test Documentation (STD) System/Software Test Documentation (STD)

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.

DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.

2007 NAGRA Annual Conference June 10-13, 2007 Electronic Bingo Card-minding Devices.

Understanding the IT environment of the entity. Session objectives Defining contours of financial accounting in an IT environment and its characteristics.

S4: Understanding the IT environment of the entity.

1 IT420: Database Management and Organization Database Security 5 April 2006 Adina Crăiniceanu

Module 14 Monitoring and Optimizing SharePoint Performance.

Jamie Lyle (Cpsc 620) December 6, Overview  Logic Bombs  The story of Roger Duronio and UBS PaineWebber  Defenses against logic bombs.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

Workshop on Speed Post – Cash on Delivery Scheme 29/08/20121CEPT Mysore.

Student Attendance System Requirement Analysis Presentation.

Database Administration

SMS Software Distribution. Overview  Explaining How SMS Distributes Software  Managing Distribution Points  Configuring Software Distribution and the.

Module 8: Managing Software Distribution. Collections Packages Programs Advertisements Collections Packages Programs Advertisements How Software.

Information Systems Unit 3.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 1 Security Architecture.

The world leader in serving science Overview of Thermo 21 CFR Part 11 tools Overview of software used by multiple business units within the Spectroscopy.

TrainingRegister® Training Management Software Maintain Permanent Training Records for Each Individual Monitor and Track Required Training Know Who Needs.

ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.

DETAILED FTO PROCESSING PROCEDURE AT HEAD/SUB OFFICES

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

The world leader in serving science OMNIC DS & Thermo Security Administration 21 CFR Part 11 Tools for FT-IR and Raman Spectroscopy.

1 Chapter Overview Monitoring Access to Shared Folders Creating and Sharing Local and Remote Folders Monitoring Network Users Using Offline Folders and.

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

Unit 9 ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 2/17/2016 Instructor: Williams Obinkyereh.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Maintaining and Updating Windows Server 2008 Lesson 8.

1. F1 Section D: Specific functions of accounting & internal financial control D1. Accounting & finance functions within business D3. Internal financial.

6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.

Blackboard Security System

Architecture Review 10/11/2004

Chapter 14 Network Management

Get to know SQL Manager SQL Server administration done right

LAND RECORDS INFORMATION SYSTEMS DIVISION

Unit 27: Network Operating Systems

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

Guidelines for Investigation

2 Investigation of computer related frauds - Outline Reasons Ways of committing frauds Prevention Aids for investigation Down side Legal issues Guidelines for investigation

3 Reasons Breach of security protocol Improper usage of passwords Improved level of access – physical, software Lack of technical knowledge at supervisory level Multi tasking by single person

4 Ways of committing frauds Parallel package Point of sale – booking of articles having prefixed stamps Sanchay Post – access to database through SQL Sanchay Post- access through ‘Data entry’ module Meghdoot - access to database through SQL Unauthorised access to server (esp. thru wireless connectivity)

5 Prevention Effective Monitoring Proper inspections Vigilant administration Low tolerance for breach of security related issues

6 Aids for investigation Audit trail in the software –Operating system –SQL –Meghdoot –Sanchaya

7 Downside Deleted data Multiple usage of operator Universal knowledge of passwords Lack of technical/application knowledge amongst inspectorial staff Electronic evidence Legal issues

8 Fixing of responsibility –Primary –Secondary Software user-ids linkage to charged officials Memo of Distribution of Work Secrecy of password

Collection of Material Evidence Initial enquiries - the usual way Indications of fraud - material evidence in the form of shift reports etc should be collected Take back up of all databases in the presence of administrator and head of office Search office for CD’s/floppies containing data and take possession of the same. Check the material contained in them for a clue to the modus operandi

Security Environment Examine the security environment of the office List out the names of officials concerned and make enquiries with them Whether supervisor allowed operators to use his pass word Whether administrator password is known to operators Whether password policies are enforced through the system

Modus Operandi See whether any programming software are installed and running. Get the help of the administrator or any other specialist as to the function of such software. Whether the accused has access to any systems both in the office and also outside software with which the frauds were committed in these systems also; Whether the accused owns a system and whether it is possible for him to misuse the departmental applications using his/her system

Scope of the Fraud Check all the articles posted on that day/received for delivery on the day with the relevant reports and see whether there are any indications as to fraud Collect receipts from customers and check with office records Whether receipts are generated through authorised offices only Check whether receipts collected are in the form supplied to the office Check the log on pattern of the user Check the log files generated in administrator access

Clues from System Administrator  Check the login pattern of the user - whether user was logging in at a time he/ she has not been assigned any work like beyond counter hours/ on holidays etc. Take a back up of all such log files.  The administrator’s option generates log files of changes to tariff and other items made by the supervisor; check whether there are any indications in this log. Check whether frauds committed by manipulating the database Check the version software installed

Case Study Exercise