Identifying disgruntled employee systems fraud risk through text mining: A simple solution for a multi-billion dollar problem

Decision Support Systems

Volumn 46, Issue 4, 2009, Pages 853-864

  Holton, Carolyn ^a  

^a Southeastern University   (United States)

Author keywords

Design science; Disgruntled employee; IS security; Occupational fraud; Organizational communication; Text mining

Indexed keywords

COMMUNICATION; PERSONNEL; RISK ANALYSIS; RISK ASSESSMENT; SAFETY FACTOR;

DESIGN SCIENCE; DISGRUNTLED EMPLOYEE; IS SECURITY; OCCUPATIONAL FRAUD; ORGANIZATIONAL COMMUNICATION; TEXT MINING;

LAWS AND LEGISLATION;

EID: 61349124807     PISSN: 01679236     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.dss.2008.11.013     Document Type: Article

References (54)

1. ACL Data Analysis Software Animated Presentation (Pentana Audit Software, Vancouver, BC, Canada, 2006).
2. American Institute of Certified Public Accountants. Consideration of Fraud in a Financial Statement Audit - SAS No. 99 (2002)
3. American Institute of Certified Public Accountants. Statement on Auditing Standards, No. 99, Consideration of Fraud In a Financial Statement Audit (2002)
4. Arnesen D.W., Fleenor C.P., and Blizinsky M. Name, rank, and serial number? The dilemma of reference checks. Business Horizons 41 4 (1998)
5. Balovich D. Sarbanes-Oxley Document Retention and Best Practices, Creditworthy News (2007)
6. Bapna S., and Gangopadhyay A. A wavelet-based approach to preserve privacy for classification mining. Decision Sciences 37 4 (2006)
7. Brady T. Employee handbooks: contracts or empty promises?. Management Review 82 6 (1993)
8. Brill E. Some advances in transformation-based part of speech tagging. Presented at Twelth National Conference on Artificial Intelligence, Cambridge, MA (1994)
9. Bush G.W. The White House. Statement by the President (2002)
10. Cavusoglu H., Mishra B., and Raghunathan S. The value of intrusion detection systems in information technology security architecture. Information Systems Research 16 1 (2005)
11. Cutting D.R., Pedersen J.O., Karger D., and Tukey J.W. Scatter/gather: a cluster-based approach to browsing large document collections. Presented at 15th Annual ACM-SIGIR (1992)
12. Dhillon I.S., and Modha D.S. Concept decompositions for large sparse text data using clustering. Machine Learning 42 1 (2001)
13. Domingos P., and Pazzani M. Beyond independence: conditions for the optimality of the simple Bayesian classifier. Presented at 13th International Conference on Machine Learning, Bari, Italy (1996)
14. Fernandez-Medina E., Trujillo J., Villarroel R., and Piattini M. Access control and audit model for the multidimensional modeling of data warehouses. Decision Support Systems 42 3 (2006)
15. Fraud Survey (KPMG Forensic, 2003).
16. Gattiker U.E., and Kelley H. Morality and computers: attitudes and differences in judgments. Information Systems Research 10 3 (1999)
17. Global Economic Crime Survey (PricewaterhouseCoopers, New York, 2005).
18. Gupta M., Rees J., Chaturvedi A., and Chi J. Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decision Support Systems 41 3 (2006)
19. Han J., Pei J., and Yin Y. Mining frequent patterns without candidate generation. presented at ACM-SIGMOD International Conference on Management of Data, Dallas, TX (2000)
20. Hepple M. Independence and commitment: assumptions for rapid training and execution of rule-based POS taggers. Presented at 28th annual meeting of the association for computational linguistics, Hong Kong (2000)
21. Hevner A.R., March S.T., Park J., and Ram S. Design science in information systems research. MIS Quarterly 28 1 (2004)
22. Hollinger R., and Clark J. Employee deviance: a response to the perceived quality of the work experience. Work And Occupations 9 1 (1982)
23. Hollinger R.C., and Clark J.P. Deterrence in the workplace: perceived certainty, perceived severity, and employee theft. Social Forces 62 2 (1983)
24. Jacobs D.L. Are you guilty of electronic trespassing?. Management Review 83 4 (1994)
25. Kroll Inc., Economist Intelligence Unit Overview in the Kroll Global Fraud Report (2008).
