Part (b) for 4 marks required an explanation of four control activities to prevent and detect fraud and error. This was answered satisfactorily by many candidates.

Most candidates were able to provide an adequate number of controls which would prevent and detect fraud and error, with many identifying activities such as segregation of duty, authorisation and physical controls.

However, some candidates misunderstood the question and gave internal control components rather than activities, such as risk assessment process and information processing. In addition some candidates failed to explain the controls, instead just stating “segregation of duties” rather than explaining what this means or providing an example segregation of duties control.