Monday 4 June 2012

Forensic Investigation Interviewing

Week 12

For the following entry please refer to the below passage:
In 1990, a keynote speaker at a conference provided his views on interviewing techniques:

“When interviewing people whilst investigating a fraud case, one needs to be very open and provide as much detail as possible to help the interviewee understand the case. One should not have pre-determined questions, but should allow the interview to follow a natural path. One should also avoid recording the interview as it may make the interviewee feel uncomfortable”.

“Do you agree or disagree with the points made by the keynote speaker? Using, lectures and readings, plus your own knowledge and experiences, provide arguments and recommendations to your organisation on the correct procedures for preparing fraud-related interviews with employees, witnesses and possible suspects. Use your reflective writing techniques in answering this question.”

Reflecting on my experiences in job interviews and research, I disagree with the speaker’s comments as preparing questions and recording the interview are two important aspects of conducting a fraud investigation interview. Golden, Skalak, Clayton and Pill (2011, p.317) stated that preparing lines of questions to ask during the interview is an effective tool for interviewing. Additionally recording the interview provides a powerful instrument in legal proceedings, however the interviewer must be aware of the law in regards to recordings (Golden, et al, 2011, p.319-320).

Porter and Crumbley (2012) have highlighted the REID model and the PEACE model as the two leading interviewing techniques used for fraud investigations. However, the accusatory method adopted by the REID model sometimes leads to false confessions. For example, when I was little I was accused of breaking a vase and admitted even though I was innocent. On the other hand, the cynical attitude adopted by the PEACE model eliminates the issue of false confessions and provides a more efficient way of reaching the objective of the interview (Shawyer and Walsh, 2007).

Additionally I believe the key tool to an effective interview is to make the interviewee feel comfortable. Hopwood, Leiner and Young (2008, p.238) have suggested becoming familiar with the interviewee by building a rapport with them. Additionally Golden et al (2011, p.326) suggests being friendly, sympathetic and professional during the interview. Having been to many interviews, I know that nerves can twist information however, when the interviewer acted really friendly, I was able to relax and fully participate in the interview. Therefore when conducting fraud-related interviews the PEACE model should be used in conjunction with my above recommendations.

Reference List:

Golden, T., Skalak, S., Clayton, M., & Pill, J. (2011). A guide to forensic accounting investigation, (2nd Ed). Hoboken, New Jersey: John Wiley & Sons

Hopwood, W., Leiner, J, & Young, G. (2008). Forensic accounting. New York, NY: McGraw-Hill Irwin

Porter, S., & Crumbley, L. (2012). Teaching interviewing techniques to forensic accountants is critical. Journal of Forensic & Investigative Accounting, 4(1), 122-146. Retrieved from: http://www.bus.lsu.edu/accounting/faculty/lcrumbley/jfia/Articles/FullText/2012_v4n1a5.pdf

Shawyer, A., & Walsh, D. (2007). Fraud and peace: investigative interviewing and fraud investigation. Crime Prevention and Community Safety, 9(2), 102-117. doi: 10.1057/palgrave.cpcs.8150035.
Posted by at No comments:

Fraud Prevention

Week 11

For the following entry please consider the facts of the case below:
A speaker at a business advisory conference focusing on fraud prevention identified the characteristics you may find within a firm that may lead to fraudulent activities occurring. They are:

  • Fraud is not perceived as a risk, or risks are not assessed
  • Management ignores irregularities
  • Morale is low
  • High turnover within the firm
  • Staff lacks training in the systems in which they operate on a day to day basis
  • A rapid increase in revenues and profits
  • A very strong, egotistical leader
  • Profit is the ultimate goal.  It is to be reached no matter what occurs to deter the organization or employee.
  • Salary structure is tied to profits

He then said: “These are just a few of the characteristics you might find prevalent within a corporation ripe for fraud. Although in Australia there have been multitudes of frauds committed during the past ten to 15 years, by men such as Alan Bond, Joel Barlow, Rene Rivkin and Christopher Skase, fraud is still increasing in Australia.  It seems that these frauds have not increased awareness within most businesses.  Awareness and education is the key to defeating fraud within today’s organisations”

“Do you agree or disagree with the final statement made in the case on awareness and education? Using documents, lectures, readings and other journal articles, plus your own knowledge and experiences, provide arguments and recommendations to your organisation on how they can prevent the incidence of fraud. Use your reflective writing techniques in answering this question.”

