METHODOLOGICAL JUSTIFICATION:
In this work, firstly, the existing problem in the institutional mission has been identified. Possible solutions have been formulated on this problem through hypotheses; then the purposes that the work pursues through the objectives have been established. All these elements have been formed based on the variables and indicators of the research. All of the above is based on a research methodology that identifies the type, level and design of the research, the population and the sample to be applied; as well as the techniques and instruments to collect, analyze and interpret the information.
THEORETICAL JUSTIFICATION:
The Institutional Control Body (OCI) constitutes the specialized unit responsible for carrying out government control, in order to promote the correct and transparent management of the entity's resources and assets, safeguarding the legality and efficiency of its acts and operations., as well as the achievement of its results, through the execution of control tasks. Entities subject to the National Control System must have an OCI, whose responsibility for implementation and implementation lies with the Head of the entity. The OCI must have an operational capacity that allows it to fulfill the established functions. The OCI exercises internal control after the entity's acts and operations based on the guidelines and compliance with the Annual Control Plan. The OCI,audits the entity's financial and budgetary statements, as well as its management, in accordance with the guidelines issued by the Comptroller General. It executes the control tasks to the acts and operations of the entity that the General Comptroller has. When these control tasks are required by the Head of the entity and are unscheduled, their execution will be carried out in accordance with the guidelines issued by the Comptroller General. The OCI exercises preventive control in the entity within the framework of the provisions of the provisions issued by the Comptroller General, in order to contribute to improved management, without compromising the exercise of subsequent control. The OCI,It sends the Reports resulting from its control tasks both to the Comptroller General and to the Head of the entity and the sector, when appropriate, in accordance with the provisions on the matter. It acts ex officio when reasonable indications of illegality, omission or non-compliance are noticed in the acts and operations of the entity, informing the Head of the entity so that the appropriate corrective measures are taken. It receives and attends to the complaints formulated by the servers, public officials and citizens in general, about acts and operations of the entity, granting it the procedure that corresponds to its merit, in accordance with the provisions issued on the matter. The OCI monitors the corrective measures implemented by the entity as a result of the control tasks,checking and qualifying its effective materialization, in accordance with the provisions of the matter.
PRACTICAL JUSTIFICATION:
This work may be applied in public entities in Peru, since what is sought is to achieve the institutional mission.
IMPORTANCE:
The importance is given by the fact of taking advantage of the elements that the entities have without major costs, with efficiency, effectiveness and continuous improvement. Also, because it allows to capture the scientific research process and professional knowledge and experience.
TREATMENT OF THE INSTITUTIONAL CONTROL BODY:
Analyzing Aldave and Meniz (2013), Law No. 27785 - Organic Law of the National Control System and the Office of the Comptroller General of the Republic, establishes the norms that regulate the scope, organization, powers and operation of the National Control System and of the Office of the Comptroller General of the Republic as the governing technical entity of said System. The National Control System is the set of control bodies, norms, methods and procedures that are structured and functionally integrated, aimed at conducting and developing the exercise of government control in a decentralized manner. Its performance includes all the activities and actions in the administrative, budgetary, operational and financial fields of the entities and reaches the personnel who provide services in them, regardless of the regime that regulates them.The System is made up of the following control bodies: The Comptroller General, as the governing technical entity; all organic units responsible for the governmental control function of public entities; the independent external audit companies, when they are appointed by the General Comptroller and contracted, during a certain period, to perform audit services in the entities: economic, financial, computer systems, environment and others.to perform audit services in entities: economic, financial, computer systems, environment and others.to perform audit services in entities: economic, financial, computer systems, environment and others.
The exercise of government control in public sector entities is carried out under the regulatory and functional authority of the Comptroller General, which establishes the guidelines, provisions and technical procedures corresponding to its process, depending on the nature and / or specialization of said entities, the applicable control modalities and the objectives set for their execution. Said regulation will allow the evaluation, by the control bodies, of the management of said entities and their results. The Office of the Comptroller General, as the governing technical entity, organizes and develops government control in a decentralized and permanent manner, which is expressed by the presence and action of the control bodies in each of the central level public entities, regional and local,that carry out their function with technical independence.
