List and describe the principles for establishing an environment to effectively manage fraud risk

What will be an ideal response?

Answer:
Principle 1: Fraud Risk Governance. As part of an organization's governance structure, a fraud risk management program should be in place, including a written policy (or policies) to convey the expectations of the board of directors and senior management regarding managing fraud risk.

Principle 2: Fraud Risk Assessment. Fraud risk exposure should be assessed periodically by the organization to identify specific potential schemes and events that the organization needs to mitigate.

Principle 3: Fraud Prevention. Prevention techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.

Principle 4: Fraud Detection. Detection techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.

Principle 5: Fraud Investigation and Corrective Action. A reporting process should be in place to solicit input on potential fraud, and a coordinated approach to investigation and corrective action should be used to help ensure potential fraud is addressed appropriately and timely (Managing the Business Risk of Fraud: A Practical Guide, 2009 Ibid).