Based on my knowledge of large fraud cases such as ING and Queensland Health, I believe that awareness and education must be used in conjunction with other fraud preventative measures to defeat fraud within today’s organisations. According to Smith (1998) fraud prevention and control strategies range from general policies to highly specific, individually tailored procedures.

Preventative policies have been developed by the Government, industry and academics to manage fraud for organisations. For example, the Government has published the AS 8001-2008 guideline which is available for businesses to prevent fraud and corruption. Grain Corp (2008) has effectively incorporated the guidelines of AS 8001-2008 as part of their policy to mitigate fraud risk.

Additionally models of fraud detection have been developed such as the Analysis Led Fraud Assessment (ALFA) model (Steane and Cockerell, 2005). The ALFA approach identifies areas of high fraud risks and critical fraud risks to enable organisations to address the risk of fraud. Furthermore Steane and Cockerell (2005) have defined critical risks to be area of high fraud risks where there are poor or no risk controls in place. To simply illustrate the ALFA approach, I have reflected on my experience Zorbing which presented a critical risk, but through safety measures in place, it was reduced to a high risk activity.

Moreover I have highlighted below some of my key recommendations based on the fraud I have witnessed at a small business:
  • Developing an ethical culture
  • Employment screening process
  • Whistle blowing schemes
  • Red Flags and fraudster profiling
  • Strong internal controls
Therefore I believe that the above methods should be implemented, in conjunction with education and awareness training, to mitigate the occurrence of fraud.

Reference List:

Australian Standards 8001-2008. (2008).Fraud and corruption control. Retrieved from: http://fraud.govspace.gov.au/files/2010/12/Australian-Standard-8001-2008.pdf

Grain Corp (2008). Fraud & corruption control: corporate governance procedure. Retrieved from: QUT Blackboard.

Smith, R. (1998). Best practice in fraud prevention. Retrieved from: http://www.aic.gov.au/documents/F/3/2/%7BF3256DEB-9A04-4416-9D11-156922F22EC8%7Dti100.pdf

Steane, P., & Cockerell, R. (2005). Developing a fraud profile method – a step in building institutional governance. Retrieved from: http://soc.kuleuven.be/io/ethics/paper/Paper%20WS3_pdf/Peter%20Steane.pdf
Posted by at No comments:

The Forensic Accountant as an Expert Witness

Week 10

For the following entry please apply the following hypothetical scenario:
Assume you have completed your university degree and landed your ‘dream job’ working as a junior forensic accountant in a boutique forensic accounting firm in the Brisbane CBD. After 12 months, you are asked to represent a client in Court as the expert witness. The person who usually undertakes this work is overseas investigating a case and will not return for another four weeks.

The client is a well-known CEO from a large and profitable organisation, charged with misappropriation of funds. If found guilty, he will be jailed for approximately five years. You have been working on the case as a forensic accountant, compiling large amounts of evidence and eDiscovery documents for the past five weeks. Although you have learnt a great deal in the 12 months with the firm, and from your studies at QUT (especially AYB115!), you feel that you are not yet qualified to take on this role.

“Using relevant parts of APES 215 and other documents/journal articles and your own knowledge, explain to your supervisor why it is inappropriate for you to be the expert witness in this case. Use your reflective writing techniques in answering this question.”

Since discussing expert witnessing, I have been examining what it would take for me to become an expert witness. I feel that I am not suitable for the roles because I lack the appropriate experience and my personality does not correlate to that of an expert.

The APESB (2008) publication for forensic accountants, APES 215, item 3.12 highlights that expert witnesses require specialised training, study or work experience. Furthermore Rasmussen and Leauanae (2004) highlights that years of prior experience in forensic cases, training and education are the most important characteristic of an expert. Upon evaluation, I believe that it is inappropriate for me to be an expert witness as I possess a low level of experience, having only worked in the field for 12 months. A suitable expert would be someone like guest speaker Lisa who was a qualified accountant and had 5 years of work experience when starting as an expert witness.

Additionally I believe that I would not make a good expert witness based on my personality. Hoffman, Finney, Cox and Cooper (2007, p.15) have highlighted that being an expert requires a specific attitude and approach. Based on previous personality testing, I have discovered that I am an introverted person, scoring 31 points for extroversion in the Neo IPIP test. Additionally Singleton, Singleton, Bologna, and Lindquist (2006, p.277) have highlighted that opposing counsel will attempt to discredit and destroy the expert’s self-confidence in the cross-examination process. Based on my research and discussions with an expert witness, I conclude that I would not be suited to being an expert witness as I believe that I could not keep my composure in the witness stand.

