| New guidance paper “Managing the Business Risk of Fraud: A Practical Guide” released for comments |
|
The ACFE, AICPA, and IIA have released an exposure draft of a joint project regarding guidance to organizations on establishing an approach to managing the risk of fraud. The paper will be open for comment through December 21, 2007. The following principles outline the key steps for proactively establishing an environment tomanage fraud risk in an organization effectively: Principle 1: A fraud risk policy should be written to convey to the organization the expectations of the board of directors and executive management regarding managing fraud risks. Principle 2: Fraud risk exposure should be assessed by the organization to identify specific potential events that the organization needs to mitigate. Principle 3: Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate potential impacts on the organization. Principle 4: Detection methods should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized. Principle 5: A reporting process should be in place to solicit inputs on potential fraud events and a coordinated investigation approach should be used to ensure potential fraud events are dealt with in a timely manner.
|
| Next > |
|---|
The IIA has updated Practice Advisory 2030-1: Resource Management. The update expands the previous Practice Advisory and provides further clarity on resource management. 