What are some common types of internal controls?

The identification of preventive controls, detective controls, and corrective controls as common types of internal controls is accurate because these categories comprehensively cover the stages of risk management within an organization.

Preventive controls are designed to avert potential issues before they occur, thereby helping to reduce the likelihood of errors or fraud. An example of a preventive control would be segregation of duties, which ensures that no single individual has control over all aspects of a financial transaction, thereby minimizing the risk of misconduct.

Detective controls focus on identifying and discovering errors and irregularities that have already occurred. This includes measures such as audits, reconciliations, and monitoring systems that help the organization recognize operational failures or security breaches promptly.

Corrective controls come into play after a problem has been detected. Their purpose is to rectify or mitigate the effects of the issue found. Examples include implementing new procedures following an identified error or fraud, or performing training sessions to address gaps in knowledge that facilitated the issue.

This classification allows organizations to effectively structure their approach to internal controls, ensuring comprehensive coverage of potential risks and establishing procedures to manage them systematically.