Chapter 5 – ‘Computer Fraud’ Flashcards
- Which of the following is a fraud in which later payments on account are used to pay off earlier payments that were stolen?
a. lapping
b. kiting
c. Ponzi scheme
d. salami technique
a. lapping (Correct.)
- Which type of fraud is associated with 50% of all auditor lawsuits?
a. kitting
b. fraudulent financial reporting
c. Ponzi schemes
d. lapping
b. fraudulent financial reporting (Correct. Attesting to fraudulent financial statements is the basis of a large percentage of lawsuits against auditors.)
- Which of the following statements is FALSE?
a. The psychological profiles of white-collar criminals differ from those of violent criminals.
b. The psychological profiles of white-collar criminals are significantly different from those of the general public.
c. There is little difference between computer fraud perpetrators and other types of white-collar criminals.
d. Some computer fraud perpetrators do not view themselves as criminals.
b. The psychological profiles of white-collar criminals are significantly different from those of the general public. (Correct. This is false; the psychological profile of white-collar criminals is similar to that of the general public.)
- Which of the following conditions is/are usually necessary for a fraud to occur? (See the Fraud Triangle in Figure 5-1.)
a. pressure
b. opportunity
c. explanation
d. rationalization
a. pressure (Correct.)
b. opportunity (Correct.)
c. explanation
d. rationalization (Correct.)
- Which of the following is NOT an example of computer fraud? (See the “Computer Fraud Classifications” section of the chapter.)
a. theft of money by altering computer records
b. obtaining information illegally using a computer
c. failure to perform preventive maintenance on a computer
d. unauthorized modification of a software program
c. failure to perform preventive maintenance on a computer (Correct. This is poor management of computer resources, but it is not computer fraud.)
- Which of the following causes the majority of computer security problems?
a. human errors
b. software errors
c. natural disasters
d. power outages
a. human errors (Correct. The Computing Technology Industry Association estimates that human errors cause 80% of security problems. These unintentional acts usually are caused by human carelessness, failure to follow established procedures, and poorly trained or supervised personnel.)
- Which of the following is NOT one of the responsibilities of auditors in detecting fraud according to SAS No. 99?
a. evaluating the results of their audit tests.
b. incorporating a technology focus.
c. discussing the risks of material fraudulent misstatements.
d. catching the perpetrators in the act of committing the fraud.
d. catching the perpetrators in the act of committing the fraud. (Correct. SAS No. 99 does not require auditors to witness the perpetrators committing fraud.)
- Which of the following control procedures is most likely to deter lapping?
a. encryption
b. continual update of the access control matrix
c. background check on employees
d. periodic rotation of duties
d. periodic rotation of duties (Correct. Lapping requires a constant and ongoing cover-up to hide the stolen funds. Rotating duties such that the perpetrator does not have access to the necessary accounting records will most likely result in the fraud’s discovery.)
- Which of the following is the most important, basic, and effective control to deter fraud?
a. enforced vacations
b. logical access control
c. segregation of duties
d. virus protection controls
c. segregation of duties (Correct. Segregating duties among different employees is the most effective control for the largest number of fraud schemes, because it makes it dif- ficult for any single employee to both commit and conceal a fraud.)
- Once fraud has occurred, which of the following will reduce fraud losses? (Select all correct answers.)
a. insurance
b. regular backup of data and programs
c. contingency plan
d. segregation of duties
- Once fraud has occurred, which of the following will reduce fraud losses? (Select all correct answers.)
a. insurance (Correct. The right insurance will pay for all or a portion of fraud losses.)
b. regular backup of data and programs (Correct. Regular backup helps the injured party
recover lost or damaged data and programs.)
c. contingency plan (Correct. A contingency plan helps the injured party restart opera-
tions on a timely basis.)