Consider the risks associated with IT and data related to fraud, forensics, litigation, and associated regulations. For financial audits, the focus would be material misstatement due to fraud. It also includes tools and techniques to react to, or procedures for, fraud suspicions, forensic investigations, and other similar activities. This part of the CITP BOK addresses knowledge requirements to issues such as computer forensics, digital evidence, data mining and analysis, security breaches, and relevant regulations (e.g., e-Discovery).
To understand the basics of fraud and forensics; e.g., fraud triangle, fraud tree (schemes and categories of schemes), scope of fraud (i.e., professional skepticism), and profile of fraudsters.
To have a good understanding of regulations and technical literature; especially SAS No. 99 (AU316) and how to apply it.
Generally, to be able to consider the risks of material misstatement due to fraud and determine specific techniques to detect fraud.
To understand how to use IT in fraud investigations.
To understand how to choose and employ the most appropriate digital acquisition tools and procedures in a fraud investigation.
To identify applicable sources of digital evidence in a fraud investigation.
To understand the basics of legal rules and procedures regarding digital evidence.
To understand the importance of state and federal laws regarding digital evidence.
Fraud has been ...