There are many factors to consider when recommending tools and best practices to fight fraud. There are also many ways to think about and organize these tools and practices. The authors of this ToolKit have identified the five organizational elements that are conducive to understanding and combating fraud:
In combatting fraud, it is important to assess an organization's controls and the control environment. Controls are the systems, policies, procedures, personnel and culture in place within an organization that mitigate the risk of fraud. The Control Environment defines the “tone at the top” of the organization and permeates all levels of the organization. The first subject subtitle, "Controls & Control Environment," deals with the control environment and tools you can use to better understand and evaluate your environment.
Important elements in understanding the environment and taking steps to defend it against fraud are known as "Risk Modeling and Assessment." These are the topics of our second subject subtitle. The guidance offered here will help in the development of processes to better understand the fraud risks facing your organization, the likelihood of their occurrence and the effects they might have if they occur.
Technology is a mixed blessing. Its complexity gives fraudsters a place to hide. The unquestioning reliance on computers makes it easy to overlook fraud when it occurs. However, technology also puts at our disposal ways of detecting fraud that would have been unthinkable a generation ago. The subject subtitle "Data Analytics" discusses techniques available to help detect and prevent fraudulent activity.
The tool's "Master Controls Table" is a consolidation of all the risk tables found throughout this tool. It provides a single point of reference for risks, red flags and tools/best practices that apply throughout an organization’s programs and business processes.
The internal controls tool is designed to help you develop and maintain better controls.