Best, Peter J. and Rikhardsson, Pall and Toleman, Mark (2009) Continuous fraud detection in enterprise systems through audit trial analysis. Journal of Digital Forensics, Security and Law, 4 (1). pp. 39-60. ISSN 1558-7215
|HTML Citation||EndNote||Dublin Core||Reference Manager|
Full text not available from this archive.
Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoring-surveillance of security audit logs for ‘red flags’, (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds, Afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.
Archive Staff Only: edit this record