Boutique Technology

 The fraudulent activities committed by employees was attributed to two aspects of the company’s operating environment, are “Plan and Organise” and “Monitor and Evaluate”. The CEO of the company Alan is indifferent to “red tape” policies, Thereby business objectives are not able to be control by incorporating IT and business management, leading to unexpected overheads for the lack of strategic IT plan. I found that the recruitment and selection of employees conducted without any formal procedures and only three employees are accountable for the accounting, finance and HR activities. Those are two facts of the insufficient of human resources management and risks assessment. I discovered that there are no monitor and evaluate internal control due to the limited resources derived by pursing of low product costs. In addition, extra working hours and lower-rate award rates raised pressure to employees. Therefore, people will explore more opportunities to commit fraud with increased pressure and decreased internal control.

To address those problems, I recommend that Alan to focusing more on the IT governance rather than the culture fostering. Specifically, subsidise funds on selecting and training qualified staff and establishing IT governance. To this extent, COBIT 4 is strongly recommended. Meanwhile, Diminishing overtime and appointing more staff to the internal control activities are effective.