apr may pgs final pg by pg 10th

8/6/2019 apr may pgs final pg by pg 10th

1/20

d u a r F c i n o r t

c e

l

E


2/20

2

Dear Members

The present financial conditions that are prevailing worldwide throw out quitechallenging thoughts that emphasize the need for a healthy assurance role toevolve in the organization.

The theme for this issue is focused on 'frauds'. This brings to mind some thoughts:Do frauds happen only because of weak systems? or weak controls ? or weak auditprocesses ? or is there an underlying thread that interleaves all these three aspects.Or is human behavioural science also a contributory agent? Generally when fraudsare committed, they are either attributed to one of the above mentionedweaknesses.

In this issue we endeavour to highlight the need for 'ethics' and the relationship toaudit.. and how being a CISA can contribute towards establishing a more ethicallyassured environment.

The auditor's role necessarily goes beyond the assurance that the organizationseeks. Success in the challenging times Assurance beyond Audit' is also thetheme of the Annual Conference that the Chapter is organizing in September. Iearnestly solicit your support and whole hearted participation to make it a grandsuccess.

It has been the endeavor of the Mumbai Chapter to provide Chapter meetings,programs, events and workshops to members at different venues apart from thechapter premises. We successfully conducted review classes and crash course foraspiring students for our professional examinations. The Chapter is planning a host

of workshops & seminars as part of the Continuing Education facility for themembers. It has been our endeavor to bring quality speakers & sessions so that themembers can take maximum benefit.

At the beginning of the year we had embarked on quite ambitious plans toprovide quality education to our members, to reach out to our members by havingprograms in the suburbs, etc.

We have been able to achieve success in good measure thanks to the cooperationand enthusiasm of members, the efforts of the volunteers and of Team ISACAMumbai chapter.

We continue to actively seek the cooperation of all our members to assist us both

in terms of being faculty at our training sessions; speakers at our seminars &chapter meetings, and more importantly volunteer to assist the chapter to serve thecommunity better. Signing off for this issue once again wishing you all the best.

Regards

Ravikiran Mankikar

President


3/20

3

Esteemed members of the ISACA Mumbai Chapter,

Your newsletter continues to cover extremely important and timely topics, and this issue, whichfocuses on fraud, is no exception. Nearly all business sectors and geographic areas have beenaffected at some level by incidents of fraudulent behavior, and with the current economicclimate, there are no signs of this abating soon.

The current challenging economy has often led to reductions in workforces. At the same time,employees and management are experiencing increased pressure to compete and succeed in aquickly changing marketplace. This pressure has often been the catalyst for individuals toengage in these fraudulent acts.

Many reports over the years have shown that employees are often the leading perpetrators of fraud. Whether they believe they will soon lose their job, are unhappy because of the extra work created after layoffs or are disgruntled for other reasons, it is more important than ever for allorganizations to increase monitoring and awareness programs. An enterprise employing fewer

staff members who are being asked to do more, may also inadvertently reduce the focus oncontrols, thereby again increasing opportunity for fraud.

External hacking and security threats also continue to impact the reputation and bottom line of enterprises around the world. IT security and governance activities that once were adequate inprotecting organizations' information may no longer be sufficient. We must learn to manage inan era of uncertainty and be prepared for continuous change.

As always, ISACA and the IT Governance Institute are important resources for expert guidanceon reducing fraud, including through its globally recognized guidance in COBIT, Val IT andCOBIT for Risk. The ISACA Journal publishes in-depth articles on the subject, the ISACABookstore carries several excellent titles, and fraud detection and prevention are frequent topicsof presentations at many of ISACA's conferences and educational events. As members of ISACA, you receive this extensive expertise at a valuable discount, and even sometimes ascomplimentary downloads from the www.isaca.org and www.itgi.org web sites.

By working together to share our experiences and recommendations, we can make great stridestoward continuously improved protection for our enterprises and our information.

Respectfully,

Marios Damianides, CISA, DISM, CA, CPA

Past International President, ISACA and the IT Governance InstituteandPartner, Technology and Security Risk Services (TSRS) groupErnst & Young, New York, New York, USA


4/20

C/o Welingkar Institute of Management Development & Research

Room No. 317, 3rd Flr.,Lakhamsi Napoo Rd.,

Opp. Matunga Gymkhana, Matunga C.R.,Mumbai - 400 019

Telephone: 91-22-65527187Website: www.isacamumbai.org

Email: [email protected],[email protected]

Managing Committee

Editorial CommitteeDr. Vishnu Kanhere - Editor in chief Ms. Jayshree Dhere Mr Ravikiran Mankikar

Dear Readers,

I have great pleasure in placing the special issue of

ISACA Mumbai Chapter newsletter in your hands onbehalf of the editorial board. The current issue focuses on'Frauds'. The world is passing through turbulent times. Wein India and our profession of information system securityand audit are no exception to it.

The global meltdown, severe economic downturn,financial crisis, rising unemployment, - all these have madegrowth and survival difficult. It is in such testing times that

corporates and leaders succumb to temptation and the easy path / way out of window dressing, creative accounting and outright fraud.

The Satyam saga has unfolded and stage one is now over. It is a long haul for allconcerned: the regulatory authorities, the corporates, professionals, stakeholders,

investigating agencies and the judiciary. It is time to look at our framework bothlegislative and regulatory, the ethical and moral fabric, the systems and the playersto discover what went wrong, and set the system right.

The current issue has an interesting article that looks at ethics and the CISA. It alsobrings into focus the moral and ethical dimension of fraud and the role of professionals from the moral and ethical viewpoint. In this context, the appeal todeal with this difficult aspect is very significant and needs to be addressed seriously.

Aberrant behavior, and that includes frauds, are here to stay and cannot becompletely eliminated in any society or system. What is needed is better, moreeffective ways of curbing it and keeping it in check. The 150 year sentence handedout to Bernard L. Madoff who perpetrated one of the most blatant Ponzi SchemeFrauds in the US, shows that Frauds are being dealt with very seriously.

This can be achieved through a proactive way of creating awareness, putting inplace an ethical framework, red flag indicators, preventive, detective, deterrent andcorrective controls, effective regulation, and enforcement and continual proactivemonitoring and maintenance of an anti-fraud framework based on effective whistle-blowing and helplines.

The issue continues with the usual features like readers write, from the ISACAfamily and meet the member.

The IS auditing profession is growing by leaps and bounds and we need to keeppace with the changing times to meet people's expectations.

This can be achieved through capacity building, providing proactive value addedservices beyond routine audit and venturing beyond compliance.

Echoing the appeal of our President, I reiterate my request for greater participationin chapter activities in general and in contributing to the journal by way of news,views and your articles and contributions, in particular.

Happy Reading!

