
Explanation:
Preventative controls are designed to reduce the likelihood of risks materializing by mitigating their possible causes. These controls are proactive measures that are put in place to prevent an undesirable event from occurring. They are designed to manage risks before they have an impact on the organization. Preventative controls may include a wide range of activities such as system and process design, training, and supervision. The goal of these controls is to identify potential risks and take action to eliminate or reduce them before they can affect the organization. This is achieved by identifying the potential causes of risks and implementing measures to mitigate these causes. Examples of preventative controls include access controls, segregation of duties, and approval authorities.
Choice A is incorrect. Detective controls are not designed to mitigate the possible causes of risks, but rather to identify and react to instances where a risk has materialized. They are reactive in nature and come into play after a risk event has occurred.
Choice B is incorrect. Corrective controls, similar to detective controls, are also reactive in nature. They aim at correcting or rectifying the situation after a risk event has occurred rather than mitigating the possible causes of risks.
Choice D is incorrect. Directive controls guide actions towards compliance with policies and procedures but they do not specifically target the mitigation of potential causes of risks.
Ultimate access to all questions.
No comments yet.
Q.5066 Which of the following four main categories of controls are implemented to reduce the likelihood of risks materializing by mitigating their possible causes?
A
Detective controls
B
Corrective controls
C
Preventative controls
D
Directive controls