Reviewing access to an application for authorization of new accounts is an example of which testing type?

Reviewing access to an application for authorization of new accounts is categorized as compliance testing because it involves verifying that the processes and controls established by the organization are adhered to. Compliance testing aims to ensure that operational practices align with internal policies, regulatory requirements, and established procedures.

In this context, the act of examining how new accounts are authorized ensures that the application is functioning in line with the organization's established guidelines and controls regarding access management. This not only helps in confirming that proper authorization protocols are followed but also serves to mitigate the risk of unauthorized access, which can lead to data breaches or system vulnerabilities.

Substantive testing, on the other hand, typically focuses on the accuracy and completeness of financial transactions or data, rather than the adherence to policies and controls. Similarly, variable sampling and stop-or-go sampling are statistical methods used for selecting a portion of a population for testing but do not specifically address the compliance aspect of access control reviews.