Several factors have caused computer crime to be an issue of importance. Confusion exists as to its significance, definition, and magnitude. Various legislative proposals make computer-related crime an issue of some significance. In addition, the grow- ing dependence of corporations and Government on the use of computer technology and the growing pressure for the accounting and auditing professions to accept more responsibility for detecting fraud also make computer crime an important issue.
Computer technology is moving ahead at an ever-increasing pace, and the application of this technology to financial and general management systems is increasing in intensity and in sophistication. Therefore, it is very likely that schemes and methodologies for perpetrating and covering up fraud in automated systems will also change. From an accounting and auditing point of view, the ultimate objective is to devise a system of internal controls which will help prevent and detect computer-related fraud.
Even though Congress has not passed a computer crime statute, at least 11 States have, and others are considering such laws. These statutes are designed primarily to assist in the prosecution of criminal cases which involve the use of computers.
A GAO report identified several generalizations about computer crime. These included: (1) all types of systems were vulnerable; (2) fraudulent input was a high vulnerability area; (3) system users were computer criminals as well as computer-knowledgeable people; (4) basic management controls were most exploited; (5) perpetrators took advantage of system weaknesses; and (6) existing controls or procedures were not enforced by operating personnel.