|Home Published Material Sample Reports Leonard W. Vona CVClientsContact Us|
Fraud Risk Assessment
Our experience shows...
1. Macro Risk: Enterprise Wide Fraud Risk Assessment
Risk Assessment Methodology
The enterprise wide fraud risk assessment is designed to provide a comprehensive identification of all fraudulent activities facing an organization and linking the ownership and audit responsibility to the fraud risk. The purpose is to create a structure for establishing ownership, assessing the likelihood of fraud occurring, understanding the fraud impact and how the fraud risk will be managed. The enterprise wide assessment focuses on the internal control environment for assessing the likelihood of the fraud risk occurring. The fraud impact should be identified and understood. The organizational culture will determine if a quantitative or descriptive approach will be used to document the fraud impact. Management’s goal is to create a structure for managing the cost of fraud.
The business process fraud risk assessment is designed to identify specific fraud schemes at the business process level and link the specific internal control procedures to the fraud risk inherent to the process. The process wide assessment focuses on the internal control procedures, monitoring controls and the information and communication controls. Management’s goal is to arrive at the risk mitigation decision. The auditor’s goal while similar is intended to focus on the development of the audit program.
The fraud penetration assessment or the mega risk assessment is designed to identify the most likely location of a fraudulent transaction in a specific account, transaction type, and business location. The purpose is to develop a fraud audit program to locate and identify fraudulent activity before allegations of fraud are identified through a hotline, tip or through some unpredictable event. The goal is to locate fraudulent transactions in the core business system.
|Copyright © 2009 www.fraudauditing.com - All Rights Reserved.|