Which of the following is the BEST audit technique to identify fraudulent activity processing system?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
When it comes to identifying fraudulent activity in a processing system, there is no single audit technique that can guarantee success. However, some techniques are better suited to identifying fraudulent activities than others. Out of the options given, inspecting the flow and timing of authorizations recorded by the system (option A) is the BEST audit technique to identify fraudulent activity processing system.
Option A, inspecting the flow and timing of authorizations recorded by the system, involves reviewing the logs and records of all authorizations that have been granted and denied by the system. This technique can help auditors identify instances where unauthorized access has been granted or where access has been granted outside of the normal or expected flow of transactions. For example, an auditor might identify a situation where an employee has granted access to a colleague without proper authorization, or where a user has accessed a system at an unusual time or from an unusual location.
Option B, performing statistical analysis and classification of all transactions, involves reviewing all transactions processed by the system and looking for patterns or anomalies that may indicate fraudulent activity. While this technique can be useful in identifying certain types of fraudulent activity, it is generally less effective than option A because it requires a significant amount of time and resources to perform a comprehensive analysis of all transactions.
Option C, inspecting the source code of the application programs, is generally not an effective technique for identifying fraudulent activity. While there may be situations where fraud is being perpetrated through a coding vulnerability, these situations are relatively rare and can usually be identified through other means.
Option D, reviewing a sample of transactions for compliance with policies, can be useful in identifying policy violations or errors, but it is generally less effective than option A because it relies on identifying fraudulent activity through random sampling rather than through a systematic review of all authorizations.
In summary, option A, inspecting the flow and timing of authorizations recorded by the system, is the BEST audit technique to identify fraudulent activity in a processing system. However, auditors should also consider using other techniques, such as statistical analysis and reviewing a sample of transactions, in conjunction with option A to ensure that they are able to identify all instances of fraudulent activity.