Dr. Vishnu KanhereEditor in Chief


5/20

Can you tell me Socrates can Virtue be taught? Or if not, does it come by Practice? Or does it come neither by practicenor by Teaching? but do people get it by Nature or some other way? - The Great Dialogues of Plato

Introduction Ethics for a particular calling or profession is possible, but forthe whole of mankind it is not . While Ethics may be built into1. If one were to replace the word Virtue by the word Moralitymans existence, it need not be the same and perceptions of or by the word Ethics one would discover that the dilemmawhat is ethical and what is not would differ.posed to Plato is as relevant today if not more so, as it was in

the days of The Academy, as far back as 386 BC. Until fairly 6. Ethics studies mans behaviour within a framework of recently, Ethics was a topic of study for students of philosophy, common moral rules, that have been mutually agreed to.but since the last decade or so there has been an increase of Ethics is created by man with a broad religious and moralinterest in the subject, one of the many reasons for this, is the foundation for the purpose of facilitating co- existence. One ismedia exposure for all actions considered 'Unethical' which ethical when one obeys rules and laws agreed to by Societywould have earlier gone unnoticed. the laws and guidelines for Social behaviour, one is ethical

when ones behaviour is based on moral principles. Basically,2. The Satyam scandal has once again highlighted the need for being ethical means to be Dependable, Consistent, Truthful andEthical Standards Moral and Values. The Role / functioning

Socially Acceptable.of the Audit Community / profession has come, under thescanner.! Most Professions have a written or unwritten Code Development of Ethical Behaviour.of Conduct / Ethics like the Medical Profession has the 7. Ethical norms can be taught through Parental Guidance early inHIPPOCRATES OATH. It is unfortunate but true that the life. Aristotle taught that moral Virtue is acquired by Practice.use and reliance on IT in the profession has made it relatively The root of the word Ethics - Ethike means habit. Knowledgeeasy to be unethical and at the same time made the detection of values and attribute is not enough. A person must live themof unethical behaviour more difficult. It is therefore for the (practice them) until they become habit. The habits of a man areconsideration whether the IT fraternity needs to introspect and reflected in his behaviour, a behaviour often repeated becomes asee if there is a need for more emphasis of ethical values and style and style over a period becomes Character. Onethat of a formalized / stated Code of conduct. interpretation of character is doing the right thing when nobodys

3. On my part I have been associated with / studied this subject looking. Character is formed by habit.due to my association with the Moral Re-armament 8. Historically the strength of character of a person has been theAssociation (MRA) at Panchgani which concerns itself with

indicator of his potential for leadership. President RooseveltIssues Ethical be they Corporate or Governance. I therefore observed that Character in the long run, is the decisive factor infelt that it would be desirable to share views on this subject so the life of an individual and nations alike. According to Gen.that we can see the subject in the right perspective and judge Ridgeway Character stands for Self discipline, Loyalty, Readinessthe actions of others and our own rationally, and more to accept responsibility, and willingness to admit mistakes. It standsimportantly to understand what abets people to act for Selflessness, Modesty, Humility, and Willingness to sacrifice'unethically. It shall be my endeavour to highlight 'Ethics' in when necessary and in my opinion the ability to Care.the Indian context.

9. There is a point of view that needs to be highlighted that, EthicalWhat is Ethics? conduct should only be expected only after the basic Maslowian4. Ethics is derived from the Greek word 'Ethos'. Morals is derived Needs have been met. Hence ethical behaviour is pre-conditioned

from the Latin word 'Mores' both these are derived from the word by the fact that the Basic needs have been met and a person is notCulture. Ethics therefore is Moral philosophy which is forced to be corrupt (un-ethical) to maintain a minimum acceptableconcerned with what is good or bad and right or wrong. Since it is level of subsistence (life) for himself and his family. The Societyderived from culture it is important to know what Culture means. which expects its members to behave ethically has theCulture can be defined as the Concepts of Beliefs, Values, responsibility to ensure that their basic needs are met. There areCustoms and Rituals or a set of psychological pre-dispositions i.e however instances when persons rise above the mundane andbasic assumptions or ethos that members of a group possess and prove the Maslowian Theory of motivation wrong.which leads them to think and act in certain ways. Beliefs, values Ethics and Religionand attitude are intimately connected with moral and ethical codes.

10. Ethics is seldom if ever divorced from Values, which areThey are not visible, but apparent, as they are ingrainedinvariably rooted in some form of religion. All Religions have aunconscious behaviour.Perennial Philosophy and their ethical corollaries, all in some

5. Ethics deals with truth (good / bad right / wrong) and as all form or the other state that 'Virtue is not the end but thetruth is Relative and since all human behaviour is either indispensable means to the knowledge of Divine Reality. YouCulture Specific or Situation Specific, perceptions of what is can be virtuous (ethical) but not religious (spiritual), but youEthical and what is not would differ, Bertrand Russel said All cannot be religious without being virtuous. Shankara, theEthics however defined remains more or less subjective based greatest of the Indian commentators on the Gita, holds the sameon how it is interpreted. Hence to have a Universal Code of doctrine Right action is the way to knowledge; for it purifies

5


6/20

the mind. A more practical example is Buddhas Eight fold human nature in the way ambition and duty are distorted underpath called Right livelihood, which stresses on following the pressure. The border between Right and Wrong shifts in'Middle Path'. The Gita regards no action as of absolute value, convenient directions or is even ignored. A Study of caseseither for good or evil and emphasises Moderation. An absolute involving unethical behaviour brings out the main motivators

virtue is no different from a Vice. The Gita warns us not to judge for unethical behaviour are :-others. It states that all good and evil is relative to the (a) A Belief that the Activity is in the best interest of theindividual's point of growth, for each individual certain acts are Organisation / Family.wrong. Whether an act is ethical or unethical is relative to / (b) A Belief that the Activity is within legal limits that it isdependent upon the motive with which the act is performed, and really not illegal or immoral.unless the motive of an action is known, it is difficult to (c) A Belief that because the Activity helps the Organisation,determine whether the act is ethical or not, and since ethical the organization will condone it.behaviour is nothing but the response of an individual to a given (d) A Belief that the activity is 'Safe' because it would neversituation or reality it is by definition relative. be found out.

