Abstract
R ecognizing a fraud, especially a computer fraud, is not something that most IT auditors have been trained to do. And IT auditors cannot expect the participants in a client selfassessment activity to voluntarily disclose fraud. Moreover, there is no readily availa le, so-called shrink-wrapped product or dedicated World Wide Web site whose use will ena le IT auditors to effortlessly recognize a fraud. Significant effort is required to discover a fraud and to properly investigate it.