Reference List:

Accounting Professional and Ethical Standards Board (APESB). (2008). APES 215 Forensic Accounting Services, item 3.12 – Professional competence and due care. Retrieved from: http://www.publicaccountants.org.au/media/32890/apes%20215%20standard_1.pdf

Hoffman, R., Finney, W., Cox, P., & Cooper, K. (2007). The forensic accountant as an expert witness: a basic guide for forensic accounting. Sydney, NSW: CCH Australia Limited.

Rasmussen, D., & Leauanae, J. (2004). Expert witness qualifications and selection. Journal of Financial Crime, 12 (2), 165-171. Doi: 10.1108/13590790510624954

Singleton, T., Singleton, A., Bologna, J., & Lindquist, R. (2006). Fraud Auditing and forensic accounting (3rd Ed). Hoboken, New Jersey: John Wiley & Sons
Posted by at 1 comment:

Internet Content Regulation and Businesses

Week 9 

"Do you think Australian Internet Service Providers (ISP) should be forced to filter Internet content?”

As an internet user, I believe that the issue of online regulation and filtering is two-fold as ISPs should be able to filter inappropriate content, but only when it is necessary to do so. I have created an online presence through this blog and therefore I must be aware of the content I include as I may be subject to any proposed filtering policy.

In the past weeks I have been researching the proposed plan by the Government to filter Internet content through an ISP-level filtering policy. According to Senator Conroy (2009) Internet filtering would reduce the risk of children being exposed to inappropriate material when online. However arguments by Electronic Frontiers Australia (2011) and ISPs have highlighted issues about the filtering system stating that it would not work. Additionally I have discovered that certain ISPs like Telstra and Optus have already begun to voluntarily filter child abuse material, ahead of the government proposed filtering policy (DBCDE, 2011). During my research I reflected on the heavily filtered internet access I experienced while at high school and my frustrations with the filtering. I suspect the proposed plan might incur more annoyance due to slower internet speeds some experienced during the pilot study.

Additionally a US study found that 78% of consumers look up information about businesses online before interacting with them (Intelius, 2010). Therefore, for businesses to be successful operating a website and their online presence is one of their most valuable assets and source of sales. It is for such reasons that businesses need to be aware of the content they post and the potential filtering policy to ensure that they can continue to operate.

Reference List:

Department of Broadband Communications and the Digital Economy (DBCDE) (2011). Internet service provider (ISP) filtering. Retrieved from: http://www.dbcde.gov.au/funding_and_programs/cybersafety_plan/internet_service_provider_isp_filtering

Electronic Frontiers Australia. (2011).Mandatory ISP filtering. Retrieved from: https://www.efa.org.au/category/censorship/mandatory-isp-filtering/ 

Intelius. (2010). Importance of having an online presence. Retrieved from: http://www.themarketingbit.com/small-business/importance-of-having-an-online-presence/

Senator Conroy, S. (2009, December 15). Measures to improve safety of the internet for families. Retrieved from: http://www.minister.dbcde.gov.au/media/media_releases/2009/115
Posted by at No comments:

IP Protection for Businesses

Week 7

“What are some of the measures which business can take to protect its Intellectual Property (IP)? Why is it important for a business to understand ownership of IP rights?”

It is important to understand IP rights for businesses which use, own or have acquired IP to ensure against infringement. I personally have created IP and use others’ IP, similar to how many businesses do. In light of the Copyright Act 1968 and the Trade Mark Act 1995, I have been examining ways businesses can protect their IP.

The Institute of Chartered Accountants Australia (2011) highlighted that awareness of IP ownership is very important for businesses. More information on ownership under the Copyright Act 1968 and the Trade Mark Act 1995 can be found here. Though my employment as a Student Ambassador for QUT I have created IP. However, the subsisting ownership in my literary creation belongs to QUT, under Section 35(6) of the Copyright Act 1968. In regards to trade marks the owner is the person who has registered the trade mark. For businesses which have created IP, awareness of ownership is important as such IP can become very valuable assets.

Additionally, a US study has revealed that businesses consider trade marks and copyright to be some of the greatest IP assets to them and that protection is a recurrent concern. (New pilot survey reveals importance of intellectual property, 2012). In Australia most businesses use or create copyright though their advertising or have registered their name as a trade mark. For such businesses to exploit their IP for competitive advantage and marketing it is essential to secure IP against infringement (Business Link, n.d.). One example is Microsoft Office which I, along with businesses, use day-to-day through a licensing agreement and such a licence protect both me as the customer and Microsoft, the owner.

