Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
CHAPTER 5
COMPUTER FRAUD
SUGGESTED ANSWERS TO DISCUSSION QUESTIONS
5.1 Do you agree that the most effective way to obtain adequate system security is to rely
on the integrity of company employees? Why or why not? Does this seem ironic?
What should a company do to ensure the integrity of its employees?
5.2 You are the president of a multinational company in which an executive confessed to
kiting $100,000. What is kiting and what can your company do to prevent it? How
would you respond to the confession? What issues must you consider before pressing
charges?
5.3 Discuss the following statement by Roswell Steffen, a convicted embezzler: “For every
foolproof system, there is a method for beating it.” Do you believe a completely
secure computer system is possible? Explain. If internal controls are less than 100%
effective, why should they be employed at all?
5.4 Revlon hired Logisticon to install a real-time invoice and inventory processing system.
Seven months later, when the system crashed, Revlon blamed the Logisticon
programming bugs they discovered and withheld payment on the contract.
Logisticon contended that the software was fine and that it was the hardware that was
faulty. When Revlon again refused payment, Logisticon repossessed the software
using a telephone dial-in feature to disable the software and render the system
unusable. After a three-day standoff, Logisticon reactivated the system. Revlon sued
Logisticon, charging them with trespassing, breach of contract, and misappropriation
of trade secrets (Revlon passwords). Logisticon countersued for breach of contract.
The companies settled out of court.
Would Logisticon’s actions be classified as sabotage or repossession? Why? Would
you find the company guilty of committing a computer crime? Be prepared to defend
5.5 Because improved computer security measures sometimes create a new set of
problems—user antagonism, sluggish response time, and hampered performance—
some people believe the most effective computer security is educating users about
good moral conduct. Richard Stallman, a computer activist, believes software
licensing is antisocial because it prohibits the growth of technology by keeping
information away from the neighbors. He believes high school and college students
should have unlimited access to computers without security measures so that they can
learn constructive and civilized behavior. He states that a protected system is a puzzle
and, because it is human nature to solve puzzles, eliminating computer security so
that there is no temptation to break in would reduce hacking.
Do you agree that software licensing is antisocial? Is ethical teaching the solution to
computer security problems? Would the removal of computer security measures
reduce the incidence of computer fraud? Why or why not?
5.1 You were asked to investigate extremely high, unexplained merchandise shortages at
a department store chain. Classify each of the five situations as a fraudulent act, an
indicator of fraud, or an event unrelated to the investigation. Justify your answers.
Adapted from the CIA Examination
a. The receiving department supervisor owns and operates a boutique carrying
many of the same labels as the chain store. The general manager is unaware of
the ownership interest.
b. The receiving supervisor signs receiving reports showing that the total quantity
shipped by a supplier was received and then diverts 5% to 10% of each
shipment to the boutique.
c. The store is unaware of the short shipments because the receiving report
accompanying the merchandise to the sales areas shows that everything was
received.
d. Accounts Payable paid vendors for the total quantity shown on the receiving
report.
e. Based on the receiving department supervisor’s instructions, quantities on the
receiving reports were not counted by sales personnel.
5.2 A client heard through its hot line that John, the purchases journal clerk, periodically
enters fictitious acquisitions. After John creates a fictitious purchase, he notifies
Alice, the accounts payable ledger clerk, so she can enter them in her ledger. When
the payables are processed, the payment is mailed to the nonexistent supplier’s
address, a post office box rented by John. John deposits the check in an account he
opened in the nonexistent supplier’s name. Adapted from the CIA Examination.
a. Define fraud, fraud deterrence, fraud detection, and fraud investigation.
Fraud is gaining an unfair advantage over another person. Legally, for an act to be
fraudulent there must be:
Fraud investigation is performing the procedures needed to determine the nature and
amount of a fraud that has occurred.
b. List four personal (as opposed to organizational) fraud symptoms, or red flags,
that indicate the possibility of fraud. Do not confine your answer to this example.
c. List two procedures you could follow to uncover John’s fraudulent behavior.
