journal header

Volume 2, 2015

This Week's Online-Exclusive Feature

Book Review—Fraud Prevention and Detection: Warning Signs of the Red Flag System
18 March 2015
Rodney T. Stamler, Hans J. Marschdorf, Mario Possamai | Reviewed by Upesh Parekh, CISA

It is a common myth that regulators and law enforcement agencies can protect organizations from fraud. At best, regulators can deter the occurrence of fraud, but they cannot prevent fraudulent activities. It is up to organizations to protect themselves. But how can organizations prevent fraud? How can they save themselves from all the ill effects of fraud?

Fraud is “wrongful or criminal deception intended to result in financial or personal gain.” It is estimated that a typical organization loses 5 percent of its revenue in fraud each year. There have been monumental losses due to fraud, for example, in the cases of Enron and WorldCom. Read More

Indicates Online-Exclusive Content

 

 


Podcast  New!
ISACA Journal Volume 2 Podcast:  Cyberwhatsit

This Week's Featured Author Blog

A Security Solution Needs to Fit Like a Great Suit
9 March 2015
Kerry Anderson

The selection of a security solution is a critical decision for an information security program. With the plethora of security solutions available, finding the best fit for an enterprise and its security needs can be a challenging and time-consuming task. When cost constraints are added to the picture, the selection process becomes even more problematic. There is a temptation to go with what is already familiar or select a solution that is already in use at a similar organization. But the best place to begin is by identifying critical functional requirements and restrictions for a security solution. The goal is to define, in a vendor-neutral fashion, a generic prototype of the security solution being sought. This should be done before doing any vendor research. This process should also spot potential attributes of a solution that may clash with the organizational environment.

Read More

Indicates Online-Exclusive Content