Forensic Auditing Training Week

Transcription

1 The Global Leader In Audit and Information Security Training Forensic Auditing Training Week A dynamic approach and methodology for fraud investigators investigating computer crime. How to find those elusive frauds that others miss Why Attend This Course? By attending this course you will be able to: Identify the red flags Use Fraud Auditing as a tool for Fraud Prevention Go beyond traditional Internal Control assessment to really pinpoint where fraud occurs Find elusive frauds that others miss Secure, Analyse and Present the Evidence Auditing the dealing room Auditing transmissions and clearing services Learn how to make your organisation resistant to all forms of unethical business Discover how you should respond to a suspected fraud or computer crime Overcome procedural and legal pitfalls Learn computer forensic techniques Communicate and advise senior management on business and legal implications Apply taught principles in case study, interactive exercises Fraud 5 Day Course: May 2015 London October 2015 Amsterdam Course Directors: Nigel Iyer An innovative fraud detection and investigation practitioner and expert in the integrity health check approach with over 20 years experience. Richard Minogue A financial management, internal audit and investigation expert with over 35 years experience. Edward Wilding Computer forensics practitioner who has successfully investigated hundreds of cases of computer fraud, computer hacking and technical mischief. Noel Bonczoszek Highly experienced crime investigator and renowned lecturer on computer crime, public sector corruption, money laundering, fraud and counterfeiting. Save up to 50% with In-House Training IN TRAINING Register online at:

2 Forensic Auditing Training Week A dynamic approach and methodology for fraud investigators investigating computer crime. How to find those elusive frauds that others miss Course Focus And Features Spectacular losses, corporate collapses, and major scandals in recent times have focused the minds of company directors, owners, and regulators on Corporate Governance, the failure of risk management strategies, and the widespread existence of unethical business behaviour. Managers, controllers, Internal and external auditors and security managers are finding it difficult to claim it is not their job to find fraud. Whose job is it? Deliberate overcharging by suppliers, false invoices, expenditure, bribery, kickbacks, false rebates and warranty claims, conflicts of interests, false reporting, and more; questions have been asked why nobody picked up the early warning signs. There is broad acceptance that unethical business behaviour directly or indirectly accounts for major losses (often estimated to be between 2 and 5% turnover) and severely damages the reputation and morale of companies. However, despite being one the largest unmanaged risks in companies today, many managers still receive virtually no formal training in how to identify the red flags, deal with them and most importantly how to become more resistant to all forms of unethical business behaviour, including fraud and corruption. The fastest growing area of crime within organisations is now computer-based fraud. This course will introduce you to computer related risks in the business environment and the technical and procedural methods necessary to investigate computer misuse. Who Should Attend Advanced Preparation: None Training Type: Group-Live Learning Level: Intermediate Field of Study: IT Audit CPEs: 39 Training weeks represent a saving of 10% over shorter courses (Usually Price: GBP 3,483+VAT* 3,870) *Delegates may be able to claim back VAT. Visit for more information. Course Materials Slides for all lecture and workshop sessions A compendium of recent articles and papers by the course directors Case studies Exhibits and examples to take with you and re-use A short training film on DVD The Anatomy of Fraud and Corruption by Richard Minogue Veronica Morino and Tomas Brytting (Ashgate Gower) Fraud and Corruption Prevention and Detection by Nigel Iyer and Martin Samociuk (Ashgate Gower) Financial, Operational IT and External Auditors Audit Managers Corporate Attorneys Information Security professionals. Information Security and IT Managers This not just a course for internal auditors. This is a course for any one who wants to find fraud Security Architects and Administrators Network Administrators Group Booking Discount** 2 delegates - 3 delegates - 4 delegates - 12% discount 5 delegates - 15% discount 5% discount **Available for delegates from one organisation attending the same course

