Cultural advice

The Australian National University acknowledges, celebrates and pays our respects to the Ngunnawal and Ngambri people of the Canberra region and to all First Nations Australians on whose traditional lands we meet and work, and whose cultures are among the oldest continuing cultures in human history.

Aboriginal and Torres Strait Islander peoples are advised that ANU Library collections may include images, names, voices, and other representations of deceased persons.

Material in the collection may contain terms, language or views that reflect the period in which the item was created and may be considered inappropriate today.

Exploring Information Security Controls Using Information Fraud Episodes: Case Study Evidence from a Large Telecommunications Firm

Thumbnail Image

Date

2011

Authors

Goode, Sigi
Lacey, David

Journal Title

Journal ISSN

Volume Title

Publisher

AIS Electronic Library (AISeL)

Abstract

Fraud and security continue to be problems for firms. Fraud information is typically incomplete and deliberately obfuscated. These qualities make fraud events harder to detect using conventional security controls. This study uses a knowledge management framework to explore how different types of controls are used to detect and investigate information fraud. The analysis is based on the customer fraud database of a large Asia-Pacific telecommunications provider. Semi-structured interviews were also conducted with the firm's fraud unit. The study finds that IS controls, with high task programmability and outcome measurement, are used to detect the majority of fraud cases. However, more complex fraud cases use clan controls for detection. The paper also provides insight into the way in which combinations of controls are used to investigate cases. The study raises implications for both theory and practice.

Description

Keywords

Keywords: Information fraud; Information security controls; Information sharing; Knowledge management framework; Programmability; Security controls; Semi structured interviews; Telecommunications firms; Telecommunications providers; Theory and practice; Computer cr Control; Information fraud; Information sharing; Telecommunications

Citation

URI

http://hdl.handle.net/1885/37425

Collections

ANU Research Publications

Source

ECIS 2011 Proceedings

Type

Conference paper

Book Title

Entity type

Access Statement

License Rights

DOI

Restricted until

DSpace software copyright © 2002-2026 LYRASIS

abcd