In this section is a list of fundamentals for properly addressing fraud. I will check for these characteristics when I work with an organization for the first time, and I will continue to test for them when I revisit. You can call this a check of the control environment, you can refer to it as a fraud risk analysis . . . I simply refer to this process as determining whether the environment is favorable for defending against fraud.
This is my own list, developed over 20 years of experience with fraud investigations, but it does not represent law. It works for me because of my personality and the way I approach fraud detection & investigation. If you have attended one of my workshops, you know there is a multi-hour discussion around every item below, so this is just the beginning. I encourage you to use this as a launching pad for your own unique style and your own unique organization. I want you and your organization to be successful defending against fraud, so use your best judgment in applying these items to your own environment.