Reference List:

Business Link, (n.d.). Protecting intellectual property. Retrieved from: http://www.businesslink.gov.uk/bdotg/action/detail?itemId=1074300698&type=RESOURCES

Copyright Act 1968. Retrieved from: http://www.comlaw.gov.au/Details/C2012C00265

Institute of Chartered Accountants Australia. (2011). Business briefing series: 20 issues on intellectual property. Retrieved from: http://www.charteredaccountants.com.au/Industry-Topics/Business-management/Recent-headlines/News-and-updates/Intellectual-property-offers-great-opportunities-for-businesses.aspx

New pilot survey reveals importance of intellectual property. (2012, February 27). R&D Daily. Retrieved from: http://www.rdmag.com/News/2012/02/Policy-Industry-Patents-New-pilot-survey-reveals-importance-of-intellectual-property/

Trade Mark Act 1995. Retrieved from: http://www.comlaw.gov.au/Details/C2012C00161

Posted by at No comments:

Copyright Issues for Individuals and Businesses

Week 6

“People should be able to download music and films in Australia from the internet without paying for them” (Do you agree with this statement? Explain your answer, with reference to the Copyright Act 1968 (CTH).)”

Since discussing the Copyright Act 1968 (CTH) (the Act), I have been examining if people should be able to download music and movies for free in Australia. I know many people who have downloaded copyrighted music and movies for free and I myself have downloaded videos from YouTube for assignments. Additionally I’ve discovered that in Australia one-third of internet users have admitted to downloading copyrighted music (MIPI, 2011). Therefore, I believe that individuals would benefit from downloading music and movies for free, however there are legal and economic complications involved.

Firstly downloading music and movies for free would infringe copyright created by the Act. A summary of copyright for music and movies can be found here. Since discussing with friends the implications of the Act, many said they felt guilty knowing the Act prohibited downloading. However some exceptions apply for downloading copyrighted material for a specific purpose. After reviewing these exceptions I’ve discovered that songs downloaded for the purpose of my poetry research in high school would not infringe copyright under Section 40 of the Act.

Secondly by downloading music and movies for free it affects the profitability of the music and film industries. According to Moses (2011) film infringement costs the Australian economy $1.37 billion a year. Meanwhile the music industry has been declining due to music infringements (Jackson, 2011). In the digital age, awareness must be created around IP as technology increases the possibilities of infringement. For example, several years ago people were using Limewire to illegally download music and movies. In the case of businesses which use or own copyrighted material, appropriate action must be taken to protect against copyright infringement.

Reference List:

Copyright Act 1968 (CTH) Retrieved from: http://www.comlaw.gov.au/Details/C2012C00265

Jackson, S. (2011, September 12). No cure for piracy since the day the music started dying. The Australian. Retrieved from: http://www.theaustralian.com.au/media/no-cure-for-piracy-since-the-day-the-music-started-dying/story-e6frg996-1226134295512
 
MIPI. (2011). Internet piracy. Retrieved from: http://www.mipi.com.au/About-Piracy/What-is-music-piracy/

Moses, A. (2011, June 6). Music and film industries split over pirates. The Sydney Morning Herald. Retrieved from: http://www.smh.com.au/technology/technology-news/music-and-film-industries-split-over-pirates-20110606-1fo8q.html
Posted by at No comments:

Thursday 12 April 2012

Contracts for Online Businesses

Week 5

“In light of the unfair contracts laws, do you think that a web operator should be able to change the terms of use of their website without giving users adequate notice? Consider the practicality of such a requirement for the website operator, balanced against the rights of the web site user.”

Based on our discussions regarding the new unfair contract term legislation, I have been examining if web sites should be able to change their terms without notice to its users. It may be necessary to change the terms of a contract, if it does not cause an imbalance between the parties' rights, is a necessary term, and not cause detriment to a party, as outlined by Australian Competition & Consumer Commission (2010). However I believe notice is required to comply with the offer and acceptance element of a contract.