Impact of the Indian Socio Economic Environment. 16. The dilemma is How Far is Too Far. Seniors will seldom11. As has been stated earlier Ethics is culture specific. To be able ask their Juniors to do things that both know to be imprudent,

to understand Indian Ethics i.e. the Indian Psyche and the 'why but sometimes they leave things unsaid or convey theand how' of Indian behaviour a brief examination of the Indian impression that the job needs to be done how they do it, isSocio Economic environment is relevant. their business and they do not want to know about it- which

means that they are distancing themselves from any unethical12. In the Gita we find that the Caste System is presented as a behaviour. Therefore how does one avoid crossing a line thatkind of natural order. Men are divided into four groups,is seldom precise? Unfortunately most know that they haveaccording to their capacities and characteristics. Each groupoverstepped it only when they have gone too far. The mosthas its peculiar duties, ethics and responsibilities, and thesereliable guideline is an old principle WHEN IN DOUBT -must be accepted. It is the way of spiritual growth. A manDONT. Therefore the answer to the question HOW FAR ISmust go forward from where he stands. He cannot jump to theTOO FAR is DON'T TRY TO FIND OUTAbsolute. He must move toward it. Though the Caste system

is being progressively diluted, it will, for sometime to come The need for Formalised Training Capsules.impact on Indian Culture. 17. Despite the continual discussion of Ethics the subject is a

13. Indian Society has always had a Feudal character. The role of challenging one to address. It is difficult to teach ethicala king, a Guru, the village Head or Family Head has always behaviour, but it is possible to introduce situations about which onehad a strong influence on the society / family. The Feudal might contemplate the most ethical response. This could be done,hangover is reflected in how even today, Families tend to as being done, by introduction of Training Capsules / Seminars,dominate the Political, Economic or cultural life of present day which highlight the need for ethical conduct. It is organizationsIndia. Indians need a leader to follow in mostly all facets of

such as Isaca that should sponsor / conduct such Training.life, there is near blind obedience of orders. Next, India has Conclusion.always been a region wherein diversity of beliefs, faith and

18. I can think of no better way of concluding this article but by quotingideologies have poured in from all over the world and have allMr JRD Tata in his Inaugural Speech at the Tata Foundation forbeen absorbed. The social fabric is one of multiplicity andBusiness Ethics in XLRI, There is indeed a need to rekindle olddiversity. In fact many informed analyst had predicted theprinciples and ethical values which, also have too often been ignoreddisintegration of India. If we are still unified it can beor neglected in recent years in the belief that quicker profits andprimarily attributed to our capacity for tolerance. Wegreater accumulation of wealth will be the result. As an importantapparently appear to be compromising.player in Corporate affairs, any steps taken by Isaca would directly

14. The Indian Economy has largely been based on Agriculture and the impact on all Organisations and therefore the need for Isaca as adesign of living and social structure has been centered around the Body and its Members as Individuals to make a deliberate andimperatives of agriculture. In an agrarian life style people know to concerted effort to address this very vital issue.live together and work independently. They tend to emphasise onFamily values rather than Workplace Values.

15. Family ties tend to be extended and are strong - Family / Caste obligations are demanding and tend to override otherconsiderations when it comes to decision making. Unlike thewestern ethos wherein most relationships have a significantcontractual element, in India relationships are heavily tiltedtowards an affiliate nature. Rudyard Kipling once said AWesterner can be friendly without being intimate while anEasterner tends to be intimate without being friendly. TheIndian Ethics therefore tends to be quite comfortable inaccepting many shades of Grey between White and Black.

Reasons for Unethical Behaviour.16. How and why does a normally honest and intelligent

professional act unethically? The answer (reason) is found in

6

Lt Gen (Retd) Mahesh Vij, PVSM, AVSM has had adistinguished Military Career spanning over 40 years withrich experience. He retired as the Military Secretary of theIndian Army and has been decorated with the ParamVishisht Seva Medal, the highest award for distinguishedservice. During his career he has held several distinguishedappointments to include being a Corps Commander andChairman, Joint Operations Group for the North EasternStates and the Director General of Military Training. Hehas also been a Faculty at the Army War College and theDefence Services Staff College.

He has a Doctorate in Defence Management. Presently he is Director of theArmy Institute of Technology. He has a vast foreign exposure and is an expertin Disaster Management.


7/20

7

VK : Good morning Mr. Gajendra Sampat. As a senior CISA you havebeen associated with ISACA and the Mumbai Chapter for a long time. Wevalue your views very much and wish to hear from you first hand your experience of being a part of the ISACA system audit community.GS : My exposure to Systems Audit concepts got formalized when Iattended ISACA annual convention in 1999. All along, I was associatedwith application systems development / maintenance and operations onIBM Mainframe & SAP ERP environments in L & T. In those roles, I hadthe privilege of being an auditee by our Systems auditor Mr AnantahSayana one of our legends. Inspired by him, I passed CISA exam in 2000.CISA study & exam preparation enhanced my macro level perspectiveabout IT - as viewed by management. This helped me in applying certainconcepts in my on going assignments.

Ever since, it has been a very fascinating experience to be a part of ISACA Need for statutory compliance / audit is bound to make business entitiesSystems Audit community. Continuous on going exposure to Systems more & more concerned about internal audits. Role of IS auditors may seeaudit concepts - in the diverse components of any system - along with an enlargement to also be a catalyst for improved effectiveness &practical experiences shared by various faculties has provided me with a efficiency of business processes.great learning experience. I have also derived considerable value throughProfessionals in consulting areas having good enterprise level &in depth exposure to concepts like COBIT 4.1, IT service management,marketing skills may expand their activities to other countries. I won't beVal IT & GRC. surprised if some Indian multinational features amongst big names in

VK : Given the current Global Meltdown, what is the current scenario for global consulting companies in the years to come.system audit and security professionals and what role do you think they

VK : We would also like to have a frank response about how the chapter iscan play?doing and what you expect from us. What would you like us to be doing?GS : Information Systems are the lifelines for functioning of any business.GS : Recognition by ISACA as 'the best chapter' for two consecutive yearsIn many cases, IS becomes the enabler for growth. So, irrespective of speaks for the diverse activities our chapter is effectively carrying out.global meltdown, effective and efficient functioning of InformationYear after year, new leadership emerges with innovative ideas andSystem assumes greater importance in this global competitive businessenthusiasm. It may be good idea to constitute certain cross functional task scenario. Current global meltdown & Satyam like episode have enhancedforce/s to address specific objective/s in a given business vertical.the need for improved corporate / IT governance and for the companies to

be more transparent. This provides a greater opportunities and challenges VK : Finally, can you tell us something about yourself, your family, your to the IS audit community world over.interests, hobbies and pursuits and the way you spend your leisure time?

Systems audit & security professionals can play an important role throughGS : Academically, I am a Mechanical Engineer from VJTI but havegenerating awareness in corporate management about operational risks of switched over to IT and worked with L & T for over three decades. I alsoInformation systems and demonstrating tangible results within thecompleted part time Dip in Systems Management. As stated above, Istipulated timeframe. Such reviews by system auditors and securitypassed my CISA exam in 2000. I also passed Foundation examination inprofessionals can provide confidence to investors and stake holders. ThisIT Service Management in early 2007. At L & T, I participated in variouscan, in turn, help in enhanced credibility of the systems audit function.skills & behavioral training programs both as student & as faculty.

