In the forensics world we always strive to eliminate any debate about our findings not being grounded in the evidence. Therefore, the integrity and trustworthiness of the data provides a baseline for an investigation and if the data can’t be relied upon than neither can you!
Thus, it’s critical that you understand where the data came from, how it was produced, who produced it, and what parameters were used to extract the electronically stored data.
Moreover, you should always confirm that nothing was changed or deleted during the extraction, structuring, and reporting process.
Lastly, you should test the data for completeness and reasonableness or accuracy. For example: reconcile to known anchors, like the results from the audited financial statements.
Practice Pointer: When anchoring you should consider what evidence you are using and will others consider the evidence used to be trustworthy.
- Evidence is more reliable when it is obtained from knowledgeable
independent sources outside the entity – like audited financial statements.
- Evidence that is generated internally is more reliable when the related controls imposed by the entity are effective.
Remember my motto – “Trust can be and often is a professional hazard…so verify!”
Therefore, ensure your skepticism is calibrated accordingly. Remember the individual providing the data might be involved in some way with the alleged fraud or could have significant influence over others to manipulate the data in an attempt to conceal the wrongdoing.
It not so much what you see, but what you don’t see.
Have a great weekend and be safe!