Audit trail or audit log is a chronological sequence of audit records, each of which contains
evidence directly pertaining to and resulting from the execution of a business process or system
function. Under which of the following controls does audit control come?
A.
Reactive controls
B.
Detective controls
C.
Protective controls
D.
Preventive controls
Explanation:
Audit trail or audit log comes under detective controls. Detective controls are the
audit controls that are not needed to be restricted. Any control that performs a monitoring activity
can likely be defined as a Detective Control. For example, it is possible that mistakes, either
intentional or unintentional, can be made. Therefore, an additional Protective control is that these
companies must have their financial results audited by an independent Certified Public
Accountant. The role of this accountant is to act as an auditor. In fact, any auditor acts as a
Detective control. If the organization in question has not properly followed the rules, a diligentauditor should be able to detect the deficiency which indicates that some control somewhere has
detective control, responding in such a way as to alert or otherwise correct an unacceptable
condition. Using the example of account rules, either the internal Audit Committee or the SEC
itself, based on the report generated by the external auditor, will take some corrective action. In
Protective or preventative controls serve to proactively define and possibly enforce acceptable
behaviors. As an example, a set of common accounting rules are defined and must be followed by
any publicly traded company. Each quarter, any particular company must publicly state its current
financial standing and accounting as reflected by an application of these rules. These accounting
rules and the SEC requirements serve as protective or preventative controls.