Discuss the nature of preventive controls that may be designed into an AIS. Give an example and explain how it may prevent fraud or abuse of the system.
Controls may also be grouped in terms of risk aversion:, Preventive, Detective, Corrective Controls. Preventive controls are the "first line of defense" in a control environment. That is, they are suppose to verify PRIOR to any activity and if the activity is not authenticated or authorized, it does not occur. It is prevented by the system. The system forces compliance with the rules by screening out the unauthorized or error event. Many undesirable or wrong activities can be blocked with good preventive controls. Of course, not all potentially harmful events can be anticipated so detective and corrective controls address those that are not caught by the preventive controls.
Your tutorial is 440 words and two references and discusses what preventive controls are and how they differ from detective and corrective controls. Two examples are given and discussed in addition to mentioning how important preventive controls are for fraud protection.