VK : What areas are you involved in at present? What are your Our family is very small. My wife Gita was earlier working with IBM / specializations? Where do you see our profession 10 years from now? IDM. We are blessed with a daughter Dipali who is a CA and she is

married to Brijesh - MBA Finance professional.GS : After the prolonged experience of working with L & T group indiverse areas like discrete manufacturing, materials management, sales, Right from my college days, my interest is in listening spiritual discoursesaccounts etc. on varieties of technology platforms and also on SAP ERP, I

mainly about Bhagwat Gita. I consider myself fortunate to have listenedam now involved more in professional experience sharing with CA to Pujya Pandurangshastri Athavale for over four decades. I strongly feelstudents / other professionals on a non commercial basis. I also enjoy that everyone must have some source of getting good spiritual thoughtssharing TQM related approaches in manufacturing environment with related to governance of life as narrated by almighty god.some of my friends having factory setup. Besides sports like indoor games, cricket / tennis & music, I enjoy touringI, however, have an understanding with a local consultant to take up places in which I generally combine pleasure with pilgrim. In 2008, I

assignment on a selective basis. My primary focus areas are IT visited Dubai after attending Asia CACS at Muscut. I am also fond of Governance using COBIT and Service management. walking & Yoga. I also enjoy watching CNBC which helps me in my

personal portfolio management - besides updating me with globalI see a great future for our profession in the time to come. As discussedbusiness scenario.earlier, greater emphasis on corporate / IT governance will definitely bring

in stringent regulatory compliances for business entities. I believe that I sincerely thank yourself & the chapter for providing me this opportunity'GRAB task force' initiative at all India level is a commendable step in this to share my views.respect. IS audit will ultimately play as important a role as statutory audit. Regards.


8/20

i) Matching of two sets of data:

This can be quite an effective tool in fighting fraud.National Insurance Crime Bureau (NICB) of US a non-for profit organization that is supported by 1000+property/ casualty insurers of US - ran a programmecalled DAFT (Data Analysis for Fraud and Theft). Onrequest of a law enforcement agency often an Anti-CarTheft Unit of a state, it would get an extract of motorvehicle title and registration details from registeringauthority. It ran the details through NMVTIS theft fileand its own data contributed by insurers of theft, export& salvage vehicles. It may be noted here that stolenvehicle can get sold in US only if it has valid titledocuments. So, in most cases, the thieves would alter theVIN and replicate (clone) the VIN of a salvage orexported vehicle. The DAFT also finds out aberrantVINs, where say, a vehicle variant on paper does notmatch with that coded in VIN.

The requesting unit got a dump of all such matching anddiscrepant vehicles, along with registered vehicle data,allowing it to zero in on a set of vehicles, in a particulararea, maximizing returns. It is also pertinent to note that,as per Anti Car Theft Act, 1992 of US, selling vehicle bymis-declaring its title information is an offence, called as'Title Fraud'. Thus, the DAFT helps law enforcement1. Introduction:agencies to detect fraud, catch criminals and recover

Technology, it goes without saying, is a force multiplier. So is vehicles. Results of DAFT for 'Miami-Dude Multi-information technology harnessing the ever increasing power of Agency Auto Theft Task Force, as given on NICB's site,computers. No wonder, it can and does get applied in the fight are mentioned below:against fraud. The usage can be simple ones like matching of Result of NICBs DAFT Miami-Dade Multi-Agency Autotwo sets of data to detect fraud, maintenance of various

Theft Task Forcedatabases and finally usage of sophisticated fraud detectionsoftwares. Lets see them one by one.

Year No. of Vehicles recovered Cumulative recovery value2. How is information technology helping

1999 122 $1,704,610insurance industry fight fraud?There is a general tendency in the minds of individuals to think 2000 94 $1,770,700of IT as something 'hi-tech'. It need always be so; simple tools

2001 100 $20,82,800can also be very effective, as we would see in this section. Wewill see insurance industrys effort from the simple ones to the 2002 81 $21,54,600more advanced ones below.

Synopsis:

This paper tries to look at various aspects of application of information technology to fight insurance fraud. Thepaper is not about theory; it discusses practical use of such tools by industry in UK, USA, Australia etc. and thevarious types of use it can be put to. It shows that information technology (IT) can be a great tool in fighting fraudand can provide substantial leverage. Evolution of fraud detection technology is also discussed. A brief discussionon what enabling factors make the transition to a meaningful regime of IT use are is also included. It concludeswith some suggestions for developing markets like India. It is to be noted that the article does not cover all theaspects of fraud detection technology or all the countries or regions; it gives overview of the most important ones.

8


9/20

In the UK, the insurers have come together and formed a insurers & the art trade and due diligence services forMotor Insurance Bureau (MIB). MIB maintains a Motor sellers of art. Apart from utilizing state-of-the-art &Insurance Database (MID). It helps Great Britain (GB) powerful IT solutions to capture details of a work of art andPolice forces fight various frauds & theft relating to motor match two such works, it also employs professionallyvehicles. GB Police forces are equipped with Automatic trained art historians. It has been able to return works of artNumber Plate Recognition (ANPR) cameras. The cameras worth 160 mn ($230 mn) to the rightful owners.spot a vehicle, run it through database of Police National NICBs Claims Database:Computers (PNC), MID and Driving & Vehicle Licensing

As discussed earlier, the data is contributed by 1000+Authority (DVLA). If the vehicle is stolen, uninsured, if taxproperty/casualty insurers in US. It allows insurers to searchis not paid, or if the owner/ driver is wanted by police in anyby driver/ lawyer/ physician/ doctor name or by Drivingoffence, the vehicle is stopped at next intersection andLicense Number and find out all past or current claimsimpounded for further investigation.matching the search criteria. It helps tackle non-disclosureIn Canada, AutoFind , a joint initiative of Insurance Bureau of such information, a kind of fraud.

of Canada (IBC) and a number of police forces, the Police

CLUE Personal Auto (Comprehensive Loss &use automatic license plate scanning technology to compare Underwriting Exchange) a service offered by ChoicePointregistration numbers of vehicles parked to a list of stolenInc of US contains claims history database of automobilevehicles. It helps achieve much faster turnout for the policeclaims up to 5 years. Various services offered byforces in scanning a large number of vehicles parked onChoicePoint help insurers in claims and underwriting asroad or other parking places. Between January 2003 andwell. An underwriter can discover past claims, which mayAugust 2006, the AutoFind program helped to recover overnot have been declared by the applicant. Based on the5,400 vehicles with an actual cash value of $25 million.details, he can form a judgment whether to accept risk and,

ii) Maintenance of databases: if so, at what premium. For claims, it has many serviceswhich help find past claims, trace VIN from incomplete Flood Vehicle Database:details, trace insurance carrier for vehicles involved in

