11. INTERNAL CONTROL AND FRAUD John Martin, a highly skilled computer technician with a master's degree in computer science, took a low-profile evening job as a janitor at Kent Manufacturing Company. Since the position was of a low-level category, no security clearance or background check was necessary. While working at nights, John snooped through offices for confi- dential information regarding system operations, internal controls, and the financial thresholds for transaction that would trigger special reviews. He observed employees who were working late type in their passwords and managed to install a Trojan Horse virus onto the system to capture the IDs and passwords of other employees. During the course of several weeks, John obtained the neces- sary IDs and passwords to set himself up in the system as a supplier, a customer, and systems administrator, which gave him access to most of the accounting system's functions. As a customer, John ordered inventory that was shipped to a rented building and later sold. As system administrator, he approved his credit sales orders and falsified his customer payment records to make it appear that the goods had been paid for. He also generated purchase orders to himself and created false receiving reports and sup- plier invoices as part of a vendor fraud scheme. He was thus able to fool the system into setting up accounts payable to himself and writing checks in payment of inventory items that the company never received John was careful to ensure that all his transac- tions fell just below the financial materiality thresh- olds that triggered special reviews. Nebo his fraud schemes cost Kent Manufscount 2 approx- imately $100,000 per month and went uretsetud for 12 years. John, however, became cedeat and careless in his life style. Working late one evening, the internal auditor observed John arriving for work in an expensive sports car that seemed out of place for a poorly paid janitor. The auditor initiated an investigation that exposed John's activ- ities. He was arrested and charged with computer fraud. Required a. What controls weaknesses allowed John to perpe- trate these frauds? b. Explain the controls that should be in places to reduce the risk of fraud