Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Loading...
Thumbnail Image
File version
Author(s)
J. Best, Peter
Rikhardsson, Pall
Toleman, Mark
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)
Date
2009
Size

152670 bytes

File type(s)

application/pdf

Location
License
Abstract

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in enterprise systems. The steps in this process are: (1) threat monitoring-surveillance of security audit logs for 'red flags', (2) automated extraction and analysis of data from audit trails, and (3) using forensic investigation techniques to determine whether a fraud has actually occurred. We demonstrate how mySAP, an enterprise system, can be used for audit trail analysis in detecting financial frauds; afterwards we use a case study of a suspected fraud to illustrate how to implement the methodology.

Journal Title

Journal of Digital Forensics, Security and Law

Conference Title
Book Title
Edition
Volume

4

Issue

1

Thesis Type
Degree Program
School
DOI
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© 2009 ADFSL. The attached file is reproduced here in accordance with the copyright policy of the publisher. Please refer to the journal's website for access to the definitive, published version.

Item Access Status
Note
Access the data
Related item(s)
Subject

Auditing and Accountability

Computation Theory and Mathematics

Other Information and Computing Sciences

Law

Persistent link to this record
Citation
Collections