Not only fight against title fraud of stolen vehicles, NICB accident (allowing it to recover part of the claim from thealso helps maintain database of vehicles flooded in Katrina. carrier, thereby minimizing loss). It, thus, helps inThese vehicles were a tempting opportunity for fraudsters investigations of claims and frauds.

who bought them, dried them, altered documents and sold Insurance Reference Service (IRS) of Australia began inthem without declaring them as flooded. So, a customer can1991 and is said to contain 13 mn records of claims andcheck if a vehicle he is buying is stolen, declared salvage orpublicly available information on bankruptcy. Subscribedis flooded.by 39 insurers and 400 loss adjusters, it receives 50,000

National Equipment Register (NER): searches a month. A study found that, about 9% of thepeople had not disclosed their complete claims history aThis Register in the US is helpful in tackling heavymaterial misrepresentation, or fraud which could now beequipment theft. It started its services from Aug 2001. Andetected through IRS.owner can register his vehicle on NER and also intimate

theft. It helps law enforcement officers often frustrated by Claims and Underwriting Exchange (CUE) of UK is alack of knowledge about vehicle identification numbers database similar to CLUE of US. In addition to motorfound in different and often inaccessible places on various claims, it also contains data of personal injury and homeequipments trace the same via 24x7 toll free number and claims, allowing fight a greater range of frauds to insurers.also provides them access to ownership and stolen vehicle

iii) Use of sophisticated detection tools:records. It helps owners and insurers with quickeridentification of a suspicious vehicle found by law The technology buffs will find the discussion till this pointenforcement. It helps financial institutions by minimizing to be dull, not very attractive. The discussion aboutthe risk of financing stolen equipments. sophisticated tools is important enough to warrant it to be

discussed under a separate section next. Art Loss Register:

Born in 1991 in London, its roots go back to 1976 when 3. Use of sophisticated detection tools - EvolutionInternational Foundation for Art Research (IFAR) a not- of fraud detection technology:for-profit organization based in New York created an

A White Paper by ChoicePoint on the topic very nicelyarchive of stolen works of art to deter art theft. The Art Losssums up the evolution of fraud detection technology inRegister (ALR) offers registration of an item of art (to theinsurance. It talks of four phases through which fraud detectionowner), search & recovery services to law enforcement,

9


10/20

technology has evolved. In Phase I, says the paper, the claim NetReveal software to work on the pooled claims data of files are manually reviewed, generally by experienced claims various insurers. This increases the efficacy of thestaff. It rightly notes that the reviews happen only on a sample software manifold, as it is able to spot and throw upof data, thereby leaving many transactions because of sheer multi-carrier frauds.volume. They also happen at back end and not in real-time.

4. Enabling factors for having a state-of-artAs systems become more automated, in Phase II came the detection technology regime:use of Automated Exception Processing. It reduces the

number of files to be manually reviewed but, suffers from The technologies described in the preceding paras could be thethe same drawback of Phase I being reactive, not happening dream come true of any fraud investigator. It is, therefore, notin real time. It also threw a number of 'false positives' and out of place to discuss some of the factors that influence this goal.can catch only the most obvious and simple frauds. First and foremost, it will depend on availability of digitized

Phase III is marked by Rules Engines and Scorecards. Based data, that too at a central place within insurance companies. Foron past frauds experienced, 'if-then' kind of rules are built into instance, there are insurance companies in India who havethe business (claims) processing system. It represents an computerized records but the offices are not networked, thusimportant advance over the earlier ones it samples the entire set rendering the task of pooling in data very difficult.of transactions, happens in real-time and it also removes the

Second, insurers need to see value in going in for fraudsubjectivity in handling of claims & spotting of frauds bydetection technology, which does not come cheap. In developingvarious employees. However, rules are static while fraud ismarkets, where insurers are trying to set up operations, ramp updynamic. Is it not said that 'Policeman is a critic and Thief, anmarket share, the focus on profitability and, by extension, theartist'? So, fraudsters are always a few steps ahead of anti-fraudneed to save money on account of fraud comes much later incommunity and change tactic to evade detection. company evolution. In other words, anti-fraud efforts are much

Thus, the latest technologies arrived on scene in Phase IV higher on the Maslow's pyramid of organizational needs.with Pattern Recognition & Predictive Technologies. Unlike Further, as we have seen, fraud detection technology offersstatic 'if-then' rules, it uses powerful algorithms to find newer

greatest value when the tools run on industry-wide databases.patterns of fraud, called predictive analytics.These kinds of databases are not easily forthcoming in manyCompanies/products like SAS, SPSS and Detica NetRevealmarkets, where many insurers wrongly perceive others asare market leaders in these areas. These softwares combine'competitors'. While they may compete for business andvarious tools like claims scoring, Benford laws, regression ushering in newer technologies and processes to deriveanalysis, text mining, social network analysis etc. to give a real-maximum shareholder value and customer satisfaction, theytime picture of fraud patterns. These softwares also have a vivid,have to realize that, when it comes to fighting fraud, they havegraphical depiction of links amongst various players, making theto unite. The mantra in anti-fraud efforts is collaboration andfraud 'visible', further allowing the analyst to probe deep.not competition.

Though it is beyond the scope of this paper to discuss in Lastly, tougher regulations by the Regulator like thedetail the various techniques mentioned here, some of them areFinancial Services Authority (FSA) of UK are also seen todescribed in brief. Claims Scoring refers to assigning a score topropel industry initiatives in fighting fraud.all claims, based on certain set parameters; higher the score,

higher is the possibility of fraud. Advanced softwares can assign 5. Conclusion & Recommendations:and combine scores for a claim, customer and network, making

Though it has not been possible to discuss each of theit very powerful. Benford laws refer to simple laws given bytechniques, or state of fraud detection in majority of theBenford who predicted frequency distribution of last digits in

countries, we have been able to have a glimpse of the mostany natural population. A deviation from the frequencies prominent flavours of the trade. The conclusion is beyond doubtindicates a deliberate disturbance, or a possible fraud. Socialthat information technology gives a clear edge in detecting fraudNetwork Analysis started first with defence sector is nowand is a great force multiplier.applied to fraud detection. It uses multiple fields of data to

create links amongst various groups. For example, the fields Developing markets like India need to harness theused could be vehicle registration number, insured name, his tremendous opportunities information technology provides inmobile number, email ID etc. The softwares are even able to fighting fraud and making substantial savings. Data indetect minor changes made in say, mobile numbers or email IDs electronic form is available at multiple points financedand show the links. vehicle data with financers, registered vehicle data with

registering authorities, serviced vehicle data with vehicleThe UK insurance industry has come together to formmanufacturers, insured vehicle & claims data with insurers.an Insurance Fraud Bureau (IFB). It uses DeticaBanking sector has seen birth and taking root of a credit

10


11/20

TAXON OMY OF SATYAM F R AUD

Company : Listed Multinational Heavy weight software / IT giant

Equity Capital : Rs. 134.77 crores.

