There's no room for error in forensic accounting – the process of gathering financial-related information for legal review and potential use in a court of law – as "every mistake will be put under a magnifying glass and made much worse than you thought it was," said Samuel BowerCraft, consulting manager with Camp Hill, Pa.-based accounting firm McKonly & Asbury LLP.
At the Computer Forensics Show in Washington, D.C., SearchFinancialSecurity.com spoke with BowerCraft about the role information security teams play in successful forensic accounting and financial fraud assessment.
Information security teams are asked to participate in forensic accounting because they know the digital forensics realm. How does information security support that process?
Samuel BowerCraft: From an information security standpoint, normally the forensic accountant has a role in gathering information that is accounting-related. That information is usually produced by a business group. That group is using information technology at some level -- applications, operating systems. It's very important for information security teams to work closely with business units to understand what they're trying to achieve from a business perspective, and generate info and support the applications to achieve those business goals. All accounting data comes out of computers now, so infosec teams need to ensure that only the right people have access to them. When data is pulled by the forensic accountant to support whatever hypothesis they are trying to prove, that access control helps prove to the forensic accountant that the data they're pulling is accurate.
What information security processes are most important to forensic accounting?
BowerCraft: Information security teams can support the forensic accountant by being able to provide access to and verify the validity of firewall logs, IDS data, who has logical access, group rights and transaction rights. All of that can be important to support the transactional data on the accounting side.
What are the most common circumstances that trigger a forensic accounting event -- and in turn, the involvement of information security teams -- in financial services firms?
BowerCraft: I would say the top three are a suspected misallocation of funds, a business valuation effort or a bankruptcy. Another one might be an insurance claim, and a forensic accountant might be brought in to make a determination about how much something is worth.
To Continue Reading: Click Here
----------------------------------------------
Source: searchfinancialsecurity.techtarget.com
By: Eric B. Parizo, Senior Site Editor
Subscribe to:
Post Comments (Atom)
1 comments:
Thank for the article
Post a Comment