For example, I use professional networking site Linkedin which uses a browse-wrap style of contract were a hyperlink of the conditions is posted, compared to a click-wrap which requires users to agree to the terms before use. The conditions on Linkedin (2011) highlighted in Figure 1, state that changes are communicated to its users through alerts on their websites and email associated with accounts. I find this a very useful approach, however it may be ineffective to individually contract its 150 million users. Lastly there are enforcement issues with browsewrap website as users may not be aware of the condition, nonetheless, the Register.com Inc v Verio Inc case provides relief as enforceability depends on the regularity of use which, for a networking site, is very regular.

Figure 1 - Linkedin User Agreement, Notifications and Service Messages
Reference List:

Australian Competition & Consumer Commission. (2010). Unfair contract terms. Retrieved from: http://www.accc.gov.au/content/index.phtml/itemId/930021

Linkedin.com (2011, June 16). User agreement. Retrieved from: http://www.linkedin.com/static?key=user_agreement&trk=hb_ft_userag
Posted by at No comments:

Jurisdictional Issues and Importance for Business

Week 4

“(What are the jurisdictional issues? Why are they important?)”

In light of jurisdictional issues faced with the Megaupload case, I think it highlights the importance of assessing how jurisdiction affects the online operations of businesses. In the Megaupload case allegations of copyright emerged as the US moved to arrest Kim Dotcom in New Zealand.  The US claimed jurisdiction as Megaupload has storage leased in US data centres (Winterford, 2012). However, according to the case of Dow Jones & Co Inc v Gutnick (2002) 194 ALR 433, the ‘hurt’ is world-wide as the copyrighted materials may have impact anywhere. The US may be granted jurisdiction based on the large number of film studios and record company which reside in California and whose revenue was affected.

Jurisdictional issues are important to businesses operating online to determine where disputes may be resolved. I purchase goods online from the US and to mitigate the risk of jurisdictional issues, the company sets conditions which I have to approve before purchase. One example is Shopbop.com whose conditions, as highlighted in Figure 1, state that Washington laws will govern disputes (Shopbop.com, 2012) even though, according to the Dow Jones & Co Inc v Gutnick (2002) 194 ALR 433 case, the dispute may come under Australian laws as the ‘hurt’ will lie with me as the place where the page is downloaded.

Figure 1 - Shopbop.com Conditions of Use, Applicable Law
Reference List:

Shopbop.com (2012, March 20). Conditions of Use. Retrieved from: https://www.shopbop.com/ci/aboutShopBop/conditions.html

Winterford, B. (2012, January 23). Four key questions from the ‘Mega conspiracy’. ITnews for Australian Business. Retrieved from http://www.itnews.com.au/Tools/Print.aspx?CIID=287823 
Posted by at No comments:

Application of the COBIT 4.1 Framework

Week 3

“(Do you agree with the business owner’s views? If you were advising a small business about IT Governance, risk assessment and fraud, what would you recommend in relation to COBIT 4.1? How does this case demonstrate the accuracy (or not) of Cressey’s fraud triangle? Provide researched reasons for your answer.)”

Based on the case study presented, I have identified typical issues which small businesses face with IT Governance, my analysis can be found here. Firstly I believe that governance is important for small businesses as the consequences of IT risks are tragic. According to Warfield (2011) there have been cases where small business had to close because of fraud. In my experience I have witnessed a small company which suffered IT risks and alleged fraud when integrating a new accounting system and hired new accounting staff.

In the case study and my experience, both companies lacked proper IT Governance and there was evidence of little internal controls. The following COBIT 4.1 (2007) control objectives are applicable to both scenarios.
·         PO4.11 – Separation of Duties
·         PO7 – Manage IT Human Resources
·         PO9 – Assess and Manage IT Risks
·         DS4 – Ensure Continuous Service
·         ME4 – Provide IT Governance
From observation, I recommend the owner develop an understanding of risks and review these objectives to develop a framework to mitigate the occurrence of risks. Additionally I recommend the implementation of controls such as internal audits and audit trails, red flags and separation of duties.

Cressey’s model of fraud highlights that people commit fraud because of the opportunities which companies provide. This company exposed themselves to the opportunity of fraud occurring through the lack of controls and the owner’s lack of awareness of risks. Additionally the fraudster was under pressures, highlighted here, and was able to commit the fraud because she was able to rationalise her behaviour.

Reference List:

COBIT 4.1 (2007). COBIT 4.1: Framework, control objectives, management guidelines and maturity models. Retrieved from www.isaca.org

Warfield, B. (2011). Fraud in Australia. Retireved from: http://www.warfield.com.au/Bookkeeping_Fraud_in_Australia_2005-2011.pdf
Posted by at No comments:

Benefits of the COBIT 4.1 Framework

Week 2

“The use of COBIT 4.1 (or any other IT Governance framework) simply creates a great deal of work for an organisation and yet may provide little benefit. (In light of what you have learnt, intuitively know, and/or have read to date on the four domains of ITG and the online environment businesses operate in, discuss this statement.)”

