Social security numbers should not be noted but I have seen many employees noting it; even our boss (does it) ... so, whom do we report the fraud to?"

This is one of the responses that a BPO employee gave in a recent spot test conducted by Indiaforensic Consultancy Services (ICS), a Pune-based consultancy organisation engaged in fraud examination and forensic accounting in India.

According to Indiaforensic, absence of whistle-blowing policies, fraud response plans and training in ethics are the primary concerns in information security.

Indiaforensic conducted spot tests in a few BPO companies in Pune in the light of concerns on information security raised following the recent sting operation by a UK-based media organisation at an Indian call centre.

ICS interviewed over 25 employees at the implementation level.

"We at Indiaforensic believe that the larger reason why such incidents continue to occur is not lack of information security norms, but rather a lack of whistle-blowing policies, fraud response plans and training on ethics," says a report brought out by the company following the spot-test.

                                                                                contd on page 2...