Purpose – The purpose of this study is to examine the extent to which accountants, internal auditors, and certified fraud examiners use fraud prevention and detection methods, and their perceptions regarding the effectiveness of these methods. Design/methodology/approach – A survey was administered to 86 accountants, internal auditors and certified fraud examiners. Findings – The results indica...

Recently, Shafer and Srivastava [1], Srivastava and Shafer [2], Srivastava [3]-[4], and Van den Acker [5] have identified appealing features of belief function evidential networks. These networks can express the support that audit evidence provides for assertions, accounts and financial statements. These networks can also aggregate many pieces of evidence into an overall level of support for a ...

Risk assessment is a systematic process for integrating professional judgments about relevant risk factors, their relative significance and probable adverse conditions and/or events leading to identification of auditable activities (IIA, 1995, SIAS No. 9). Internal auditors utilize risk measures to allocate critical audit resources to compliance, operational, or financial activities within the ...

This study analyzes the pricing of auditors’ business risk in the first year of an audit engagement. We posit that reportable events from the prior auditor’s tenure that are disclosed in the 8-K auditor change filing provide reliable information about the level of business risk for the incoming auditor. We hypothesize that for clients perceived as risky, the incoming auditor charges a fee-premi...

Firewall admins and auditors face some tough questions: • Is the firewall really enforcing the corporate security policy? • How will the new admin learn the firewall rules? • We're acquiring company Y. What does their firewall allow?

A basic method in computer security is to perform integrity checks on the file system to detect the installation of malicious programs, or the modification of sensitive files. Integrity tools to date rely on the operating system to function correctly, so once the operating system is compromised even a novice attacker can easily defeat these tools. A novel way to overcome this problem is the use...