The powers of the National Control System are: i) To carry out the supervision, vigilance and verification of the correct management and use of State resources and assets, which also includes supervising the legality of the acts of the institutions subject to control in the execution of the guidelines for a better management of public finances, with fiscal prudence and transparency, in accordance with the objectives and plans of the entities, as well as the execution of the budgets of the Public Sector and the operations of public debt; ii) Make timely recommendations to improve the capacity and efficiency of entities in making their decisions and managing their resources, as well as the procedures and operations they use in their actions, in order to optimize their administrative systems,management and internal control; iii) Promote the modernization and improvement of public management, through the optimization of management systems and exercising government control with special emphasis on critical areas sensitive to acts of administrative corruption; iv) Advocate the permanent training of public officials and servants in matters of government administration and control. The objectives of the training will be oriented to consolidate, update and specialize their technical, professional and ethical training. For this purpose, the Comptroller General, through the National School of Control, or through Agreements concluded with public or private entities, exercises a supervisory role in the development of programs and events of this nature.The heads of the entities are obliged to provide that the personnel who work in the administrative systems participate in the training events organized by the National School of Control, and such officials and servers must accredit said participation every two years. Said obligation is extended to the Audit Companies that are part of the System, regarding the personnel they employ for the development of external audits; v) Demand from public officials and servants full responsibility for their acts in the role they perform, identifying the type of responsibility incurred, whether it be administrative, civil or criminal, and recommending the adoption of the necessary preventive and corrective actions for its implementation.For the proper identification of the responsibility incurred by public officials and servants, the guidelines of at least: identification of the unfulfilled duty, reservation, presumption of legality, causal relationship, which shall be developed by the General Comptroller; vi) Issue, as a result of the control actions carried out, the respective reports with due technical and legal support, constituting pre-constituted evidence for the initiation of the administrative and / or legal actions that are recommended in said reports; vii) In the event that the reports generated from a control action have the participation of the Public Ministry and the National Police, there will be no need to open a police investigation or preliminary investigation,as well as request or order ex officio the performance of accounting expertise; viii) Provide technical support to the Public Prosecutor or the entity's legal representative, in cases in which legal actions derived from a control action must be initiated, providing the facilities and / or clarifications of the case, and reaching the documentation proving responsibility incurred.
According to Hernández (2013), government control consists of the supervision, surveillance and verification of the acts and results of public management, in attention to the degree of efficiency, effectiveness, transparency and economy in the use and destination of resources and goods. of the State, as well as compliance with legal regulations and policy guidelines and action plans, evaluating the administration, management and control systems, with the aim of improving them through the adoption of pertinent preventive and corrective actions. Government control is internal and external and its development constitutes a comprehensive and permanent process. Internal control includes prior, simultaneous and subsequent verification precautionary actions carried out by the entity subject to control, in order to manage its resources,goods and operations are carried out correctly and efficiently. Its exercise is prior, simultaneous and subsequent. The prior and simultaneous internal control is the exclusive responsibility of the authorities, officials and public servants of the entities as their own responsibility for the functions that are inherent to it, based on the rules that govern the activities of the organization and the procedures established in their plans., regulations, manuals and institutional provisions, which contain the policies and methods of authorization, registration, verification, evaluation, security and protection. Subsequent control is exercised by the senior managers of the server or executing official, depending on compliance with the established provisions, as well as by the institutional control body according to its annual control plan.evaluating and verifying the administrative aspects of the use of State resources and assets, as well as the management and execution carried out, in relation to the goals and objectives outlined; as well as the results obtained. It is the responsibility of the Head of the entity to promote and supervise the operation and reliability of internal control for the evaluation of management and the effective exercise of accountability, aiming for it to contribute to the achievement of the entity's mission and objectives. office. The Head of the entity is obliged to define the institutional policies in the annual plans and / or programs that are formulated, which will be subject to the verifications.in relation to the goals and objectives set; as well as the results obtained. It is the responsibility of the Head of the entity to promote and supervise the operation and reliability of internal control for the evaluation of management and the effective exercise of accountability, aiming for it to contribute to the achievement of the entity's mission and objectives. office. The Head of the entity is obliged to define the institutional policies in the annual plans and / or programs that are formulated, which will be subject to the verifications.in relation to the goals and objectives set; as well as the results obtained. It is the responsibility of the Head of the entity to promote and supervise the operation and reliability of internal control for the evaluation of management and the effective exercise of accountability, aiming for it to contribute to the achievement of the entity's mission and objectives. office. The Head of the entity is obliged to define the institutional policies in the annual plans and / or programs that are formulated, which will be subject to the verifications.aiming for it to contribute to the achievement of the mission and objectives of the entity under its charge. The Head of the entity is obliged to define the institutional policies in the annual plans and / or programs that are formulated, which will be subject to the verifications.aiming for it to contribute to the achievement of the mission and objectives of the entity under its charge. The Head of the entity is obliged to define the institutional policies in the annual plans and / or programs that are formulated, which will be subject to the verifications.
