Discussion Question 1: Answer the following questions: What techniques can be used to prevent unauthorized access to a company's information system resources? How can successful and unsuccessful attempts to compromise the company's systems controls be detected in a timely manner? What steps can management take to be prepared to effectively respond to security incidents?
Discussion Question 2: A teller at a savings and loan drive-through accepted a cash payment from customer #1 for an auto loan. The teller appeared to process the payment, but told the customer the printer was jammed and she can't print a receipt. The customer accepted the excuse and drove away. The teller pocketed the cash and wrote down customer #1's loan number and payment amount for future reconciling. A couple of days before customer #1's monthly statement were printed, the teller recorded a cash payment from customer #2 as if it were made by customer #1. The teller pocketed the difference between the two payments. The teller continued to steal and misapply customer payments for the next two years without detection. Identify the type of fraud scheme described. Describe five controls you would implement to address the fraud risk, and label each control as preventive or detective.