TheInternal Controlstopic in the APS Certification Program explains that detective controls are designed to identify errors, fraud, or control failures after they occur. They include activities like reviewing transactions for irregularities and assessing the effectiveness of preventive controls.Segregation of duties, however, is a preventive control, not a detective one, as it prevents fraud by dividing responsibilities.
Item I (Establish segregation of duties): Segregation of duties prevents fraud by ensuring no single employee controls all aspects of a transaction (e.g., invoice approval and payment). This is a preventive control, not detective.
Item II (Look for errors and irregularities): Detective controls, such as account reconciliation or audits, identify errors or fraudulent activities after they occur. This is a valid function.
Item III (Determine if preventive controls are effective): Detective controls, like monitoring or control testing, assess whether preventive controls (e.g., vendor validation) are working. This is a valid function.
Option A (I, II, and III): Incorrect, as Item I is a preventive control.
Option B (I and III only): Incorrect, as Item I is not a detective control function.
Option C (II and III only): Correct, as Items II and III describe detective control functions.
Option D (I and II only): Incorrect, as Item I is not a detective control function.
Reference to IOFM APS Documents: The APS e-textbook underInternal Controlsstates, “Detective controls, such as audits and reconciliations, look for errors and irregularities and evaluate the effectiveness of preventive controls.” It clarifies that “segregation of duties is a preventive control to avoid conflicts of interest.” The training video discusses detective controls as tools for “post-transaction review and control assessment,” excluding segregation of duties.