raud risk assessments allow organizations to easily visualize the areas for occurrence of fraud and prioritize their resources against these potential fraud areas. Since both the business and IT environments are changing rapidly, the fraud risk assessment should be carried out on a regular basis or whenever there is a major change in an IT process. Furthermore, in identifying an IT process for fraud risk assessment, an auditor may use history patterns of fraud within the company as a benchmark reference.