IN TODAY’S HIGH-TECH ENVIRONMENT, the search for evidence of fraud inevitably leads to the use of computer-assisted audit tools and techniques (CAATs). These tools and techniques facilitate information retrieval and analysis using automated procedures. Such programs can organize, combine, extract, and analyze information in a variety of forms and from a variety of sources in such a manner as would be acceptable to a court of law.
Before selecting the appropriate tool for the investigation in hand, the fraud examiner must decide what evidence is sought and where, in the course of this particular investigation, such evidence will be found. Should the information be available in documentation, the standard investigative techniques for examining such documentation and evaluation of the contents would come into play. Should the information exist in the knowledge of an individual, interviewing and interrogation may be the appropriate techniques. When the evidence regarding the effectiveness of the controls in preventing or detecting fraud, or evidence regarding the fraud itself exist within computer systems, the evaluator or investigator must decide where the evidence resides and what the appropriate technique would be to obtain and evaluate such evidence.
Source Code Review
The source code review involves the examination of program source code as it ...