Share Value : Face value :- Face value per share is Rs. 2

Market Value :- The stock hit a high of Rs. 156.90 and a low of Rs. 145 on 30ththDecember 2008. The stock had hit a 52-week high of Rs. 544 on 30 May, 2008 and

tha 52-week low of Rs. 114.65 on 24 December, 2008.

Exposure : Confession by Mr. Ramalinga Raju on 5-01-2009 precipitated by threat of discovery

Fraud Size : Estimated at Rs. 7,800 crores

Modus Operandi : Fictitious billing data entered into billing software through excel files.

: Fake Invoices.

: Invoice hiding to prevent detection.

: Fictitious receipts entered into system through excel files. : Forgery of Bank statements adding fake amounts received on fictitious invoices.

: Forgery of Fixed Deposit Receipts.

: Fake entries in financial statements on the basis of forged bank statements.

: Forged bank conformations to support verification.

: Auditors rely on confirmations, audited accounts released.

3. Mention of any specific product does not constitute its endorsement by theinformation bureau. It is time insurers also came together andauthor and the reference is for academic purposes only.formed a claims database. After all, it is well known that death

Ashish Vinod Joshi is a B. E. (Mining Engg.), M.claims, flood or fire claims, travel claims, total loss claims areTech. (Mine Planning). He is also a CFE (Certifiedbeing lodged simultaneously or serially on various insurers.Fraud Examiner, a certification given by AssociationThey remain undetected as the data is scattered. Once a claims of Certified Fraud Examiner, Austin, Texas, USA and

database if formed, it will provide a powerful platform for recognized by the FBI as a skill set for its 'specialdeploying state-of-art fraud detection technology. agent' recruitment programme). Currently Head,

Special Investigations Unit (SIU) (Claims), Tata AIGThere is also no point in harbouring an old-world mindset of General Insurance Company Ltd., Mumbai, Ashishanti-fraud efforts being perceived customer-unfriendly. After has worked as Deputy Superintendent of Police in theall, fight against fraud is not against genuine customers; it is Central Bureau of Investigation (CBI). Worked at

CBI, Animal Husbandry Dept Unit, Patna andagainst fraudulent customers, who increase the cost of premiumssupervised investigation of MSD Scam, involvingto honest policyholders.illegal purchases of medicines worth Rs. 120 crores by hospitals of Dept. of

Disclaimer: Health, Govt. of Bihar from Medical Stores Depot, Kolkata & Mumbai. He1. The views in the article are personal. has written several papers and is a wellknown speaker at major conferences2. The various trademarks mentioned in the paper belong to the respective and seminars on fraud. [email protected] owners.

11


12/20

12

The Satyam scam came as a big shock. One had seen So here are some questions for all of us to ponder overoverseas multi-nationals and large global firms think of these and give courageous, bold yet real answerscollapsing one after another- WorldCom, Enron,,, in a that are true to your self.welter of scams. This was the first time an Indian What went wrong?corporate, the poster boy of Indian IT/ITES-BPOIndustry had admitted to management fraud, fudging Was it the system? the regulators? the law? theaccounts leading to falsification and a massive fraud of enforcement? the auditors? the accountants? the owners?more than 1.5 billion dollars. the directors? the professional management? the

employees? the bureaucracy? the public? Was it a failureIt shocked the Indian Government, the regulators, the of corporate governance mechanism like clause 49A?establishment, the administration, the media, theprofessionals, the stock markets, the analysts, the pundits Was it a failure of independent directors? Was it a failureand the general public. of statutory auditors? If not was it a failure of vigilant

small shareholders? To tell the truth it was probably allThe time lines of how the fraud unfolded are given in a this and more-separate box that shows how, the fraud was exposed, howit was dealt with right up to the Satyam rescue act. But all Accountants and Auditors whether financial or systemthis raises some very serious questions and the objective auditors, rather than upholding standards are busy withhere is not to answer them, for that will take some serious financial engineering. Top managements are reliantintrospection on the part of all of us and probably quite a more on window dressing than trying for genuinefew months if not years of painful yet necessary soul growth. Owners have only one aim - of maximizingsearching and brain racking. shareholder value.

Edito


13/20

13

Regulators and the government are busy devising rules, Probably all this and more has led to the present dilemma.regulations and compliances but seldom bothered about The real way out is to be proactive and for each of us intrue follow up of cases and results. our respective positions to uphold ethical values, probity,Finally the general public loves to fall prey to tall claims independence, professionalism and competence; andand tend to blindly trust rosy pictures and ponzi schemes, ultimately to use all our energies to conquer and defeathowever unreliable or unbelievable they may seem. this monster of fraud.

December 16, 2008 - January 8:

Satyam announces plan to buy two realty Chief financial officer (CFO) Vadlamanifirms part-owned by its founders for $1.6 Srinivas resigns.billion, but does a U-turn after negative January 9 -investor fallout Andhra Pradesh police arrest Raju and his

December 17: brother and former company managingUnder pressure Satyam does a U-turn and 12 director B. Rama Raju on charges of cheatinghours later, the deal is off. and forgery.

December 23: January 10:The World Bank confirms it has banned Satyam Finance head Srinivas arrestedfor eight years for bribery and data theft. January 11 -

December 25: The central government reconstitutes board

Satyam demands an apology and a full January 12:explanation from the World Bank for the The new board at Satyam holds a pressstatements, which the outsourcer said conference, where it discloses that it isdamaged investor confidence. looking at ways to raise funds for theDecember 26: company and keep it afloat during the crisis.

Mangalam Srinivasan, an independent January 14:director at Satyam, resigns following the Deloitte, KPMG named new joint auditorsWorld Bank's critical statements.January 14: December 28: Satyam's former auditor,Satyam postpones a board meeting, where it is PricewaterhouseCoopers (PwC), says itsexpected to announce a management shake up, opinion on the IT firm's financials may befrom December 29 to January 10. Satyam also

rendered 'inaccurate and unreliable'appoints Merrill Lynch to review strategicoptions to enhance shareholder value. January 19:

The government orders probe into possibleDecember 29: 'nexus' between the fraud-hit Satyam andThree more independent directors resign. Raju's two family-run firms Maytas PropertiesJanuary 7, 2009: and Maytas Infrastructure

Ramalinga Raju resigns, admits to fraud. He January 21:says the company's cash and bank balance in Ramalinga Raju confesses diverting funds tothe balance sheet has been inflated and fudged the Maytas firmsto the tune of Rs 5,040 crore.

