Internal control and corporate governance

Internal control comprises all actions and procedures aimed at ensuring the achievement of objectives. Internal control is an integral part of an organisation’s management and governance, i.e. continuous management and monitoring of operations and finances.  Effective internal control is typically based on international frameworks for internal control, including:  

According to the COSO model, the Board of Directors, management and other personnel are all responsible for the control framework of the organization.  The purpose is to produce reasonable certainty of the following objectives being achieved: 

 
In many organizations, internal control and risk management processes are complemented by corporate governance structures: 

 
Similar recommendations for internal control are are also available for other types of organisations, including financial sector entities, foundations, municipalities, and government agencies and institutions. For example, the Association of Finnish Municipalities has published guidelines for the implementation of internal control and risk management in municipalities

In addition, the controller function of the Ministry of Finance has drawn up recommendations on best practices in internal control and risk management for government agencies and institutions

In some organisations, internal audit supports the senior management and the Board of Directors in assessing the effectiveness of internal control. Internal audit is focused on the internal control of the entire organisation’s operations and risk management, as well as management and governance processes (in Finnish) 

We help you with: