One way to think about risk management is as a set of procedures designed to mitigate risks identified in a threat assessment. In this view, the risk management program contains a set of rules that can be taught to the right people who can implement the procedures to reduce or eliminate risk.
Humans are good at inventing routines to make repetitive tasks easier or faster to complete. In the beginning, we spend a lot of time and energy working out how the parts of the puzzle fit together, what causes what, what can go wrong, and how to achieve the goal most efficiently, in this case, to mitigate risk.
Once the routine is designed properly, we test it. If it works, we implement it and then begin the second phase of embedding the routine into a body of standard procedures.
… Continue reading
Most crimes of occupational fraud are motivated, at least in part, by some kind of financial pressure. And while committing a fraud, the perpetrator will frequently display certain behavioral traits associated with the stress or fear of being caught.
These “red flags” are behavioral and system-based clues that can be picked up by attentive managers, colleagues, internal auditors, or subordinates. In turn, these clues can put an organization “on notice” that a trusted individual may be engaging in some form of improper or fraudulent conduct.
The Association of Certified Fraud Examiners (ACFE) in its 2012 Report to the Nations pinpointed the most common behavioral red flags associated with occupational fraud. The ACFE examined the frequency with which certain behavioral red flags were identified during a fraudulent scheme. … Continue reading