Fuzzy Financial Fraud Risk Governance System in an Information Technology Environment

Abstract

The financial fraud risk assessment requires expertise concerning the audit methodology and the risk assessment of business processes. The assessment of financial fraud risks is a significant challenge for independent, external auditors chiefly when dealing with the audit in an information technology (IT) environment. A meta-analysis financial fraud risk governance model taking into account an IT environment and based on fuzzy inference system is proposed in this paper. The fuzzy set theory and fuzzy logic are employed to deal with actual business audits, which do not always concern dichotomic fraud risk conditions. The inputs of the proposed fuzzy financial fraud risk governance system concern meta-analysis input factors related to the fundamental domains of risk in IT audit comprising the (i) effective identity and access protocol, (ii) system development, (iii) control of business operations, and (iv) change in systems or applications. Results demonstrate that the proposed approach enables supporting the operational risk management to promote the operational efficiency by identifying, measuring, and disclosing events (risk conditions) both in terms of qualitative (stratification) and quantitative (score) analysis. The fuzzy IT financial fraud risk system is able to work as a first barrier to reflect the adequacy of the information technologies and systems used to avoid risk in the financial fraud governance.