Controls are a specific set of policies, procedures, and activities designed to meet an objective. They help a company or organization ensure accuracy and reliability of reporting. They can also help to maintain compliance with laws and industry regulations, achieve the objectives of the organization, reduce potential losses and manage and mitigate risk. Internal controls such as detective controls are created to detect errors in business. Corrective controls are used to correct errors. Preventive controls are designed to stop errors from occurring. Common controls require reviews, approvals, verifications, and reconciliations. There are additional types of controls used for review, audits and the segregation of duties.
Do you think the Compliance Risk Management Common Controls Framework is a myth? Read what Rsam's Client Partner, Will Whitaker, has to say about it.