In combatting fraud, it is important to assess an organization's controls and the control environment. Controls are the systems, policies, procedures, personnel and culture in place within an organization that mitigate the risk of fraud. The Control Environment defines the “tone at the top” of the organization and permeates all levels of the organization. The first subject subtitle, "Controls & Control Environment," deals with the control environment and tools you can use to better understand and evaluate your environment.

Important elements in understanding the environment and taking steps to defend it against fraud are known as "Risk Modeling and Assessment." These are the topics of our second subject subtitle. The guidance offered here will help in the development of processes to better understand the fraud risks facing your organization, the likelihood of their occurrence and the effects they might have if they occur.

Technology is a mixed blessing. Its complexity gives fraudsters a place to hide. The unquestioning reliance on computers makes it easy to overlook fraud when it occurs. However, technology also puts at our disposal ways of detecting fraud that would have been unthinkable a generation ago. The subject subtitle "Data Analytics" discusses techniques available to help detect and prevent fraudulent activity.

The ToolKit's "Master Controls Table" is a consolidation of all the risk tables found throughout this tool. It provides a single point of reference for risks, red flags and tools/best practices that apply throughout an organization’s programs and business processes.

The final subject subtitle, "Internal Controls Library," is a collection of reference materials to help design and maintain better controls.