Submit Search
Upload
The fraud triangle : understanding and mitigating threats to test and exam security
•
8 likes
•
2,212 views
Questionmark
Follow
The fraud triangle : understanding and mitigating threats to test and exam security
Read less
Read more
Technology
Education
Report
Share
Report
Share
1 of 13
Recommended
Arens12e ab.az 01
Arens12e ab.az 01
Sagita Fajarahayu
Chapter 25 slide present audit
Chapter 25 slide present audit
ieyqa1990
slide arens chapter 25
slide arens chapter 25
Faisal ijal
Fraud triangle
Fraud triangle
Miss. Antónia FICOVÁ, Engineer. (Not yet Dr.)
James hall ch 3
James hall ch 3
David Julian
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & control
Dominic Sroda Korkoryi
Fraud detection
Fraud detection
International School of Engineering
ONLINE EDUCA 2011
ONLINE EDUCA 2011
Questionmark
Recommended
Arens12e ab.az 01
Arens12e ab.az 01
Sagita Fajarahayu
Chapter 25 slide present audit
Chapter 25 slide present audit
ieyqa1990
slide arens chapter 25
slide arens chapter 25
Faisal ijal
Fraud triangle
Fraud triangle
Miss. Antónia FICOVÁ, Engineer. (Not yet Dr.)
James hall ch 3
James hall ch 3
David Julian
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & control
Dominic Sroda Korkoryi
Fraud detection
Fraud detection
International School of Engineering
ONLINE EDUCA 2011
ONLINE EDUCA 2011
Questionmark
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
charlottematthew16
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
More Related Content
Recently uploaded
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
Lars Bell
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
ScyllaDB
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
Dubai Multi Commodity Centre
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Lonnie McRorey
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Lorenzo Miniero
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
charlottematthew16
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
Recently uploaded
(20)
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
How to write a Business Continuity Plan
How to write a Business Continuity Plan
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Featured
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
Skeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
Introduction to Data Science
Introduction to Data Science
Christy Abraham Joy
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
Vit Horky
The six step guide to practical project management
The six step guide to practical project management
MindGenius
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
RachelPearson36
Featured
(20)
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
Skeleton Culture Code
Skeleton Culture Code
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Getting into the tech field. what next
Getting into the tech field. what next
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
How to have difficult conversations
How to have difficult conversations
Introduction to Data Science
Introduction to Data Science
Time Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
The six step guide to practical project management
The six step guide to practical project management
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
The fraud triangle : understanding and mitigating threats to test and exam security
1.
Eric Shepherd
eric@questionmark.com Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
2.
Fraud Triangle
Threats Rationalization Impersonation Opportunity Content Theft Motivation Cheating Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
3.
Donald Cressey, a
famed criminologist, came up with a hypothesis while researching his doctoral thesis in the 1950s now called the “Fraud Triangle” it explains why people commit fraud. In order to reduce the likelihood of fraudulent activities we need to remove one of the elements of the Fraud Triangle. Motivation The three key elements in the Fraud Triangle are Motivation, Rationalization, and Opportunity. Fraud Risk Opportunity Rationalization Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
4.
What’s at
Stake? High Life and Limb Higher Medium Promotion & Jobs & Legal Concern Stakes Low Educational Exams Medium Stakes Tests Elearning & Low Stakes Surveys Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 4 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
5.
Licensure exams
Motivation to commit fraud Certification exams Stakes of assessment Summative Assessments Placement tests Pre-certification exams Job Task analysis surveys Needs analysis surveys Post-course test Pre-course test Formative quizzes Course Evaluations Satisfaction surveys Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged. Slide 5
6.
Short Term with
Low Trust Relationships Higher threats require more “Oversight” and so cost Public Pre- more Certifications employment Large Programs & Licensing Small Program Lower threats require less Sales and “Oversight” Regulatory Technical and so cost Compliance Channel less to Verification administer Long Term with High Trust Relationships Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
7.
Identity Fraud
•Proxy takes the test on behalf of the real candidate Content Theft •Content is stolen and sold/given to potential cheaters Cheating •Candidate uses unauthorized “aids” to help them answer the questions Counterfeit Certificates/Licenses •Proof of certification/licensure is counterfeited Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
8.
Rationalization
Mitigation •Explain the facts: “Everyone else cheats so why •Most people do not cheat shouldn’t I?” •Consequences for cheating “I have no alternative but to •Provide learning environments for the candidate to be able to pass the assessment cheat and I have to pass honestly. because <fill in the blank>.” •Explain some of the security measures that are in place, that there are more, and the “I can get away with this.” consequences if they are caught. •Explain and gain positive agreement to the: •Honesty code “I didn’t know <fill in the •Code of ethics blank>” •Non-Disclosure •Consequences for cheating “The ends justify the means •Explain and gain positive agreement to the: (financial reward).” •Consequences for cheating “The Assessment provider is •Maintain a positive public image incompetent/bad/corrupt/etc.” Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 8 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
9.
Locking down the
candidate’s technology Tight controls over the test papers or (secure browser) to help eliminate the access to the technology before, during possibility of content being electronically and after the assessment harvested Shuffling items and choices and using a Not exposing the scoring algorithm beyond limited number of questions from a pool the content repositories/databases helps reduce item exposure Ensuring that people involved with the content databases have signed NDAs so Securing, and only providing limited access that they are aware of their to, the content repositories/databases responsibilities, the consequences of not fulfilling them and their legal accountability Vigorously following up on infractions Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 9 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
10.
Formal honesty contracts
that are agreed to at each stage of the process that explain the consequences for cheating Invigilation/proctoring of an assessment to monitor candidates’ behaviors Locking down the candidate’s devices, maybe using a secure browser, helps eliminate the possibility of them linking to internet resources via their browsers, instant messaging, etc. Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 10 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
11.
Minimizes
Protect Content ID Fraud Cheating • Personable, consistent Test Centers • Monitor vulnerable to unfair influence √ √ √ Events (Classrooms or • Convenient, personable, consistent Conventions) • Monitor vulnerable to unfair influence √ √ √ • Monitor is less vulnerable Test Station Kiosk √ √ √ • New and not yet widespread • Easy to deploy for use at home PC & 360 webcam • Little for content theft √ X √ • Seems secure PC & webcam & WebEx • Nothing for content theft √ X √ • Works for employees Un-Monitored • Nothing for content theft √ X X Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 11 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
12.
Levels of Monitoring
High Medium Stakes Stakes Exams Low Stakes Exams Exams Diagnostic Tests Formative Quizzes Course Evaluations Stakes of Assessment Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.
13.
Blog article “Oversight, Monitoring and Deliver of Higher Stakes Assessments Safely and Securely” http://blog.eric.info/2010/02/oversight-monitoring-and- deliver-of-higher-stakes-assessments-safely-and- securely/ Contact Web: www.questionmark.com/us/whitepapers Email: info@questionmark.com Copyright © 1995-2010 Questionmark Corporation and/or Questionmark Computing Limited, known collectively as Questionmark. All rights reserved. Slide 13 Questionmark is a registered trademark of Questionmark Computing Limited. All other trademarks are acknowledged.