Reflective Thinking Task
– Blog #3
I
disagree with the statement that the Australian Standard 8001-2008 is only
relevant to large organisations. Section
1.2 of this Fraud and Corruption Control
Standard specifically states that
it is intended to apply to all entities operating with Australia including
small to medium sized enterprises (SMEs), (AS
8001-2008). According to Best,
Rikhardsson and Toleman, the standard recommends “the development of systems for targeted post-transactional review and
strategic use of computer systems including effective data mining and real-time
transaction assessment to identify suspect fraudulent transactions”, (2009).
In
my experience in working in a small to medium sized enterprise, the
recommendations made by this standard would be a beneficial business
investment. The software company relies
heavily upon information systems for day-to-day business activities and
currently has no fraud prevention/detections procedures. This standard allows businesses, like the
company I am working for, to adapt through its four step fraud control
structure:
-
Planning
and resourcing
-
Prevention
-
Detection
-
Response.
AS
8001-2008 recommends that entities should consider the following factors in
relation to their organisations characteristics before adopting the standard:
-
Size
-
Turnover
-
Business
diversity
-
Geographic
spread
-
Reliance
on technology
-
Industry,
(AS 8001-2008).
I
would recommend that small to medium sized enterprises apply the above to
determine which relevant parts of the standard are applicable to the
organisations structure, (AS 8001-2008).
SMEs
are not exempt from the risks associated with fraud, and therefore must remain
active in the on-going prevention and detection procedures. It is therefore important that SMEs invest in
such procedures to ensure the longevity of either organisations.
References
Best,
P.J., Rikhardsson, P., Toleman, M. (2009). Continuous Fraud Detection in
Enterprise Systems through Audit Trail Analysis. The Journal of Digital Forensics, Security and Law: JDFSL. 4(1),
39-60. Retrieved from http://search.proquest.com.ezp01.library.qut.edu.au/docview/743860117/abstract/ED6BE9F6EC834EC5PQ/1?accountid=13380
Australia
Standard. (2008). Fraud and Corruption Control. (AS 8001-2008). Retrieved from https://www.saiglobal.com/PDFTemp/Previews/OSH/AS/AS8000/8000/8001-2008.pdf
Useful Links
Check
out this article posted by the ABC about a small business (sports equipment
manufacturer) that has been left devastated by cyber fraud. This company had no fraud
prevention/detection plan. http://www.abc.net.au/news/2016-12-21/online-charge-back-scam-gutting-small-businesses/8115702
Check out this cartoon YouTube video that outlines
real-time fraud prevention in a real-time world. https://www.youtube.com/watch?v=sMDg7ld1tZU
No comments:
Post a Comment