COBIT 5, Products and their Enablers - Week 2

-

 AYB115 WEEK 2 - COBIT 5, Products and their Enablers


"Policies, Principles and Frameworks for managing fraud risk are superfluous. All an organisation needs to do is to ensure their IT systems are well protected through Access Control measures. Everything else is just a waste of time and resources."



The idea of policies, principles and frameworks being superfluous is and that all that’s needed is protected IT systems through Access Control measures is completely incorrect. There’s no doubt that the security of IT systems is crucial in this day of age, it most definitely isn’t the sole protection against fraud.

 

Even though IT systems help prevent fraud from occurring there are factors that can potentially bypass up-to-date Access Control measures, the most prominent of them being the human factor. Fraud can easily occur within employee manipulation or collusion, which can bypass IT controls altogether. Detection and response mechanisms are also necessary in detecting potential fraud when it occurs and being able to appropriately respond to threats with fraud management frameworks that work beyond IT systems. Regulatory compliance is also made mandatory by regulatory bodies within the industry, and by using policies, principles and frameworks like COBIT-5 help companies meet compliance standards and mitigate them from coming into trouble with those industry bodies.

 

Fraud prevention is a holistic and multi-layered approach that encompasses other factors such as monitoring, employee training, internal controls such as policies, principles, and frameworks. It is recommended that companies should follow this holistic approach and use the fraud frameworks like COBIT-5 which further helps prevent fraud from occurring in harmony with physical prevention activities like IT systems and Access Control measures.


Comments

Post a Comment

Popular posts from this blog

IT Governance Frameworks - Week 1

-
Image
  AYB115 WEEK 1 - IT Governance Frameworks "Governance does not protect an organisation against fraud, bribery and corruption. Choosing ethical employees is the only way to prevent such crimes." I disagree that choosing ethical employees is the only way of preventing crimes such as fraud, bribery, and corruption. Governance most certainly has an influence on preventing these crimes as well, however governance severs a different role in preventing fraud in comparison to hiring ethical employees.   Ethical employees are a crucial part in preventing crimes relating to fraud, bribery, and corruption but it being the only factor is not enough. Even the most ethical employees can succumb to external pressures such as financial hardship or pressures within the company to meet certain deadlines or quotas. Moreover, sometimes it is not apparent in the hiring process what prospective employees’ motives are for the company, making it very difficult to solely rely of having ethical e
Read more

Criminal Fraud and the Law - Week 4

-
Image
 AYB115 WEEK 4 - Criminal Fraud and the Law “Boards of Directors and CEOs should not be accountable for their employee’s actions according to the law”. Discuss this in light of the findings of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry” The argument of the Board of Directors and CEOs being not accountable for their employee’s actions is very complicated and there are many different factors to consider when making up a conclusion. In most cases I would agree that the Board of Directors and CEOs should not be accountable for their employee’s actions, however, exceptions could be made to that opinion, especially after the find of the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry .   Within the Royal Commission it was found that some of the key issues such as companies charging fees for no services, misconduct in credit and banking, which stems from the overall investigation tha
Read more

Criminal Fraud and the Law - Week 5

-
AYB115 WEEK 5 - Criminal Fraud and the Law “It is not the forensic accountant’s role to determine whether the opposing party is guilty or innocent. Instead, it is their role to investigate the quantification of loss and damages to be paid to their client” I agree that forensic accountants should not determine whether the opposing party is innocent or guilty and should investigate the potential losses and damages that should be paid to the client using their expertise to provide an accurate financial analysis and potentially their expert opinion to assist within those legal proceedings.   Within the context of a civil law case, a forensic account may be required to give their expert opinion to calculate the losses and damages that must be paid out. Those two scenarios are in the case of a business valuation, and in lost profits.   In terms of the business valuation , a forensic accountant may be asked to provide their expert opinion where the damages awarded must be a lump sum a
Read more