3 Course Directors: Nigel Iyer Nigel has worked passionately for over 20 years for the prevention, detection and investigation of fraud and corruption. In recent years he has specialized in helping international and financial institutions develop strategies to ensure that Ethics and Integrity are fully integrated into the strategy from the top down. Together with Martin Samociuk and other colleagues, he has developed a unique fraud risk assessment methodology and also developed the Integrity Health Check, which detects the red flags of fraud and corruption and is used by many organizations to ensure ethical policies are on track. Nigel is the author/ co-author of four books: Fraud Resistance (2003), Fraud and Corruption Prevention and Detection, A Short Guide to Fraud Risk (2010), published in collaboration with the Chartered Institute of Management Accountants and the Management Novel The Tightrope (2011). Richard Minogue Richard is a financial management, internal audit and investigation expert with over 35 years experience. A former Head of Audit for a major telecommunications company and a forensic auditor who had led high profile investigations into money laundering, bribery, embezzlement and fraud. Edward Wilding Edward has investigated several hundred cases of computer fraud, sabotage and misuse in many jurisdictions. He has served as an expert witness for the prosecution and the defence in criminal cases, at employment tribunals, in civil litigation and at official hearings including the Hutton Inquiry. He has written two books: Computer Evidence: A Forensic Investigations Handbook (Sweet & Maxwell 1996) and Information Risk and Security Preventing and Investigating Workplace Computer Crime (Gower, 2006): Wilding has lectured worldwide on forensic methods and investigative techniques to law enforcement agencies, law firms, government bodies and IT security and audit professionals. He has trained incident response teams for a number of multinational companies, and has conducted security and risk reviews for a wide range of corporate clients. Noel Bonczoszek Noel is a highly experienced crime investigator and renowned lecturer on computer crime, public sector corruption, money laundering, fraud and counterfeiting. He has worked in various New Scotland Yard departments and at the Serious Fraud Office. Whilst in the Computer Crime Unit he investigated and prosecuted hackers, the writers of virus and malevolent code and computer fraudsters. He also broke new ground by utilising money laundering legislation in the prosecution of product counterfeiters. In 1989 he wrote Basic Computer Security Measures, which was a guide to IT crime prevention and has been incorporated in numerous subsequent publications worldwide. In 1998 he founded AmberTec a fraud and IT crime investigation and training company. A former Chairman of the BCS-ISSG and Chartered Information Technology Professional he is currently involved in computer forensic and major commercial fraud investigations on an international basis. Agenda Day One: Fraud and Corruption in Your Organization Who, What, Where, When and Why? Raising Awareness The Fraud Triangle Dealing with Rationalization Positive and Negative Incentives Case Exercise: Whistleblower Case Study : Are we ready for anonymous reports and whistleblowers? Can we follow our fraud response plan and what should it look like? How does the whistleblower report get logged? Who should take it? How should we respond? In this exercise we will tackle these questions by: Examine what often lies behind such a report Understand what kind of behavior is rewarded? Evaluate different strategies for dealing with anonymous reports and whistleblowers Discuss practical measures participants can put into practice in their own organisations The Decision to Investigate (Investigation Strategy Part I) Cultural and environmental factors affecting the investigation The World of the Whistleblower Fraud Response Plan Establishing Investigation Objectives Zero Tolerance or Tolerance? Case Study: Who is right? A star sales manager has a proven record for bringing in the business and everyone is full of praise in fact it might be said that he saved the company when he brought in a major project at a critical point. But it looks like he broke the rules doing it. Should he punished? Participants will discuss the best path, and learn how to perform a high level assessment of an organization s anti-fraud and corruption activity. Desktop Research The first step in addressing Red Flags Desktop research and remote investigation techniques Avoiding the long and winding road Finding and using open sources without leaving your desk Corroborating evidence The chain of evidence: Keeping a fr-audit trail External research experts versus doing it yourself Investigative Research visualization techniques Case Exercise: Playing Poirot. Participants will be given typical results from desktop research, pertaining to an investigation and be asked to assimilate and assemble the information in a way which both describes what could be taking place, as well as visualise the results. The agenda continues on the following page

