Book Review—Computer-Aided Fraud Prevention & Detection: A Step-by-Step Guide 

Download Article

Computer-Aided Fraud Prevention & Detection: A Step-by-Step Guide, as its name suggests, is a practical guide to understanding and using computer-aided audit tools and techniques (CAATTs) to detect and prevent frauds by understanding, acquiring, working on and analyzing data, and understanding the results.

It is a how-to guide as well as a useful reference book for those interested in improving their ability to use data extraction and analysis tools for intelligent detection and prevention of frauds—with known as well as unknown symptoms—across different fractional areas of business in a variety of settings.

With the growing use of computerized accounting and digital records, sifting through information and auditing it have become onerous tasks. Most auditors and antifraud professionals use computer-aided techniques and programs, but their use is limited and they are not able to make use of their full potential. This book provides rich illustrations and case studies, which provide useful pointers to minimize effort and increase effectiveness of audits.

The book is more focused on controls and internal audit for fraud detection and prevention across the different functional areas including purchase, inventory, stores, production, product and service delivery, billing, credit recovery, and cash management. The use of a judicious mix of cases across different industries and segments, through illustrations, gives the book a broad perspective and makes it appealing to readers from different business and industry segments.

The logical approach of the book, along with the useful appendices, will help even beginners in a newly formed fraud audit department to plan and implement a fraud prevention and detection framework in their organization. At the same time, the case studies and analysis provide insight to experts to enhance the usefulness and value of their audits. The book also covers practical examples of the use of Benford’s Law for detecting unknown fraud, and has a chapter that deals with statistical sampling and quality assurance to improve the quality and effectiveness of audits.

The book, by providing a variety of situations in different settings, if used properly, can help readers to develop techniques appropriate to their given settings and make intelligent use of CAATTs to detect and, if not prevent, at least cut frauds short, before they grow to alarming proportions within the organization.

The increased audit quality, focus on materiality, improved efficiency and effectiveness, and better planning that result from an intelligent use of CAATTs will help reveal the undetected. Thus, Computer-Aided Fraud Prevention & Detection: A Step-by-Step Guide is a useful addition to the repertoire of the audit and assurance professional.

Editor’s Note

Computer-Aided Fraud Prevention & Detection: A Step-by-Step Guide is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in this Journal, visit, e-mail or telephone +1.847.660.5650.

Reviewed by Vishnu Kanhere, Ph.D., CISA, CISM, AICWA, CFE, FCA
an expert in software valuation, IS security and IS audit. A renowned faculty member at several management institutes, government academies and corporate training programs, Kanhere is a member of the Sectional Committee LITD 17 on Information Security and Biometrics of the Bureau of Indian Standards. He is currently newsletter editor and academic relations, standards and research coordinator of the ISACA Mumbai (India) Chapter; member of the ISACA Publications Subcommittee; honorary secretary of the Computer Society of India, Mumbai Chapter; convener of a special interest group on security; chairman of WIRC of eISA; and convener of the security committee of the IT cell of the Indian Merchants’ Chamber. He can be contacted at or

Enjoying this article? To read the most current ISACA® Journal articles, become a member or subscribe to the Journal.

The ISACA Journal is published by ISACA. Membership in the association, a voluntary organization serving IT governance professionals, entitles one to receive an annual subscription to the ISACA Journal.

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and/or the IT Governance Institute® and their committees, and from opinions endorsed by authors’ employers, or the editors of this Journal. ISACA Journal does not attest to the originality of authors’ content.

© 2010 ISACA. All rights reserved.

Instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. For other copying, reprint or republication, permission must be obtained in writing from the association. Where necessary, permission is granted by the copyright owners for those registered with the Copyright Clearance Center (CCC), 27 Congress St., Salem, MA 01970, to photocopy articles owned by ISACA, for a flat fee of US $2.50 per article plus 25¢ per page. Send payment to the CCC stating the ISSN (1526-7407), date, volume, and first and last page number of each article. Copying for other than personal use or internal reference, or of articles or columns not owned by the association without express permission of the association or the copyright owner is expressly prohibited.