THIS STUDY WAS DESIGNED TO DETERMINE WHETHER COMPUTER RELATED CRIMES WERE OCCURRING IN GOVERNMENT, RELATE THE METHODS USED BY COMPUTER CRIMINALS TO EXPLOIT WEAKNESSES IN SYSTEM MANAGEMENT CONTROLS, EXAMINE INTERNAL AUDIT PROCEDURES, AND IDENTIFY WAYS TO HELP PREVENT AND DETECT FUTURE CRIMES. A TOTAL OF 69 CASES OF COMPUTER RELATED CRIMES WERE IDENTIFIED AND TWELVE REPRESENTATIVE CASES WERE SELECTED FOR DETAILED REVIEW. THE TYPES OF CRIMES UNCOVERED INVOLVED PREPARING FRAUDULENT INPUT TO COMPUTER-BASED SYSTEMS, UNAUTHORIZED OR INAPPROPRIATE USE OF FACILITIES AND SUPPLIES, PROCESSING ALTERATION OR DESTRUCTION, AND MISAPPROPRIATION OF OUTPUT. IN EVERY CASE REVIEWED IN DETAIL, THE INCIDENTS WERE DIRECTLY TRACEABLE TO WEAKNESSES IN SYSTEMS CONTROLS INVOLVING SEPARATION OF DUTIES AND PHYSICAL CONTROL OVER FACILITIES AND SUPPLIES. STUDY RECOMMENDATIONS INCLUDE DEVELOPMENT OF AN ORGANIZATIONAL PLAN THAT SEGREGATES THE DUTIES OF INDIVIDUALS TO MINIMIZE OPPORTUNITIES FOR MISUSE OR MISAPPROPRIATION OF PROGRAM RESOURCES, A SYSTEM OF AUTHORIZATION AND RECORD PROCEDURES TO PROVIDE ACCOUNTING CONTROL OVER ASSETS, LIABILITIES, REVENUES, AND EXPENSES; AN ESTABLISHED SYSTEM OF PRACTICES TO BE FOLLOWED FOR EACH DUTY AND FUNCTION OF THE ORGANIZATIONAL FUNCTION; AND AN EFFECTIVE SYSTEM OF INTERNAL AUDIT. THE APPENDIX CONTAINS A LIST OF THE CASES INCLUDED IN THIS STUDY.