Skip to content

FRAUD PREVENTION CHECK-UP

This questionnaire was adapted from the ACFE Fraud Prevention Check-up

This Fraud Prevention Check-Up is a simple but potent evaluation of your Company's fraud resilience. It assesses fraud prevention procedures to assist you in detecting significant deficiencies and resolving them in a timely manner.

You are advised to answer the questions using the guide below
  • The number of points available is given at the bottom of each question.
  • You can award zero points if your organization has not implemented the recommended processes for that area.
  • You can give the maximum number of points if you have implemented those processes and have had them tested in the past year and found them to be operating effectively.
  • Award no more than half the available points if the recommended process is in place but has not been tested in the past year.
1.
To what extent has the organization established a process for oversight of fraud risks by the board of directors or others charged with governance (e.g., an audit committee)?
0
2
4
6
8
10
12
14
16
18
20
2.
To what extent has the organization created “ownership” of fraud risks by identifying a member of senior management as having responsibility for managing all fraud risks within the organization and by explicitly communicating to business unit managers that they are responsible for managing fraud risks within their area?
0
1
2
3
4
5
6
7
8
9
10
3.
To what extent has the organization implemented an ongoing process for regular identification of the significant fraud risks to which it is exposed?
0
1
2
3
4
5
6
7
8
9
10
4.
To what extent has the organization identified and had approved by the board of directors its tolerance for different types of fraud risks?
"For example, some fraud risks may constitute a tolerable cost of doing business, while others may pose a catastrophic risk of financial or reputational damage".
0
1
2
3
4
5
6
7
8
9
10
5.
To what extent has the organization identified and had approved by the board of directors a policy on how it will manage its fraud risks?
"Such a policy should identify the risk owner responsible for managing fraud risks, what risks will be rejected (e.g., by declining certain business opportunities)."
0
1
2
3
4
5
6
7
8
9
10
6.
To what extent has the organization implemented measures to eliminate or reduce through process reengineering each of the significant fraud risks identified in its risk assessment?
"Basic controls include segregation of duties relating to authorization, custody of assets and recording or reporting of transactions."
0
1
2
3
4
5
6
7
8
9
10
7.
To what extent has the organization implemented measures at the process level designed to prevent, deter and detect each of the significant fraud risks identified in its risk assessment?
"For example, the risk of sales representatives falsifying sales to earn sales commissions can be reduced through effective monitoring by their sales manager, with approval required for sales above a certain threshold."
0
1
2
3
4
5
6
7
8
9
10
8.
To what extent has the organization implemented a process to promote ethical behavior, deter wrongdoing and facilitate two-way communication on difficult issues?
0
1
2
3
4
5
6
7
8
9
10
9.
To what extent has the organization established a process to detect, investigate and resolve potentially significant fraud?
"Such a process should typically include proactive fraud detection tests that are specifically designed to detect the potentially significant frauds identified in the organization’s fraud risk assessment."
0
1
2
3
4
5
6
7
8
9
10