26. Mailvaganam H. Text Mining for Fraud Detection: Creating Cost Effective Data Mining Solutions for Fraud Analysis in Data Warehousing Review (2004) DWReview, Vancouver, BC
27. Martens D., Bruynseels L., Baesens B., Willekens M., and Vanthienen J. Predicting going concern opinion with data mining. Decision Support Systems 45 4 (2008)
28. Montana J.C., Dietel J.E., and Marrins C.S. Strategies for RIM program compliance with Sarbanes-Oxley. The Information Management Journal 40 6 (2006) 6
29. Pei J., Han J., and Mao R. CLOSET: an efficient algorithm for mining frequent closed itemsets. presented at ACM-SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery (2000)
30. Porter M.F. An algorithm for suffix stripping. Program 14 3 (1980)
31. Preventing crime and violence in the workplace in workplace health, safety and security (AllBusiness.com, Undated).
32. Ramos M. Auditors' Responsibility for Fraud Detection. Journal of Accountancy 195 (2003)
33. Report to the nation on occupational fraud and abuse (Association of Certified Fraud Examiners, Austin, TX, 2006).
34. Rhinehart C. Email management and Sarbanes-Oxley Compliance in Sarbanes-Oxley Compliance Journal (2005)
35. Rodrigues M.E.S.M., and Sacks L. A scalable hierarchical fuzzy clustering algorithm for text mining. presented at 4th International Conference on Recent Advances in Soft Computing, Nottingham, UK (2004)
36. Sarbanes-Oxley Act, H.R. 3763, PL 107-204, 116 Stat 745, 107th Congress (2002).
37. Schultz E.E. A framework for understanding and predicting insider attacks. Computers and Security 21 (2002)
38. E. Schwartz, Rethinking message storage: Sarbanes-Oxley demands better archiving and retrieval of electronic communications, InfoWorld 26 (24) 14-14 (1p).
39. Schweder R.A., Mahapatra M., and Miller J.G. Culture and moral development. In: Kagan J., and Lamb S. (Eds). The Emergence of Morality in Young Children (1987), University of Chicago Press, Chicago
40. Shaw E.D. The role of behavioral research and profiling in malicious cyber insider investigations. Digital Investigation 3 1 (2006)
41. Siponen M. Information security management standards: problems and solutions. presented at 7th Pacific Asia Conference on Information Systems, Adelaide, South Australia (2003)
42. Straub D.W., and Welke R.J. Coping with systems risk: security planning modules for management decision making. MIS Quarterly 22 4 (1998)
43. The American Institute of Certified Public Accountants, Inc. Appendix to SAS No. 99. Fraud Risk Factors (2002)
44. The 2006 Oversight Systems Financial Executive Report on Sarbanes-Oxley (Oversight Systems, Inc., Atlanta, Georgia, 2006).
45. Tolson B. Email Retention Policy: A Step-by-Step Approach in Backup and Disaster Recovery (2006) TechTarget
46. Tremblay M., Berndt D., Foulis P., and Luther S. Utilizing text mining techniques to identify fall related injuries. Presented at Eleventh Americas Conference on Information Systems, Omaha, NE (2005)
47. Varon E. Mandate from SEC regulators: save your electronic documents. CIO Magazine 16 (2003)
48. Wells J.T. Why employees commit fraud. Journal of Accountancy 191 2 (2001)
49. Wesche T.M. Reading your every keystroke: protecting employee e-mail privacy. Journal of High Technology Law 1 1 (2002)
50. Wilding E., and Parker J. Corporate computer fraud - straight from the secret investigators. Computer Fraud & Security 2002 7 (2002)
51. Wilks J., and Zimbelman M. Decomposition of fraud risk assessments and auditors' sensitivity to fraud cues. Contemporary Accounting Research 21 3 (2004)
52. Willison R. Understanding the offender/environment dynamic for computer crimes: assessing the feasibility of applying criminological theory to the IS security context. presented at Proceedings of the 37th Hawaii International Conference on System Sciences (2004)
53. Worthen B. Message therapy: federal regulations require an entirely new approach to storing and searching e-mails. Noncompliance is not an option. CIO Magazine 18 7 (2005)
54. Yue W.T., ÇakanyIldIrIm M., Ryu Y.U., and Liu D. Network externalities, layered protection and IT security risk management. Decision Support Systems 44 1 (2007)