There are five types of fraud schemes in systems development cycles (refer to Figure 12.6)? Identify an example of each type.

FIGURE 12.6: 

Transcribed Image Text:

Phase Scenario Oversights Requirements Definition Phase 195 illegitimate drivers' licenses are created and sold by a police communications officer who accidentally discovers she can create them. Lack of authentication and role-based access control requirements Lack of segregation of duties System Design A special function to expedite handling of cases allows two caseworkers to pocket $32,000 in kickbacks. Insufficient attention to security details in automated workflow processes Phase An employee realizes there is no computerized control in his firm's system, so he entered and profited from $20 million in Lack of consideration for security vulnerabilities posed by authorized system access fake health insurance claims. An 18-year-old former web developer System Implementation Lack of code reviews uses backdoors he inserted into his code to access his former firm's network, spam its customers, alter its applications, and ultimately put the firm out of business. Phase System Deployment A computer technician uses his unrestricted access to customers' systems to plant a virus on their networks that brings the customers' systems to a halt. Lack of enforcement of Phase documentation practices and backup procedures A software engineer did not document or back up his source code intentionally and then deleted the only copy of the source code once the system was in production. Unrestricted access to all customers' systems System Maintenance Phase A foreign currency trader covers up losses of $691 million over a 5-year period by making Lack of code reviews End-user access to source unauthorized changes to the source code. code A logic bomb sits undetected for 6 months before finally performing a mass deletion of Ineffective backup processes data of a telecommunications firm.