Companies often assume that corporate fraud won’t happen to them. But according to PricewaterhouseCooper’s “Global Economic Crime Survey 2005,” that likelihood is increasing. Since 2003, for example, the number of companies reporting incidents of corruption and bribery has increased by 71 percent. Claims of money laundering have increased by 133 percent, and reports of financial misinterpretation have grown by a whopping 140 percent.
It could be argued that these reports are on the rise either because of, or in spite of, government regulations like Sarbanes-Oxley—a law designed to create more transparency for investors. And experts agree that it’s impossible to safeguard against all security threats all the time. Luckily, there are steps CIOs can take to ease the pain of a criminal investigation, says Philip Upton, a principal at PricewaterhouseCoopers and leader of the East Coast practice of the forensic technology solutions group.
Data forensics refers to the collection and analysis of crucial digital information, such as e-mails, documents and access logs—and to no one’s surprise, CIOs play a critical role in the process. “CIOs must work with their colleagues in internal audit and security to provide access to e-mails or help with transactional data analysis,” Upton says.
Sound simple? Hardly. To get data forensics right, companies need to have a thorough document-retention policy in place—and many don’t. “It’s a lot harder than it appears because it requires the legal department, IT and business units to get together and determine not only what needs to be kept, but also to put in place mechanisms to ensure those policies are followed,” Upton says. For example, “too often companies have backup policies that aren’t exactly managed by the best and brightest in the company.”
Of course, the best offense is a good defense. “If you hear that an investigation is taking place,” Upton says, “first and foremost cease the rotation of backups so you are not overwriting old backup tapes. Then, await the involvement of the investigative team, who will want to know where specific data is, and facilitate their job to the best of your ability.”