I have been thinking about the importance and application of the COBIT 4.1 framework in light of the Brisbane floods of 2011. Van Grembergen and De Haes (2008), have identified that COBIT provides a generic criteria which can be applied to any organisation. COBIT 4.1 recommends four domains which are universal and the set of control objectives provide an outline of procedures for any organisation. However Rudman (2008) highlights that COBIT can be resource intensive and costly to implement.

For those businesses affected by the floods, many were struggling after their IT systems were destroyed (Rasmussen, 2011). Contingency planning could have minimised the loss as a result of the floods. Control objective DS4 – Ensure Continuous Service, (COBIT 4.1 2007) can be applied by businesses to prepare for disruptions to their daily trading. DS4 highlights the requirements of contingency planning in case of natural disaster and backing up. My mother’s workplace was affected by the floods and while only minor damage occurred, they had to cease operations and evacuate their IT equipment to ensure the safety of their data. In contrast other affected businesses suffered losses on average of $834,992 in lost inventory, income and productivity (Moore, 2011). Therefore a framework for governance should be implemented as I believe the consequences are costly compared to the costs of implementation.

Reference List:

COBIT 4.1. (2007). COBIT 4.1: Framework, control objectives, management guidelines and maturity models. Retrieved from www.isaca.org

Moore, T. (2011, February 3). Flood losses batter Brisbane businesses. Brisbane times. Retrieved from: http://www.brisbanetimes.com.au/business/flood-losses-batter-brisbane-businesses-20110203-1aff9.html

Rasmussen, D. (2011, January 19). Free and discounted IT gets flood-hit Queensland businesses back online. Intrapower.com.au. Retrieved from: http://www.intrapower.com.au/IntraPower_Flood_Press_Release.html

Van Grembergen, W., & De Haes, S. (2009). Enterprise governance of information technology. doi: 10.1007/978-0-387-84882-2_5
Posted by at No comments:

COBIT 4.1 Framework for Small Businesses

Week 1

“IT Governance is an issue that is most relevant to large businesses with many divisions, a large IT department and considerable IT assets. Large businesses often have more difficulty controlling their IT activities. The COBIT framework, as a governance tool, is most suited to large businesses and is not ideal for small to medium businesses – that is, it is a luxury they do not need and cannot afford. (Do you agree with the above statement? Provide reasons for your answer.)”

In the previous weeks we have been discussing IT Governance and its importance for businesses. I use technology for university, work and day-to-day living, similar to how most organisations and individuals do, and governance over such technologies can mitigate the occurrence of IT risk. I recently experienced USB failure and lost my current university work, however because of adequate back-up procedure in places, as outlined by DS11.5 - Backup and Restoration (COBIT 4.1, 2007), I was able to recover all lost files. I believe for small businesses back-up issues can be a major risk as they lack large IT infrastructure and IT assets. Moreover, back-up issues were a major risk during the Brisbane floods of 2011. However I found that off-site storage such as external hard-drives and 'the cloud' can be used to back-up, store and restore data.

Applying the COBIT 4.1 framework to small businesses can present issues due to the complexity of the framework and as small businesses do not operate in the same boundaries as large organisations do (Devos, Landeghem and Deschoolmeester, 2012). However Rudman (2008) highlights that a smaller version of COBIT 4.1 can be implemented for small businesses. Based on the basic control objectives of the four domains of COBIT 4.1; plan and organise, acquire and implement, deliver and support and monitor and evaluate, I believe that IT risks can effectively be minimised.

Reference List:

COBIT 4.1. (2007). COBIT 4.1: Framework, control objectives, management guidelines and maturity models. Retrieved from www.isaca.org

Devos, J., Van Landeghem, H., & Deschoolmeester, D. (2012). Rethinking IT governance for SMEs. Industrial Management & Data Systems, 112(2), 206-223. doi: 10.1108/02635571211204263

Rudman, R. (2008, April) Demystifying COBIT. Accountancy SA. 22-24. Retrieved from: http://search.proquest.com.ezp01.library.qut.edu.au/docview/215225161
Posted by at No comments:
Subscribe to: Posts (Atom)