ABSTRACT
Information security and privacy training and awareness are challenges in every organization. Most
people do not like to participate in training; however, ensuring that employees understand their
responsibilities for protecting information is vital to an organization’s success and is required by law
for many industries and jurisdictions. Helping employees understand how to identify and report fraud is
especially important in today’s business climate. A fraud awareness and training program must support
an organization’s business environment, be integrated within the information security program and
policies, and meet applicable regulatory requirements. Personnel must be motivated to learn how to
identify and report fraud by tangible and specific rewards and penalties to support an organization’s
fraud prevention efforts. Fraud prevention training must become part of the job appraisal process to
build a truly effective fraud prevention education program. Corporate leaders must not only ensure
compliance with regulatory issues but also effectively communicate fraud prevention policy and
regulatory issues to the organization. Organizations cannot have a successful awareness and training
program if personnel do not understand the impacts and consequences of noncompliance.
