Information systems auditing and computer fraud / Yap May Lin

"EDP auditing is defined as the process of collecting and evaluating evidence to determine whether a computer system safeguards assets, maintains data integrity, achieves organizational goals effectively, and consumes resources efficiently. " [Weber, 1988]. The issue of computer fraud has been given a considerable amount of space in most books devoted to the subject of EDP or Information Systems (IS) auditing. Studies have shown that the monetary amounts misappropriated in the average fraud involving EDP or IS substantially exceed the corresponding monetary amounts in the average fraud situation that does not involve automated services. Hence, the subsequent establishment or expansion of existing IS audit departments by management primarily as a defense against material fraud. The purpose of this paper is to focus on two issues. One, the occurrence of computer fraud in the IT environment, and secondly, IS auditing as a deterrent to discourage the commission of fraud.