4Ed_CCH_Forensic_Investigative_Accounting_Ch13

4Ed_CCH_Forensic_Investigative_Accounting_Ch13 - Forensic...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Forensic and Investigative Accounting Forensic Chapter 13 Investigation of Electronic Data: A Brief Introduction © 2009 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085 1 800 248 3248 www.CCHGroup.com Definition of Computer Forensics Computer forensics is the analysis of electronic Computer data and residual data for the purposes of its recovery, legal preservation, authentication, reconstruction, and presentation to solve or aid in solving technology-based crimes. solving Chapter 13 Forensic and Investigative Accounting 2 Digital Forensics Digital Digital forensics is the investigation of all Digital electronic devices such as cell phones, Blackberries, and iPods as well as computers to meet all the collection and preservation goals of computer forensics. Chapter 13 Forensic and Investigative Accounting 3 SAS No. 99 Guidelines for SAS Testing Digital Data Testing SAS No. 99 states: In an IT environment, it may be necessary In for the auditor to employ computer-assisted audit techniques (for example, report writers, software or data extraction tools, or other system-based techniques) to identify the journal entries or other adjustments to be tested. be Chapter 13 Forensic and Investigative Accounting 4 IT Guidelines under COSO Framework Guidelines have been established for these areas: 1. Internal control environment 2. Objective setting 3. Event identification 4. Risk assessment 5. Risk response 6. Control activities 7. Information and communication 8. Monitoring Chapter 13 Forensic and Investigative Accounting 5 COBIT’s Goals COBIT’s goals are to set control objectives COBIT’s for IT compliance using a strategic planning perspective and at the same time to outline, in detail, the proper procedures to be followed for specific compliance measures. for Chapter 13 Forensic and Investigative Accounting 6 ISO/IEC 1799:2005 Information Technology – Security Techniques Technology Guidelines published by the International Guidelines Organization for Standardization and used as standardization for security. They include standards for security policy; the organization of information security; asset management; human resources security; physical and environment security; communication management; access controls; information acquisition; incident management; continuity management; and compliance compliance Chapter 13 Forensic and Investigative Accounting 7 Technical Skills for Digital Technical Evidence Collection Evidence Necessary skills are based on the following Necessary requirements: requirements: 1. Understanding of various operating systems 2. Quickly identifying pertinent digital data 3. Properly preserving data 4. Properly securing data 5. Properly collecting data 6. Maintaining a proper chain of custody Chapter 13 Forensic and Investigative Accounting 8 Forensic Investigative Tools Imaging software: EnCase SafeBack Data extraction or data mining software: ACL Data Extraction and Analysis (IDEA) Chapter 13 Forensic and Investigative Accounting 9 Data Mining Strategies Data Link Analysis: Identify correlations in the Link database database Case Base Reasoning: Associations with Case past data past Sequence Analysis: Relationships based on Sequence timelines timelines Cluster Analysis: Separating groups into Cluster their distinctive characteristics their Chapter 13 Forensic and Investigative Accounting 10 Zipf’s Law Zipf’s Uses frequency distributions to identify Uses anomalies that may be an indicator of financial fraud. financial Chapter 13 Forensic and Investigative Accounting 11 Audit Trails Audit Computer logs found in software such as Computer PeopleSoft and SAP can be used to trace the activities of employees to determine if they are following unauthorized policies that may be an indicator of fraudulent activity. activity. Chapter 13 Forensic and Investigative Accounting 12 Log Parsers Log Log Parsers are utility programs that allow Log the investigator to be able to format raw log entries into a format that is useful for an investigation. Chapter 13 Forensic and Investigative Accounting 13 Conclusions Conclusions Expanded methods to standardize security Expanded policies are being made in an attempt ot make it more difficult for cybercrimes to attack the financial databases of companies. The passage of time will determine the success of these methods. Chapter 13 Forensic and Investigative Accounting 14 ...
View Full Document

This note was uploaded on 03/23/2010 for the course ACC_ 01 taught by Professor Zeegal during the Fall '10 term at Missouri State University-Springfield.

Ask a homework question - tutors are online