sponsors this site
DEALING WITH WHITE COLLAR CRIME
RISK ASSESSMENTS
ANNEXURE A
CRITERIA AGAINST WHICH FRAUD RISKS CAN BE MEASURED
INHERENT RISKS
PROGRAMME FOCUS
- Nature of Programme
The extent to which the business of the organisation creates a risk (e.g. service delivery would be of higher risk than policy advice) - Policies and Strategies
The extent to which policies, procedures and strategies which recognise the importance or fraud control have been developed, in other words, attitude of management. - Reputation
The extent to which the organisation is perceived to be an easy target for fraud.
RESOURCES
- Cash
Handling of cash or other instruments, electronic transfer, etc which can be readily negotiated for cash. - Attractive Assets
The extent to which the organisation handles assets that can be easily stolen or misused. - Intellectual Property
The extent to which the organisation holds information that can be traded, or has a cash value. - Services
The potential for the misuse of facilities (i.e. undertaking private work in company time, abuse of motor vehicles, telephones, computers, publishing facilities, etc).
COMPLEXITY
- Computerisation
Sophisticated information technology systems present an opportunity for fraudulent behaviour. (Of course, they may at the same time -be a part of the control mechanism). - Skill
The degree to which judgement, academic or technical skills are required to under take functions. - Diversity
The extent to which tasks in an organisation (and the management systems needed to perform those tasks) are diverse.
PUBLIC CONTACTISENSITIVITY
- Client Relations
Extent to which exposure to client groups involves a fraud risk. - Business Relations
Extent to which exposure to business community and pressure groups involves a fraud risk. - Human Relations
The degree to which the influence of unions and public expectations may involve a fraud risk.
PROGRAMME REVIEWS
- Effectiveness of reviews in reducing exposure to risk.
STABILITY
- Procedures
The impact of any changes to procedures or system redevelopment. - Personnel
Continuity in personnel involved in control systems. - Organisation
Effectiveness of reporting arrangements. - Character
Does the programme have characteristics which adversely affect fraud control.
STATUTORY REQUIREMENTS
- Legal/Regulatory
Adequacy of legislation and other formal directions.
PRESSURE TO MEET OBJECTIVES
- Deadlines
The extent to which deadlines are an integral part of programme delivery. - Productivity
The extent to which productivity pressures impact upon the programme. - Economic
The extent to which performance is affected by external economic conditions and revenue targets.
SIZE
- Number of Departmental StaffMultiple Locations
- Multiple locations
- Projects
Cost of projects undertaken by the organisation. - Rand Throughput
- Volume of Transactions
- Assets/Liabilities
Magnitude of the assets or liabilities controlled by the organisation.
INTERNAL CONTROL RISK
GENERAL CONTROL ENVIRONMENT
- Corporate Framework
Where the organisation is going and how it is going to get there. - Information Management
Ensuring management has reliable information to make appropriate, timely and informed decisions. - Organisational Vulnerability
Reducing the exposure to fraud risk.
INFORMATION TECHNOLOGY
- Processing and Operations
Having the computer power an agency needs and when it needs it. - Security
The right information in the hands of the right people. - Development Environment
Maintaining the leading edge without excess cost. - Managerial Control
Keeping it all on the rails.
PURCHASES/PAYMENTS
- Ordering of Goods and Services
The right quality/quantity at the right time. - Commitment of Funds to Clients
Approval of funding to the right people at the correct rate. - Accepting Charges
Ensuring the organisation only pays for what it gets. - Controlling Payments
Payment of the right amount at the right time to the right people. - Overall Control and Management
Assurance that expenditure is under control and properly reflects results.