Access has wizards that will get you started. Create a form, select the table you want to display, select the columns you want to display, set the form to continuous view. Save and view. You now have a bound form that will display all the records from the table and allow you to update them, you can also use the sort and filter options from the ribbon. No button is required to allow editing. the form is naturally updateable unless you set its Allow Edits property to no. Same for deletes and adds. The form will allow deletes by clicking on the record selector -gray box at the left of each line, selects a record. If you press the delete key or choose delete from the ribbon, you can delete the record. the form will also allow additions. Just go to the last visible row - the one with the * to get to the empty record. You can prevent adds and deletes by setting the appropriate "Allow" property on the forms property sheet/ Data tab.
Now we come to the control part. Access raises various events when certain actions take place. These events offer you the ability to add code at the correct point to control a given action. For example, if you have a security system and you want to only allow certain people to update a record, you can add code to verify that a person is autorized to update the data. You can trap the attempt to update in the form's on Dirty event and undo the change and give the user a message telling him he isn't authorized. You can also trap deletes in the BeforeDeleteConfirm event and cancel if not allowed.
So, in summary, Access does what you want natively, without code. Given that, look at some of the events and think about what you might want to do to verify authorization. If you want to validate data, like making certain that some fields are present and within an appropriate range, you would do that in the form's BeforeUpdate event.
