ACCA Audit and Assurance (F8) Practice Exam

What are the two main types of controls in a computerized environment?

• A. General and Specific Controls
• B. Management and Application Controls
• C. General Controls and Application Controls
• D. Operational and Strategic Controls

The correct answer is: General Controls and Application Controls

In a computerized environment, the distinction between the two main types of controls is essential for ensuring the integrity and reliability of information systems. The correct choice identifies General Controls and Application Controls as the two primary categories. General Controls are overarching policies and procedures that govern the overall environment in which computer systems operate. These include aspects such as access controls, data security measures, and system change management protocols. They ensure that the system as a whole is secure and operates effectively, safeguarding the environment against unauthorized access and ensuring that hardware and software function together properly. Application Controls, on the other hand, are specific to individual applications or software programs. They are designed to ensure the accuracy, completeness, and validity of the data processed within those applications. Examples include input validations, processing controls, and output controls. These controls help ensure that data entered into the system is correct and that outputs generated meet the expected criteria. The other options do not accurately categorize the controls in a computerized environment. While Management and Application Controls might suggest a division based on purpose, they do not capture the necessary overarching controls that protect the entire system. Similarly, Operational and Strategic Controls describe different aspects of management but do not fit the technical specifications required in this context. Therefore, the identification of General Controls and Application