Appendix A

Fraud Audit Program: Payroll


The audit approach is based on a combination of testing procedures from a random sample and data mining for events that create the appearance of ghost employees or avoiding, circumventing, or exploiting the policy or the intent of the policy.

The traditional testing will focus on red flags that could be indicative of fraud in the payroll process.

The data mining will focus on the attributes of a ghost employee or the circumvention, avoidance, or exploitation of the payroll process by searching for frequencies and patterns of specific schemes.

The fraud risk structure is composed of the inherent fraud schemes. These inherent fraud schemes in conjunction with an assessment of internal controls may result in mitigation of some inherent fraud schemes. This assessment should be done at the audited entity level.

This document is a general guideline for auditing for fraud in the payroll process. The red flags and fraud audit procedures may need to be customized by the auditor for the specific audited site processes and characteristics.

Key Terms

1. Ghost employees—individuals listed in the payroll register who are not providing services, but who are receiving a payroll check.

a. Terminated ghost employee—a company employee that exists at the time of hire, but terminates without notifying human resources. The supervisor falsifies the time report and diverts the company employee's payment. At the time of the audit the company employee ...

Get The Fraud Audit: Responding to the Risk of Fraud in Core Business Systems now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.