We'll define query report as "The report that describes how your search terms are interpreted by the search engine, and reports the number of documents retrieved with matching terms." Therefore, you need to establish what you're looking for upfront, code that into a data analysis engine, and have the system produce a report matching your original needs.
In the March/April column, we focused on performing data-mining tests that simply "play" with data to determine the existence of any inherent fraud issues. That column, therefore, turned a blind eye to data analysis reports that are based on hypothesis or predictions of what could be wrong within the data being analyzed. In this installment, we'll return to what is arguably the first step in most fraud investigations using data analysis: the query report.
We'll define query report as "The report that describes how your search terms are interpreted by the search engine, and reports the number of documents retrieved with matching terms." Therefore, you need to establish what you're looking for upfront, code that into a data analysis engine, and have the system produce a report matching your original needs. Fraud examiners and auditors alike frequently ask me, "What reports should I run in the area of....(fill in blank here)?" or "What are your best reports to find (fill in blank here) fraud using a computer?" Here's my process to finding the best query reports to detect fraud:
- Assess risk and determine the area for queries.
- Think of the common controls and then the circumvention.
- Benchmark to what others are doing.
- Score to reduce false positives.