The following is the link for the Institute of Internal Auditors proposed draft paper discussing managing the risk of business fraud.  The paper is a good idea.  I suggest that the paper be more specific about the risk of fraud, and what should be done to prevent material fraud at acceptable cost to the company.   http://www.theiia.org/recent-iia-news/?i=4449

See my post on 11.19.07 regarding the new Grant Thornton survey stating that two-thirds of CFOs surveyed claim that they could intentionally misstate their financial statements without detection by their auditors.  In other words, the CFOs claimed that they could commit fraud.  To the extent that I can determine, the survey did not request the CFOs to then identify in detail the primary ways in which they would intentionally misstate their financial statements if they decided to do so.  It is a shame that the survey did not ask that question.  The answer might have been helpful to audit committees, internal auditors and outside auditors.  I say, there are too many general discussions, and not enough specifics about what people wearing various different hats are supposed to do about the possible problems.

* * * *