External control is understood as the set of technical policies, norms, methods, and procedures that are applicable to the Office of the Comptroller General or another organ of the system on behalf of or appointed by it, in order to supervise, monitor, and verify management, collection and use of state resources and assets. It is fundamentally carried out by means of selective and subsequent control actions. In accordance with its supervisory and surveillance roles, external control may be preventive or simultaneous, when it is specifically determined by the Law of the National Control System or by express regulations, without in any case entailing interference in the management and management processes. in charge of the administration of the entity, or interference in the corresponding subsequent control. For your exercise,systems of control of legality, management, financial, results, evaluation of internal control or others that are useful depending on the characteristics of the entity and the matter of control will be applied, and may be carried out individually or in combination. Likewise, inspections and verifications may be carried out, as well as the procedures, studies and investigations necessary for control purposes.
Analyzing Rodríguez (2013), government control is carried out within the framework of the following principles:
- The universality, understood as the power of the supervisory bodies to perform under its jurisdiction and powers with control over all activities of the respective entity and all its officers and servants, whatever their rank, The Character comprehensive, by virtue of which the exercise of control consists of a set of actions and techniques aimed at evaluating, fully and completely, the processes and operations, subject of examination in the entity and its economic and / or social benefits obtained, in relationship with the expense generated, the established qualitative and quantitative goals, its link with government policies, non-predictable or controllable exogenous variables and historical efficiency indices;functional autonomy, expressed in the power of the control bodies to organize and exercise their functions with technical independence and free of influence. No entity or authority, official or public servant, nor third parties, can oppose, interfere or hinder the exercise of their functions and powers of control; The permanent character, which defines the continuous and enduring nature of control as an instrument for monitoring processes and operations of the entity; The technical and specialized nature of the control, as an essential support of its operation, under quality, consistency and reasonableness requirements in its exercise; considering the need to carry out the control depending on the nature of the entity in which it is affected;legality, which supposes the full subjection of the control process to the constitutional, legal and regulatory norms applicable to its performance; The due control process, by which the respect and observance of the rights of entities and people is guaranteed, as well as of the established rules and requirements; The efficiency, effectiveness and economy through which the control process achieves its objectives with an appropriate level of quality and optimal use of resources; The opportunity, consisting of the control actions being carried out carried out at the time and circumstances due and pertinent to fulfill its mission; Objectivity, for which reason the control actions are carried out on the basis of a due and impartial evaluation of factual and legal grounds, avoiding subjective appraisals; Materiality, which implies the power of control to concentrate its action on transactions and operations of greater economic significance or relevance in the examined entity; The selective nature of control, understood as that exercised by the System in entities, their organs and their critical activities, denoting greater risk of incurring acts against administrative integrity; The presumption of lawfulness, according to which, unless proven otherwise, it is said that the authorities, officials and servants of the entities have acted in accordance with the pertinent legal and administrative regulations; Access to information, referring to the power of the supervisory bodies to require, know and examine all the information and documentation on the operations of the entity, even if it is secret, necessary for its function; The reserve, for whose merit it is prohibited that information that may cause damage to the entity is disclosed during the execution of the control. the entity, its staff or the System, or makes it difficult for the latter; The continuity of the activities or operation of the entity when carrying out a control action; Advertising, consisting of the timely dissemination of the results of the control actions or others carried out by the control bodies, through the mechanisms that the Comptroller General deems appropriate; Citizen participation, which allows the contribution of citizens in the exercise of government control; FlexibilityAccording to which, when the control is carried out, priority must be given to the achievement of the proposed goals, over those formalities whose omission does not affect the validity of the operation subject to verification, nor determine relevant aspects in the final decision. The aforementioned principles are of mandatory observance by the Institutional Control Bodies and can be expanded or modified by the Comptroller General, who is responsible for their interpretation.