4 Agenda (continued) Day Two: Day Three: The Fraud and Corruption Health Check Health Check? Are we sick? (maybe!) How to find red flags by looking for them Applying professional skepticism When not to ass u me? Trust versus blind trust Dealing with the findings Case Exercise: The signs are there, but do we see them? In this case participants are presented with suspicious documents and circumstances. The cloud of suspicion must be addressed, but how will we approach it? The Heart of Forensic Auditing Finding Frauds before they Find YOU! Why proactive is better than reactive Where to look Follow the money out Purchase to Pay Where to look Follow the money in Sales Processes and Receivables Where else to look In your organization (people, processes, accounts and assets) Case Exercise: Looking for and finding the red flags - Power up your laptops! Participants are divided into small groups Each group is given a transaction file. Can you analyze the patterns and find the suspicious transactions? Dealing with the Red Flags How would these be presented to Senior Management? What are the typical pitfalls of dealing with red flags and how to overcome them? Managing a Complex Investigation (Investigation Strategy part II) Investigation Strategy The line of discretion Sources of information Preserving Evidence Privacy and Legal Considerations Documentation Case Study: Planning the Investigation Management has given its authorization and budget (not unlimited!) for an investigation of the red flags that have come to light in recent weeks. You need to establish a strategy. Forensic Accounting and the Relationship to Fraud Detection The Maturity of Fraud Identification and Assessment Investigations and fraud detection are always more successful if the organisation and especially its top management can appreciate that fraud and corruption does happen, even in their own organisation. In this opening session on the last day we will take a look at how to understand and assess the risk of fraud and corruption before any investigation or fraud detection exercise has even taken place. We will cover: How to identify where fraud takes place by learning to think like a thief Estimate Likelihood and Vulnerability of each method of fraud Assess the Consequences of incidents Develop a risk ranked Fraud and Corruption Profile Group Work: Looking at the participants own organizations, we will perform brainstorming exercises designed to identify the principal risks of fraud and corruption which are present, and make a preliminary assessment of the economical, reputational, and cultural consequences of each identified risk. Specialist (Forensic) Investigation Techniques In this session we will outline: Computer Forensics (an overview): How evidence is secured, Analysis of hard-drives, s etc; How to document and deal with the findings Questioned Documents: What a forensic documents examiner does and how this can be used in an investigation Use of surveillance and out of hours office searches Static observation and recording Pretext Presentation of some of the things that can be done, and the importance of using qualified experts and expert witnesses Investigation Strategy Part III Preparing to cross the line of discretion Planning for a simultaneous action Preparation of briefing documentation The importance of a control function Interview Techniques Forms of Interview Seven Steps for difficult interviews Body Language and the Sub-conscious The Human Lie-detector Case Study: Interview Role Play Interviewers and respondents will have the opportunity to act out an interview based on the case we have been studying. It s harder than it looks! Wrapping up Questions, answers ideas for applying these skills in your organization Where does fraud manifest itself in the accounts? How to read between the lines Following the money through the accounts (examples) The work of a forensic accountant Visualizing the Results of the Investigation

5 Agenda (continued) Day One: How to investigate computer crime Outlining the legal basics Examining different types of computer threats Investigating the computer scene of crime procedures securing admissible evidence Handling and storing computer evidence Concluding the investigation securing systems, confrontation and other considerations Day Two: Computer Crime in the Workplace: A Practical Exercise Unravel a complex work-place cyber crime Engage in competitive, thought-provoking exercises Exercise new thought processes to solve computer crime Fight against unprecedented hazards and budgetary constraints Identify the suspects and carry out your endgame TAILORED AND PERSONALISED IN-HOUSE TRAINING Why Choose In-House Training? Savings - Running an in-house course in your offices will ensure you avoid the costs of travel and accommodation. Plus we charge per day not per delegate. You can train six or sixteen people for the same price! Convenience - We can arrange a course that fits your team s schedule. Any dates, any location, simply tell us what works best for you. Avoid the hassle of coordinating travel arrangements and accommodation for your staff Tailored training - We have over 150 existing training courses you can mould to fit your exact requirements or if you prefer we can just create a new agenda. You will have complete control over the course content Confidentiality - You can focus on potentially thorny issues that may be specific to your organization which are best resolved in private with the expert guidance of your course director Register online at: Save up to 50% with In-House Training Some Of The Companies We Have Worked With: IN TRAINING PwC International Labour Office Barclays Capital One Legal and General Deloitte European Court of Auditors Lukoil Credit Suisse AG Euroclear AIB U.S. Steel, Corp. Novartis National Commercial Bank Qatar National Bank Visit Call us on [email protected]