SATYAM TIMELINE


14/20

January 23: February 14:The Raju brothers, Srinivas sent to judicial The Serious Fraud Investigation Officecustody till Jan 31 (SFIO) joins probe

January 23: February 16:Court rejects SEBI plea to record statements The central government hands overof Raju brothers investigations to the CBI

January 24: February 21:Former auditor PWC's S. Gopalakrishnan and The government-appointed board, meeting forSrinivas Talluri arrested the seventh time, decides to invite strategic

investorsJanuary 27:

The board appoints Goldman Sachs and March 6:Avendus, an Indian investment bank, to gets permission from SEBI to sell 51 percentidentify strategic investors majority stake

January 31: March 9:A Hyderabad court extends judicial custody of The court allows CBI to take custody of all accused to Feb 7 Raju brothers, Srinivas and sacked PWC

auditors Gopalakrishnan and TalluriFebruary 3: Srinivas

The Supreme Court allows SEBI to grill the RajusMarch 13:

February 5: L&T, Tech Mahindra, Spice Group and USgets Rs.600 crore ($130 million) from banks outsourcer iGate Corp say they haveto meet working capital requirements. A.S. registered as potential biddersMurty appointed new CEO

March 13:February 6: The company appoints former chief justice

Former Nasscom chairman Kiran Karnik S.P. Bharucha to oversee the bidding,appointed chairman selection process

February 7: March 20:Court extends the judicial custody of Ramaling The board receives bids. iGate Corp says ita Raju and four other accused to Feb 21 will not bid

February 10: March 27:Andhra Pradesh Chief Minister Y.S. Spice Group says it will not proceed as it hasRajasekhara Reddy writes to Prime Minister not got the desired level of transparencyManmohan Singh, seeking a Central Bureauof Investigation (CBI) probe into the fraud April 7:

CBI files a 2,315 page chargesheet against theFebruary 13: Raju brothers and seven other accused

SEBI relaxes takeover norms for, giving theirreconstituted boards the power to lower the April 13:target price for open offers Tech Mahindra selected as strategic investor

14


15/20


16/20

16

cum-Library and a two-seater office. About 800-1000ISACA-Mumbai chapter has beensquare feet office space at/around Dadar-Matunga would bedelivering commendable educationala best decision. Chapter president and vice president shouldservices to its members since its inception.fulfill this long pending requirement as a top priority.Our chapter is fortunate to get the honorary

services of selfless professionals from time (c ) Remodeling Annual Conference on Internationalto time. The chapter board deserves a pat on their back. Im glad Conference style- Till date, we are organizing severalthat present team is also engaged in creating next line of sessions of short duration (30-45 minutes) whereasvolunteers to take up the chapter responsibilities. International Conference has slots of 90-180 minutes. Since

I have been attending and speaking at both the events, IThe system audit profession has undergone a sea change fromfound that 90-180 minute sessions are delivering muchits inception days.more value to the participants. Let us try this in our nextCouple of domains where chapter board needs to look into forconference.improvement are :

(d) Displaying performance on our website- Chapter members(a) Quality check of Saturday lectures for the members- Thehave a right to know what their elected representatives haveinvited speaker must be a professional speaker/establisheddelivered. Hence, all the chapter board members who aredomain expert else he/she should be subjected to aseeking another term should be subjected to show theirrehearsal/QA well before the sessionperformance card. Such display should be organized by the

(b) Chapter premises- This matter has been eluding our nomination committee, well before the election.chapter since long. The cost of delay is very high. The

By Haridas Raigaga (May 25, 2009)present team should be satisfied with just a Reading Room-


17/20

17

standards such as ISO27001, ITIL Level 3, IEEE standards,As ISACA members we all know theCOBIT etc., based on which information security framework importance of information security forcan be implemented within organization.organizations, since it is the key

concept of our practice area and many There is a separate chapter that addresses various securityof us are quite well versed with the threats. These threats are explained in detail in layman's termstechniques of implementing for easy understanding. The book goes on to explaining a

information security, assessing information security concept of building well-designed information securityimplementation and providing assurance services to organizations architecture in to the IT applications thereby creating best of with respect to information security. Yet, when it comes to breed information model for information security.drawing management's attention towards information security

Sometimes there is a misconception that information is moreaspects within organization and to involving participation of important than data, but the words 'data' and 'information' arestakeholders in information security implementation, it doesquite often used interchangeably and one person's informationprovide a challenge of explaining the importance of informationcan be another person's data and vice versa, and hence, a fullsecurity to all in lucid, jargon free terms.chapter is devoted to clarifying the concept of Data Security

With this aspect in mind, Shri. Venugopal Iyengar has written and Privacy along with detailed description of preventive,a book on information security especially for management, right detective and corrective controls. Chapter on Enterprisefrom C level executives up to all those involved in day-to-day Security provides details of various components of theoperations. In the preamble, the author explains the need for enterprise security and the required security measures.establishing IT governance practice in today's organizations and Outsourcing aspects are given special attention from securitythen goes on to setting a goal of providing a holistic approach perspective and finally the author goes on to explaining thetowards information security by creating appreciation, concept of information security governance and the challenge of

awareness and application of information security principles to business continuity management.organizations day-to-day operations.The book includes a separate annexure to address information

The author explains the concept of security life-cycle by security specifications and good practices along with a check listbriefly describing each of the three stages such as understanding for bankers for implementing information security inbusiness, aligning IT and risk management. Risk management computerized environment. The book is available at a competitiveconcepts are explained by detailing various steps such as risk price and makes an informative reading and is certainly useful forassessment, identification and design of IT controls, risk all those desirous of learning about implementing informationtreatment by implementation of IT controls, measurement and security in todays IT enabled organizations.monitoring of controls and identification of changes forimprovement. Further, the author lays stress on different levelsat which security professionals are required in organizationsGovernance level, Management level and Operational level. Theauthor talks about various certifications that are available forindividuals to become recognized as information securityprofessionals and then also describes various international

Mrs. Jayshree A. Dhere, Education Chair of ISACA Mumbai Chapter, is an information systemsprofessional having more than 23 years of experiencein varied areas such as software architecture,software projects, information systems audit, ITgovernance and assurance.

Written by Mr. Venugopal IyengarPublished by Himalaya Publishing HousePrice: Rs. 150/-Pages: 130ISBN: (not mentioned)

treasurer for 2 years and as honorary secretary for 1 year. LaterOBITUARYhe settled in Canada and recently expired during his visit to

With a heavy heart we announce the sad demise of Mr. USA for attending a conference.Dharmesh Joshi, Chartered Accountant, one of the founder

We on behalf of the chapter, its office bearers and membersmembers of our chapter. Mr. Dharmesh Joshi, was instrumentaloffer our heartfelt condolences to the bereaved family. Mayin forming the constitution of our chapter way back in the timeGod grant them the strength and courage to bear thiswhen chapter was being formed. He also served the chapter by

being on the managing committee of the chapter as honorary irreparable loss. May his soul rest in peace.

