Categories of Control Activities
This category of Control Activities is when management establishes controls to secure and safeguard valuable assets.
What is Physical Controls?
This preventative control is used to ensure the people we interact with are who they claim to be.
What is identity-verification?
This detective control is where management establishes reporting lines to communicate information.
What is responding to reported risks and incidents?
This transaction level control activity objective focuses on ensuring all events and transactions are properly recorded.
What is completeness?
This analysis refers to the level and type of risk a business will accept in pursuit of their objective
What is risk appetite?
What is fraud-related controls?
This preventative control allows transactions to be approved without human intervention.
What is automatic approvals?
This detective control is where management reviews payments to ensure compliance with higher authority and program requirements.
What is post payment reviews?
This transaction level control activity objective ensures that data is recorded correctly and on time.
What is accuracy?
This is systematic process of identifying, assessing, and controlling risks.
What is risk management?
This is where management establishes control activities over business process that services organizations and third parties perform on behalf of MDVA.
What is oversight of services organizations and third parties?
This preventative control is where management uses passwords or other authentication mechanisms to prevent unauthorized use or and changes to the system.
What is logical access?
This detective control is a recording of events that occurred within the information technology system.
What is information security logging?
This transaction level control activity objective focuses on ensuring all transactions actually occurred and followed prescribed procedures.
This is the foundation of an organization’s internal control system, reflecting its culture, ethical values, and management’s commitment to integrity and accountability
What is control environment?
This is where management limits access to physical and digital resources and records to authorized individuals.
What is Access restrictions and accountability for records?
This preventative control confirms the entitlement of the individual based on established criteria.
What is eligibility-verification?
This detective control uses data annalytics to detect fraudulant activity or detect and correct an unintended event or result after it occurs.
What is detective analytics?
This precision of controls consideration identifies that a control activity that is performed routinely, consistently, and timely generally is more precise than one that is performed sporadically.
What is consistency and timing?
This is the ethical climate and leadership behavior set by a company’s senior management and board, which shapes the organization’s culture and standards of conduct
What is the tone at the top?
This is where management establishes control activities to manage the entity's workforce so that individuals are on board and provided the right training, tools, structure, incentives, and responsibilities.
What is Management of Human Capital?
Using known information to identify patterns inconsistencies, discrepancies, and anomalies that may point to fraudulent activity or improper payments.
What is preventative data analytics?
This detective control is the practice of checking two sets of records against each other to confirm that transactions are processed, recorded, and accounted for completely.
What is reconciliation?
This precision of controls identifies the direct relationship between a control activity and business activity.
What is correlation to relevant business process?
This employee measurement is designed to encourage adherence to internal controls, promotes transparency and responsibility, supports continuous improvement, and reduce unethical behavior due to lack of accountability.
What is performance measurement?