Year 27 – 2014 – Car Maintenance – Part 1

The company I worked had a fleet of cars that we maintained, and when beyond a certain age, were sold.  The analysis below describes an audit that looked at the controls around both of these processes. The new manager of the company garage had only been in charge for a year and was already well respected and well liked.  He and his assistant provided quick and efficient maintenance service for…

November 7, 2016
Read More >>

Year 26 – 2013 – Payroll

 I haven’t looked at payroll very often; at least not as often as I think I should or would have liked.  Payroll can be a significant cost to an organization – easily representing 50% of a company’s total expenditures in some industries – but senior management seems to think that the controls over payroll are good and therefore it is low risk.   This belief is often transferred to audit even…

October 31, 2016
Read More >>

Year 24 – 2011 – Fraud Detection – part 2

Continuing on from last week ….. Figure 1 from the book “Computer –Aided Fraud Prevention and Detection: A Step-by-Step Guide” describes two approaches used to identify fraud risks and control exposures.  The first looks at control weaknesses and assesses how these exposures could be exploited.  The second starts with the key information or data fields and examines who could modify or manipulate these critical pieces of information; and then assesses…

October 17, 2016
Read More >>

Year 24 – 2011 – Fraud Detection – part 1

By 2011, I was becoming more and more involved in data analysis to detect fraud.  I had been doing this for years but had never really thought about the approaches I was taking to assess fraud risk and determine the analytics to perform.  The following is the result of my deliberations (which continue to this day). Fraud Detection The unrelenting advancement of technology is affecting virtually every aspect of our…

October 10, 2016
Read More >>

Year 20 – 2007 – Inventory

It was hard to believe, but I had now been at this (data analytics to support audit) for 20 years.  And I still found it interesting, challenging, frustrating, rewarding and aggravating – all at once. I was constantly being asked to access new systems and perform analysis for different types of audits.  At the same time, I had my regular monthly routine tasks of extracting, downloading and cleansing data we…

August 22, 2016
Read More >>

Year 19 – 2006 – Health Claims

Note: I hope this is like the ACL forum where there are more people reading it, but not posting questions/answers.  While I am enjoying my trip down memory lane – it is a lot of work and it would be a shame if I was the only one reading the posts.  My aim was to encourage discussion and sharing – this is not happening and lessens the value of the…

August 15, 2016
Read More >>

Year 17 – 2004 – Part 2 – Construction

From time to time I was lucky enough to get to do some consulting work.  These were usually fairly large audits, involving a number of external experts.  As the “data guy” I was often given very little time to perform the required analysis.  On such audit was a review of the costs for a major construction project.  The audit team did not have all of the necessary expertise and had…

July 27, 2016
Read More >>

Year 17 – 2004 – Part 1 – Direct Deposit

This was the year that I re-published my second book “Fraud Detection: A Revealing Look at Fraud (2004).  This dealt with obtaining, verifying and analyzing the data to support fraud prevention, detection and investigation.  However, it was also relevant to regular internal audit analyses. I thought I would do something a little different this week – so here is a fraud analysis story.  It is based on an actual fraud…

July 18, 2016
Read More >>

Year 14 – 2001 – Fraud Analytics – part 2

The “Big one that got Away” – involved hundreds of millions of dollars in contracts for hardware and software maintenance over ten years.  I ran a couple of tests to highlight red flags related to fraud risks and identified the fraudster a couple of times – but didn’t pursue the issue enough to uncover the fraud. The first red flag was identified when I performed an audit to determine if…

June 13, 2016
Read More >>

Year 14 – 2001 – Fraud Analytics – part 1

After my year of consulting in numerous private sector companies I felt that my experience not only with ACL, but also with risk assessment and fraud risk assessment in particular had grown.  While ACL’s basic command set was powerful, there were a number of techniques that I had used specifically for fraud that were not (at this time) included in the basic ACL command set.  They required the use of…

June 6, 2016
Read More >>