Mr. Venugopal Iyengar is Past President of ISACA Mumbai Chapter. He is a Director of IOTM and a senior Information Security,Enterprise Security, IS Audit and Assuranceand IT Governance professional.


18/20

Growmore Ltd. is a well-known chain of garment andreadymade clothing/apparel stores. The company had entered thebusiness few years back with four outlets one in Mumbai, thesecond in the suburbs and one each in Panvel and Pune.

The accounting and records in respect of purchases,inventory, sales and finances are maintained on a centralcomputer located at Mumbai head office that can be accessedand used from allthe outlets.

In the last two years the number of stores has gone up to 30spread over five cities. The company has also diversified frommens ready-mades and apparels to include clothing for children

and womens wear. The outlets in Mumbai city also stock footwearand leather accessories.

Recently a new CFO has taken over. He reviews the working of the company and is convinced that there is a possibility of revenueleakages. Especially he notes the following areas-

Purchase function involving sourcing of apparel fromsuppliers possibility of nexus leading to frauds and revenueleakage can not be ruled out.

Possibility of over or under invoicing in purchase Occurswhen there is deliberate misstatement of the invoice value ascompared with goods or services received or supplied.

Inventory function Possibility of good quality clothingdisposed as scrap, pilferage of goods is an issue.

Sales function Substitution of goods of different qualityleading to loss of revenue.

Recovery from debtors The company supplies clothing tocertain franchise holders. The recoveries from them are less and isan area for concern due to possible teeming and ladingactivity/fraud.

As the CIO/CISO of your company the CFO approaches you forsuggesting systems / controls to prevent / minimize occurrencesof fraud in these areas.

Give in a brief executive summary of your suggestions/ recommendations.

Do send in your answers to [email protected] The solutionto the case will be given in the next issue. Thesolution of the last case study is given in this issue.

18

Answers to E-Quiz - January 2009

1. Cyclotrimethylene trinitramine betterknown as RDX, in its pure synthesized state isd) White crystalline solid

2. AK 47 rifle the well known commonly usedassault rifle is short form of

(d) Avtomat Kalashnikova3. A satellite phone system based in the UAE

which currently provides coverage to most of Eurasia, Africa and Australia is known asa) Thuraya

4. The National Security Guards [NSG], India'spremier counter-terrorist force wasestablished following -b) 1984 Operation Bluestar

E-Quiz

Dr. Vishnu Kanhere

1. What is a good way to protect sensitiveinformation sent via email?(a) Encrypt it(b) Write it in another language(c) Don't include your return address(d) All of the above.

2. What is the best way to find someone's emailaddress?(a) Look it up in an email directory(b) Take a guess(c) Call the person(d) Do a google search.

3. Why would your email message return toyou?(a) The recipient's address is misspelled(b) The recipient has changed his address(c) The recipient's mailbox is full(d) All of the above.

4. Why are email attachments potentiallydangerous?(a) They may contain viruses(b) They cost you money(c) They can overload your computer hard

drive(d) All of the above.

Dr. Vishnu Kanhere


19/20

19

1) Two visuals of railway track: better, because building entry is notfacing main road. Entry/exit to theThe first photograph shows a railwaybuilding is not direct. More securitytrack that has no fencing; hence there isfacility can be incorporated infree access on rail track to anybody. Thissecond layout.raises concern as people may cross the

rail track increasing the chances of 5) Freeway / Highway passing throughaccidents. Also since there is free access the city:stray cattle may cause accidents.

The photograph shows a freeway/ More serious concern will be that of highway passing through the city. Ideallyanti social elements that may sabotage the highway should not pass through city

/ damage the rail track leading to and a bypass should be created. If it isserious accidents resulting in loss of not avoidable, then proper fencing orhuman life. elevation is required to separate theThe second photograph shows good

highway traffic from city traffic becausefencing work on railway track preventing the speed of the vehicles is very fast.easy access to outsiders hence minimizing

6) Picture depicting part of an office:the chances of accidents. This is moresecure and will reduce the likelihood of The photograph shows a corner of thesabotage. Only concern is that during office where some unwanted materialsflood situation there is need for adequate such as steel tank, unidentified stuff isprovision for storm water to escape. lying. If any combustible material is kept

there then there is an issue of fire. It is2) Elevated road structure (flyover):found that access to the exit door is

In the photograph of the flyover we can blocked. A solution is not to keep suchsee a central column supporting the unidentified material and keep the exitsentire flyover structure. There is a free of any stuff and easily accessible atpossibility that a heavy vehicle passing all times..on the road may hit the column eitheraccidentally or intentionally, causing 7) Entrance to subway station:serious damage to the flyover as well as The picture shows an entrance to thevehicle. There is need to construct a sub way train station. The issue isbuffer iron grill fence so that even if a during a terrorist attack, terrorists/ vehicle hits, it will first hit the buffer attackers can hide on staircase, makingiron grill minimizing the flyover it difficult to trace them. Also mirrorcolumn damage. location does not show the blind corner

making it ineffective.3) Elevated rail track road overbridge:In the photograph of elevated rail track 8) Wall of railway station yard and path:road over bridge, signaling system at the The photograph shows the wall of railwaycrossing needs to be strong to avoid station yard. Any passerby can have easymishaps. Further a derailment during access to the yard and the path and blindtrack change may also lead to serious corner provides ample scope for ambush,damage to vehicles and people using the surprise attack and attackers / terroristsroad below. Also at the turn, a strong iron can easily hide themselves. Since any onefencing will be required. can reach to the wall, terrorists can also

throw a hand grenade over the wall. A4) Layout of office building: separator is required between pedestrianIn the first photograph the entry forpath way and station wall with adequateoffice facing the main road is an issue.protection and surveillance.Anti social elements can enter/exit theThe answers are only suggestive inbuilding easily and quickly. A car bomb

can directly target the entrance. Office nature and multiple options exist of dealing with the situation.building layout in second picture is


20/20

IT Governance Profession in India / On Identity Mgnt / On Commercialisation of Intellectual Rights18.03.09 - Speaker - Mr. Peter Jaco.

Maximizing ROI on IT Investment through Dynamic Infrastructure IT optimization and cloud Computing18.04.09 - Speaker - Mr. Ashit Dalal

Benefits of Implementation of Management Systems14.03.09 - Speaker - Mr. Ranjan Banerjee

apr may pgs final pg by pg 10th

Documents

Transcript of apr may pgs final pg by pg 10th