Attached. Please let me know if you have any questions or need revisions.

Preventive Controls for Internal Security Threats
Name
Institution

Introduction
• Internal controls can be defined as the processes that help in mitigating
and reducing the chances of various unwanted risk outcomes. There are
various internal controls and every organization has the freedom to choose
which kind of controls to embrace.
• It is necessary for an organization to understand that all organizations are
unique and so this will inquire the management to find out what major risks
are likely to occur to that particular company, in order to know the kind of
internal controls to implement.
• Identifying the best internal controls for an organization can be quite a
hard task and may take time. This means that it will also require patience
for the management to identify the best internal controls and implement
them. this will make the company resilient to many risks.

• Internal controls are a necessity in the successful completion of duties in
any operating organization. With the aim of having effective operating
programs, a firm should make the internal controls to be a major part of the
information security and compliance programs.
• Although this will require the management to have a better understanding
of how the compliance and the information security program is working to
gauge its performance.
• This step will help them detect a problem whenever there is one.
• Problems and risks are quite difficult to avoid especially now that many
organizations have been made vulnerable to many security threats.
• It is important that any organization that wishes to protect itself make a
huge step of evaluating the risks that are likely to occur.
• Such a step will make them aware of how these risks occur hence making
it easy to detect one immediately or rather avoid all the steps that will lead
to that risk occurring.

Importance of Internal Controls
• Internal controls ensure that an organization has an accurate and reliable
financial information.
• Protects the organization from fraud and all related business activities that
will put the business at risk.
• Protect the firm’s valuable and confidential information.
• Promote compliance
• Promote the effectiveness of business operations by reducing the risks
that are likely to occur.

Types of Internal Controls
• There are different types of internal controls that can be embraced by different
organizations.
• Every organization faces various risks and so depending on the risks faced, the
type of internal control to be implemented should be in a position to help protect
the organization from them.
• The two major internal controls that are mostly used are from the control
activities. They include the preventive and detective controls.
• Preventive controls have been designed to help avoid basic errors in transactions
even before they occur. This means that when a firm is using this type of control,
they are in a position to identify invalid transactions hence not processing them.
This will in turn protect assets as they will not be misappropriated.
• Detective controls on the other hand are the ones that are meant to identify errors
in transactions after they have already occurred.
• These controls also have the capability of identifying assets that are missing and
the transactions that are termed as invalid.They are also essential for an
organization to succeed.

Examples of Preventive Controls
•
•
•
•
•

Examples of preventive controls include:
Employee training and screening
Segregation of tasks and duties
Physical controlling of assets for example use of locks
Putting access controls throughout the buildings and having computer
passwords to help determine who will access the information in the
computers.
• Putting in place pre-approval processes that will help guide transactions
and other financial actions.

Examples of Detective Controls
• Detective controls can help protect the organ...