CFFE Fraud Risk Management notes

CFFE- Fraud Risk Management NOTES

1. Introduction To Risk Management
1.1 Definitions of risk
1.2 Definition of fraud risk
1.3 Types of fraud risks
1.4 Definition of risk management
1.5 Principles and aims of risk management
1.6 Current state of risk management
1.7 Risk management frameworks
1.8 Risk management process
1.9 Fraud risk management- convergence of enterprise risk management and internal control

2. Risk Governance/Responsibility
2.1 The Board of Directors
2.2 Board Audit and risk committee
2.3 Management
2.4 Risk and compliance functions
2.5 Internal audit
2.6 Legal department
2.7 Human resources
2.8 Information Technology
2.9 Investigation function
2.10 Employees
2.11 External Auditors
2.12 Regulatory Agencies
2.13 Anti-Corruption Agencies
2.14 Fraud Risk management team

3. Fraud Risk Management
3.1 Definition of fraud risk management
3.2 The objectives of a fraud risk management program
3.3 Fraud risk management principles
3.4 Steps in developing a fraud risk management program – risk appetite, investment of anti-fraud controls, prevention of material fraud
3.5 Fraud risk management program components
3.6 Fraud risk policy components
3.7 Risk Management Frameworks – Integrating Anti-fraud initiatives into risk management
3.8 ISO 31000 2018
3.9 Use of data in managing fraud risks

4. Fraud Risk Assessment

4.1 Definition of fraud risk assessment
4.2 Inherent and residual fraud risks
4.3 Factors that influence fraud risk
4.4 Objective of a fraud risk assessment
4.5 Why conduct a fraud risk assessment
4.6 Effective fraud risk assessment
4.7 Preventive and detective fraud controls
4.8 Fraud risk assessment frameworks
4.9 Tool for doing risk assessment – Risk register

5. Fraud Risk Management Process
5.1 Risk identification- Identification of pertinent fraud schemes
5.2 Risk analysis – Establish weight of each identified fraud scheme
5.3 Risk Evaluation – Review effectiveness of existing controls
5.4 Risk treatment/Mitigation – Responding to residual fraud risks
5.5 Monitoring and Communication – Reporting and monitoring key risks
5.6 Designing a Fraud risk management plan/report

6. Fraud Risk Register
6.1 Definition of a risk register
6.2 Designing a fraud risk register
6.3 Using a fraud risk register to manage risks
6.4 Designing a Key fraud risk register

7. Case Study – Fraud Risk Management
Based on the case study
• Identify various fraud risks
• Analyze the identified fraud schemes using a risk matrix (Likelihood and Impact)
• Identify the existing detective and preventive controls
• Evaluate the effectiveness of the preventive and detective controls
• Evaluate the level of the risks
• Identify various responses for identified fraud risks
• Develop fraud risk frameworks (1&2)


Written by 

Leave a Reply

Your email address will not be published. Required fields are marked *