IT security specialist, Turnkey Consulting is advising SMEs on implementing robust internal controls to improve business practice and reduce the potential risk of employee fraud.
The move comes as research suggests that the risk of corporate wrongdoing rises in a tough economic climate. In August this year, fraud prevention service CIFAS revealed that the rate of dishonest employee actions had increased by more than two thirds (69.5 percent) between the latter half of 2008 and the first half of 2009.
Fraud is an issue for organisations regardless of their size. However, small to medium businesses often face the additional challenge of small departments creating conflicts in an employee’s responsibilities. For example, rather than one individual overseeing the ordering of goods and another being in charge of receiving and paying for them, the two tasks may fall to one person. This removes the Segregation of Duties (SoD) and creates risk for the organisation because it is an easy step for this person to process payments for goods they might have ordered for themselves.
Richard Hunt, managing director at Turnkey Consulting, comments: “Many SMEs will be aware of the risks resulting from conflicts of responsibility because they will be highlighted in their audit reports. However, given the challenges, it is tempting to just accept that the potential for employee fraud in such an environment is inevitable, or to take a view that ‘it won’t happen to us’. We want to change both these perceptions and help smaller organisations see that introducing better business practice can reduce the risks they face.”
Turnkey Consulting encourages SMEs to take the view that low staff numbers do not have to mean reduced internal controls. It recommends various simple measures that can be implemented that manage key SoD risks adequately without the need to increase staff numbers or reduce the operational responsiveness of employees.
Turnkey Consulting’s campaign comes as SAP and other vendors are putting an increasing focus on the specific IT security needs of the SME sector. As a result of this recognition, they have put forward tools within their Government, Risk and Compliance (GRC) software to manage SoD risks and emergency access in smaller organisations. Visit www.turnkeyconsulting.com for more information…