According to Bravo (2013), the Law of Control of Public Entities - Law N ° 28716 - Law of Internal Control of State Entities, establishes that State Entities must compulsorily implement internal control systems in their processes, activities, resources, operations and institutional acts, orienting its execution towards the fulfillment of the following objectives: i) Promote and optimize the efficiency, effectiveness, transparency and economy in the operations of the entity, as well as the quality of the public services it provides; ii) To care for and protect the resources and assets of the State against any form of loss, deterioration, misuse and illegal acts, as well as, in general, against any irregular act or harmful situation that could affect them; iii) Comply with the regulations applicable to the entity and its operations;iv) Guarantee the reliability and timeliness of the information; v) Promote and promote the practice of institutional values; vi) Promote the compliance of public officials or servants to render account for the funds and public goods in their charge and / or for a mission or objective entrusted and accepted.
According to the aforementioned Law, the duties of the head of the entity and officials of the entity, related to the implementation and operation of internal control: i) To ensure proper compliance with the functions and activities of the entity and the body in charge of it, subject to applicable legal and technical regulations; ii) Organize, maintain and improve the internal control system and measures, verifying the effectiveness and timeliness of the application, in harmony with its objectives, as well as self-evaluating internal control, in order to promote maintenance and continuous improvement internal control; iii) Demonstrate and maintain integrity and ethical values in the performance of their duties, promoting them throughout the organization iv) Document and internally disclose internal management and control policies, rules and procedures,referred, among other aspects; v) Immediately order the pertinent corrective actions, before any evidence of deviations or irregularities; vi) Timely implement the recommendations and provisions issued by the entity itself (self-evaluation report), the organs of the National Control System and other corresponding inspection entities; vii) Issue the specific rules applicable to your entity, according to its nature, structure and functions, for the application and / or regulation of internal control in the main areas of its administrative or operational activity, providing the necessary resources and support for its effective operation.vi) Timely implement the recommendations and provisions issued by the entity itself (self-evaluation report), the organs of the National Control System and other corresponding inspection entities; vii) Issue the specific rules applicable to your entity, according to its nature, structure and functions, for the application and / or regulation of internal control in the main areas of its administrative or operational activity, providing the necessary resources and support for its effective operation.vi) Timely implement the recommendations and provisions issued by the entity itself (self-evaluation report), the organs of the National Control System and other corresponding inspection entities; vii) Issue the specific rules applicable to your entity, according to its nature, structure and functions, for the application and / or regulation of internal control in the main areas of its administrative or operational activity, providing the necessary resources and support for its effective operation.for the application and / or regulation of internal control in the main areas of its administrative or operational activity, providing the resources and support necessary for its effective operation.for the application and / or regulation of internal control in the main areas of its administrative or operational activity, providing the resources and support necessary for its effective operation.
Through General Comptroller Resolution No. 459-2008-CG, the Comptroller General approves the Regulations of the Institutional Control Bodies. The purpose of said Regulation is to regulate the actions of Institutional Control Bodies (OCI) in entities subject to the National Control System, the link between the administrative and functional dependency of said bodies and their Chief with the Office of the Comptroller General of the Republic, their functions, obligations and powers, as well as the obligations of the Holders of the entities, with respect to the OCI. The Regulation aims to strengthen the work of the Institutional Control Bodies and contribute to the proper exercise of government control. The rules contained in the Regulations are mandatory for the entities referred to in article 3 of Law No. 27785,Organic Law of the National Control System and the General Comptroller of the Republic, with the exception of the entities indicated in literal g); as well as for the Institutional Control Bodies of said entities, whether they are sectoral, regional, institutional or regulated by any other organizational order, in accordance with article 13 literal b) of the
National Control System Law. The exercise of government control, through the Institutional Control Body, is based on the Principles set forth in article 9 of the National Control System Law. In entities subject to the National Control System, they are responsible for government control complying with its purposes and goals: a) The Holder, the entity's servers and officials, responsible for the implementation and operation of internal control, as well as its reliability, in accordance with the Law of Internal Control of State Entities and the Law of the National Control system. b) The Head of the Institutional Control Body, who is responsible for the exercise of subsequent internal control referred to in Article 7 of the National Control System Law,as well as the external one that is exercised by order of the General Comptroller of the Republic, according to article 8 of the National Control System Law.
