Friday 26 May 2017

Assessment Two - Blog #3

Reflective Thinking Task – Blog #3


I disagree with the statement that the Australian Standard 8001-2008 is only relevant to large organisations.  Section 1.2 of this Fraud and Corruption Control Standard specifically states that it is intended to apply to all entities operating with Australia including small to medium sized enterprises (SMEs), (AS 8001-2008).  According to Best, Rikhardsson and Toleman, the standard recommends “the development of systems for targeted post-transactional review and strategic use of computer systems including effective data mining and real-time transaction assessment to identify suspect fraudulent transactions”, (2009).

In my experience in working in a small to medium sized enterprise, the recommendations made by this standard would be a beneficial business investment.  The software company relies heavily upon information systems for day-to-day business activities and currently has no fraud prevention/detections procedures.  This standard allows businesses, like the company I am working for, to adapt through its four step fraud control structure:
-          Planning and resourcing
-          Prevention
-          Detection
-          Response. 

AS 8001-2008 recommends that entities should consider the following factors in relation to their organisations characteristics before adopting the standard:
-          Size
-          Turnover
-          Business diversity
-          Geographic spread
-          Reliance on technology
-          Industry, (AS 8001-2008).

I would recommend that small to medium sized enterprises apply the above to determine which relevant parts of the standard are applicable to the organisations structure, (AS 8001-2008).

SMEs are not exempt from the risks associated with fraud, and therefore must remain active in the on-going prevention and detection procedures.  It is therefore important that SMEs invest in such procedures to ensure the longevity of either organisations. 

References
Best, P.J., Rikhardsson, P., Toleman, M. (2009). Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis. The Journal of Digital Forensics, Security and Law: JDFSL. 4(1), 39-60. Retrieved from http://search.proquest.com.ezp01.library.qut.edu.au/docview/743860117/abstract/ED6BE9F6EC834EC5PQ/1?accountid=13380

Australia Standard. (2008). Fraud and Corruption Control. (AS 8001-2008).  Retrieved from https://www.saiglobal.com/PDFTemp/Previews/OSH/AS/AS8000/8000/8001-2008.pdf

Useful Links
Check out this article posted by the ABC about a small business (sports equipment manufacturer) that has been left devastated by cyber fraud.  This company had no fraud prevention/detection plan. http://www.abc.net.au/news/2016-12-21/online-charge-back-scam-gutting-small-businesses/8115702 


Check out this cartoon YouTube video that outlines real-time fraud prevention in a real-time world. https://www.youtube.com/watch?v=sMDg7ld1tZU
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)