Types of Controls

Concept

Preventive vs. Detective

Preventive controls stop errors or fraud before they occur — examples include segregation of duties, authorization requirements, and physical safeguards. Detective controls identify problems after they happen — examples include bank reconciliations, physical inventory counts, and variance analysis.

Example

Segregation of Duties

No single person should authorize, record, AND have custody of assets. For instance, the person writing checks should not reconcile the bank statement. This is one of the most critical preventive controls on the CPA exam.

Key Point

IT Controls

IT general controls include access controls (passwords, permissions), change management, and data backups. Application controls are program-specific: input validation, processing controls, and output verification.

Introduction to Internal Controls

The Audit Process

Ready to test your knowledge?

Practice questions from this module to reinforce what you learned.

Practice Questions