Preventive control
Definition
A control designed to stop an error or fraudulent act before it occurs. Examples include segregation of duties, mandatory authorisation limits, access restrictions, and pre-numbered documents. Preventive controls reduce fraud frequency but cannot guarantee zero occurrence.
Related terms
- COBIT
- Control Objectives for Information and Related Technologies, published by ISACA. A governance and management framework for enterprise IT that defines IT-specific control...
- Control environment
- The first and foundational component of the COSO framework. It encompasses the board's oversight, management's philosophy and operating style, organisational structure, commitment...
- COSO Integrated Framework
- A framework for internal control published by the Committee of Sponsoring Organizations of the Treadway Commission, defining five interrelated components: control environment,...
- Detective control
- A control designed to identify an error or irregularity after it has occurred. Examples include bank reconciliations, exception reports, variance analysis, and...
- IT general controls (ITGCs)
- Controls over the IT environment that support the reliable operation of application controls. Key categories include access management, change management, computer operations,...
Explained in
- Internal Control Frameworks and Control DesignA control designed to stop an error or fraudulent act before it occurs. Examples include segregation of duties, mandatory authorisation limits, access restrict...