Last month I came across a report on Occupational Fraud & Abuse and was intrigued by its contents. It separates fraud into categories and details specific examples of how fraud is committed.

http://www.acfe.com/documents/2006-rttn.pdf

The report was published by ACFE, provider of the Certified Fraud Examiner designation. A little research revealed the four areas covered by the CFE exam: criminology & ethics, financial transactions, fraud investigation and legal elements of fraud.

Next, I tried to determine the value of joining ACFE. They have 36,000 members and 112 chapters. I mentioned the CFE to my supervisor and he obtained a copy of the ACFE Fraud magazine. It is well- written, similar to the quality of the ISACA Control Journal. Like the fraud report, it provided detailed descriptions of fraud threats and countermeasures.

I came to the conclusion that medium to large organizations should have at least one CFE and INFOSEC professionals should consider pursuing the CFE to hone their skillsets.

Gideon T. Rasmussen
CISSP, CISA, CISM, IAM
Charlotte, NC
http://www.gideonrasmussen.com/contact.html

http://www.ussecurityawareness.org
http://groups.yahoo.com/group/insider-threat

Posted: Sat Jul 22, 2006 1:02 am

Copyright © 2002 - 2007 Gideon T. Rasmussen All Rights Reserved.
Legal Notices