Internal control institutions achieve their goals and fulfill their missions; It is the process applied in order to minimize the uncertainties that may arise while they are on this path. Internal control empowers the management to cope with the ever-changing environmental conditions, the demands and priorities of the service users, and the risks that may arise in the future that may pose a threat or create opportunities.
In other words, internal control is an integrated process that is implemented by the management and personnel of the organization, designed to provide reasonable assurance that the organization achieves its objectives and fulfills its mission, and affects the overall organization.
Some of the important elements in the definition of internal control are:
• Internal control is a process. This means that internal control is not an aim to be achieved. The fact that internal control is a process also means that it is not a result. This process is a tool used to achieve results.
• Internal control is influenced by people. This process is not just policy rules, handbooks and instruction texts. People at all levels of the organization are part of internal control and are responsible for its implementation.
• Internal control provides only reasonable assurance to senior management and executives that the organization's objectives are achieved. The institution is exposed to internal and external factors as it moves towards its goal. Employees who are part of the organization are examples of internal factors. Character traits, moral values and competencies of individuals are directly related to the effectiveness of internal control. It is not possible to completely control the internal characteristics of people with internal control. It is impossible to completely control some of the risks that can be shown as external factors, such as the economic crisis. Therefore, internal control provides reasonable assurance, not absolute assurance.
Internal control is not just about financial transactions and reporting; It refers to all controls applied at the scale of compliance and performance, covering management, governance processes, strategy and other activities and operations of the organization. In this respect, internal control is much broader than the previous understanding of financial control. Internal control should be appropriate to the nature and needs of the organization. This process is the most effective way for institutions to realize their mission.
However; The internal control system of every institution is not the same. Institutions and their controls; It differs according to the sector, organizational structure, corporate culture and management philosophy. Each institution should adapt its internal control structure, which is given as a single model. Management should decide on the nature of the controls it will place, taking into account its own organization, and should take into account the specific needs of the organization when adapting it.
Internal control concerns the public sector as well as the private sector. In the private sector, the primary purpose of the company is usually to increase the value obtained by the shareholders. In the public sector, the purpose is usually the performance of a service or the achievement of a result that provides the public interest. In the public sector, management's responsibility is to use resources and achieve results.
nstitutions use the internal control system to achieve their goals. Institutions have four main goals:
-
Effective and efficient activities
-
Reliability of financial reports
-
Compliance with applicable legislation
-
Protection of assets
The effectiveness and efficiency of the activities, the institution; It is related to the basic activity targets such as the level of reaching the targets, performance, cost-benefit structure. It includes issues such as reliability of financial reports, preparation of reliable account reports including temporary and summarized reports, recording and publishing financial data in a clear and understandable way, and easy access to other relevant information. Compliance with the applicable legislation is related to the compliance work that needs to be done to ensure that the activities carried out by the institution to achieve its objectives are in compliance with the legal procedure. Asset protection includes securing all assets owned by the organization.
For the effective implementation of the internal control system, internal control should not be seen as a burden, but as a tool to prevent losses and seize opportunities when unexpected events occur. However, the internal control system needs to be understood correctly; The system is not the main activity of the organization and does not perform the functions of management. First of all, although internal control is an early warning system against the risks that will support the achievement of corporate goals and prevent them from being achieved, it cannot determine which goals to set. In the decision-making process, it supports the manager with correct information, ensures that the decisions made are communicated, but it cannot replace the management in terms of which decisions to be taken.
The internal control system operates at different levels of effectiveness of the organization. How effectively internal control activities are carried out:
-
Top management and administrators understand the institution, the scope of activities carried out to achieve the objectives of the institution, the environment in which the activities take place and the risks to be encountered,
-
Employees have the responsibility, necessary knowledge, ability and authority for the implementation of internal control,
-
Reliable preparation of published financial reports,
-
It depends on ensuring compliance with laws and regulations.
Management plays the biggest role in the effectiveness of internal control. Administrators must establish appropriate policies and provide assurance that the internal control system is operating effectively. When applying internal control, uncertainties that will affect the achievement of objectives should be anticipated and measures should be taken; that is, managers are also responsible for risk management.
All personnel of the institution aim to perform certain activities while performing their duties. These activities combine with the other activities of the unit to achieve the unit targets, and unit targets to achieve the corporate targets as a whole. Personnel is the person who has the most detailed information about the task they are performing. To fulfill this task in the most effective way; In addition, he is responsible for communicating both business-related problems and other problems that he notices within the organization to the management. While performing their duties, employees produce information to be used in the internal control system and engage in activities that affect controls. Therefore, internal control is everyone's responsibility.
Internal Audit, on the other hand, plays a role in evaluating the effectiveness of the internal control system and contributing to the effectiveness of the system.
