MARCH 2017
In This Issue
Quick Links
Upcoming Events

Many county and municipal offices will be closed on April 14, in observance of Good Friday.

Call us at 713-781-9040 to find out how to arrange a convenient presentation, in your office, of our continuing legal education (CLE) program, approved by the State Bar of Texas. It arms lawyers with ways to ensure investigations add value to your case.
Next Edition Topics:

Certifiable: Does your investigator hold any professional certifications?

Carte Blanche: Avoiding illicit inquiries on behalf of deep-pocketed clients

In this month's VantagePoints, John Beard, our director of financial investigations, shares insight from his trained perspective as a CPA and fraud examiner regarding risk management through the integration of the security and audit functions within organizations. Integrative, proactive steps to establish covert information gathering systems can enable corporations to discover and counter signs of irregularities in a way that minimizes their impact.
The specialists of ResultQuest® are skilled in helping their clients devise and implement an integrated security process. Call us at 713/781-9040 to learn more.  
Thank you for your comments concerning VantagePoints. We especially enjoyed the positive responses to our stew recipe last month.   If you have suggestions for topics of interest, please send them to We also hope you will recommend our newsletter to your colleagues.
Founder, Owner, and Manager

The Integrated Security Function: Augmenting the audit function through covert information gathering
By John Beard
The Association of Certified Fraud Examiners estimates that crime costs companies $3.5 trillion each year. These crimes take at least eight major forms: white collar crime; organized crime; internal pilferage and embezzlement; computer related crime; external attack including robbery, hijacking, and shoplifting; vandalism; terrorism and industrial espionage. [1] Publicly traded companies under the Sarbanes-Oxley Act (SOX) are required to have anti-fraud programs within their organizations. By and large, these programs are detective in nature as opposed to being proactive or preventative. Why is this? The answer lies in the culture of businesses in contrast to governmental entities. In the United States, governmental entities such as the National Security Agency, Federal Bureau of Investigation, and the Central Intelligence Agency use proactive approaches to detect potential security breaches that could be harmful to the country. This task is accomplished in many ways including but not limited to: data analysis, surveillance, interrogation, and managing operatives.

Business can employ similar techniques to produce a more proactive process that can potentially head-off many costly and embarrassing events. For the process to work there are basic organizational requirements: Executive support (tone-at-the-top); coordination among security personnel, internal audit personnel, and operating personnel. This level of interaction can be very beneficial to an organization. This process can be subdivided into two segments: administrative security and operational security.
Administrative security includes: personnel, communications policies and procedures, document controls, access to physical areas, employee identification (ID), trash disposal, travel security, and physical facility security.

Operational security activities are divided into security surveys, crisis response management, executive protection, information processing, and briefing and debriefing programs. These are designed to anticipate and protect against possible or probable security related contingencies.

Most everyone has heard of crisis response management and executive protection processes. What is more than likely to appear strange to the reader are the briefing and debriefing processes. We want to look at only one portion of this process today.
We'll take a dive into these processes. In the briefing process, management is presented with the current trends in developments that could negatively impact the business. For example, nationalization of business enterprises by foreign governments, terrorist activities in proximity of company locations, etc. On the debriefing side this is maybe not so obvious. Done consistently, this program can provide a wealth of information ranging from commercial data of importance to the company for planning to information, which if tracked over time can indicate the targeting of company officials or assets. This targeting can have objectives ranging from economic intelligence to physical threats. The following is a hypothetical example of how an organization can be assessed for the potential of having a productive intelligence gathering program put into place and become operational.

Click to see example 

[1] noteInformation source - ASIS International