Professional Documents
Culture Documents
Acctg 18
1. Preventive Controls
2. Detective Controls
3. Corrective Controls
The Preventive-Detective-Corrective
(PDC) Model
1. Preventive Controls
Passive techniques designed to reduce the frequency of
occurrence of undesirable events.
The first line of defense in the control structure; vast majority of
undesirable events can be blocked at the first level.
A well-designed source document is an example of a preventive
control.
The Preventive-Detective-Corrective
(PDC) Model
2. Detective Controls
Devices, techniques, and procedures designed to identify and
expose undesirable events that elude preventive controls.
Reveal specific types of errors by comparing actual occurrences
to pre-established standards
The Preventive-Detective-Corrective
(PDC) Model
3. Corrective Controls
Action taken to reverse the effects of errors detected in the first
step.
Error correction should be viewed as a separate control step
that should be taken seriously
COSO Internal Control Framework
Five Components:
1. Control Environment
2. Risk Assessment
3. Information and Communication
4. Monitoring
5. Control Activities
COSO Internal Control Framework
1. Control Environment
Sets the tone for the organization and influences the control
awareness of its management and employees.
2. Risk Assessment
Organizations must perform a risk assessment to identify,
analyze, and manage risks relevant to financial reporting.
3. Information and Communication
The quality of information the accounting information system
generates impacts management’s ability to take actions and
make decisions in connection with the organization’s
operations and to prepare reliable financial statements.
COSO Internal Control Framework
3. Information and Communication
The quality of information the accounting information system
generates impacts management’s ability to take actions and
make decisions in connection with the organization’s
operations and to prepare reliable financial statements.
An effective accounting information system will:
Identify and record all valid financial transactions.
Provide timely information about transactions in sufficient
detail to permit proper classification and financial reporting.
Accurately measure the financial value of transactions so
their effects can be recorded in financial statements.
Accurately record transactions in the time period in which
they occurred.
COSO Internal Control Framework
4. Monitoring
The process by which the quality of internal control design and
operation can be assessed.
5. Control Activities
The policies and procedures used to ensure that appropriate
actions are taken to deal with the organization’s identified risks.
i. IT Controls
ii. Physical Controls
Control Activities
1. Transaction Authorization
2. Segregation of Duties
3. Supervision
4. Accounting Records
5. Access Control
6. Independent Verification
Physical Controls
Transaction