The OCI constitutes the specialized unit responsible for carrying out government control in the entity, in order to promote the correct and transparent management of the entity's resources and assets, safeguarding the legality and efficiency of its acts and operations, as well as the achievement of its results, through the execution of control tasks. The entities subject to the System must have an OCI, whose responsibility for implementation and implementation rests with the Holder of the entity. The omission or non-compliance with the implementation and implementation of the OCI constitutes an infraction subject to the sanctioning power of the Comptroller General. Exceptionally, the Comptroller General may authorize, only for budgetary or other duly supported reasons, that an entity be temporarily without OCI,conditional on any organ of the System exercising subsequent control over it, and / or an annual external audit is planned. For the exclusive purposes of performance independent of government control, the OCI is located at the highest hierarchical level of the entity's structure. Without prejudice to the fulfillment of its functional obligation with the General Comptroller, the Head of the OCI directly informs the Head of the entity about the requirements and results of the control tasks inherent to its area of competence.Without prejudice to the fulfillment of its functional obligation with the General Comptroller, the Head of the OCI directly informs the Head of the entity about the requirements and results of the control tasks inherent to its area of competence.Without prejudice to the fulfillment of its functional obligation with the General Comptroller, the Head of the OCI directly informs the Head of the entity about the requirements and results of the control tasks inherent to its area of competence.
The Head of the OCI must propose the organic structure of the OCI in his charge to the Head of the entity in which he exercises his functions, for which he must take into account the nature, composition and scope of the same, as well as the volume and complexity of its operations, having to previously submit the proposal to the Comptroller General for the corresponding compliance. The OCI must have an operational capacity that allows it to fulfill the functions established in these Regulations and in the corresponding regulations. The CIOs must be made up of multidisciplinary personnel selected in relation to the objectives and activities carried out by the entity. It is the responsibility of the Head of the OCI to supervise the fulfillment of the minimum requirements that the OCI staff must meet, among which are:a) Have experience and / or training in government control, or in public administration or matters related to the management of organizations; b) Absence of impediment or incompatibility to work at the service of the State (Sworn Declaration); c) In the case that it has a Professional Title, it must have Tuition and Habilitation, in accordance with the rules of the respective Professional College to which it belongs and according to the nature of the function it requires; d) Not having a family relationship within the fourth degree of consanguinity and second degree of affinity, or by reason of marriage, with those who perform management functions in the entity, as well as with those who are in charge of the administration of goods or resources public, even when they have ceased their functions in the last two (02) years (Affidavit).The Head of the OCI has the power to require the assignment of personnel to the OCI together with the presentation of the profile and minimum requirements of the applicant, regardless of the contractual or employment modality that these personnel will assume. It is to be noted that the Head of the OCI may consider other requirements that the OCI staff must fulfill, necessary for the fulfillment of the control tasks in the entity, in addition to those previously stated. Likewise, the Head of the OCI has the power to observe in a duly substantiated manner, the rotated or assigned personnel to the OCI who do not meet the profile and requirements to carry out the control work. The Head of the OCI, by virtue of the functional dependency with the General Comptroller, has the obligation to exercise the position subject to the regulations,as well as the guidelines issued by the Office of the Comptroller General in matters of government control, complying with the functions, obligations and responsibilities that are inherent to the scope of its competence. By the administrative dependency, the Head of the OCI is designated and separated by the General Comptroller, and also, object of supervision and evaluation in the performance of her functions, in accordance with these Regulations and other current regulations, regardless of the labor and / The professional of the General Comptroller's Office designated as Head of the OCI, is subject to the labor regime, remuneration and benefits, in accordance with the provisions of articles 36 and 37 of the National Control System Law.The Heads of OCI that maintain a labor or contractual relationship with the entity are subject to the rules of the labor or contractual regime and other provisions applicable therein, without prejudice to the functional autonomy inherent in the control work and the functional performance evaluation that corresponds to the Comptroller General.
The OCI will be conducted by the official who has been designated or recognized as Head of OCI by the Comptroller General, with whom he maintains a relationship of functional and administrative dependency in accordance with the provisions of article 18 of the Law. Head of the OCI is obliged to report to the Comptroller General of the exercise of his functions. The CIOs shall exercise their functions in the entity with functional and technical independence with respect to the administration of the entity, within the scope of their competence, subject to the principles and powers established in the Law and the standards issued by the General Comptroller. OCI personnel do not participate in the management and / or administration processes. The Head of the OCI will promptly communicate to the General Comptroller and the Head of the entity,the cases of affectations to the autonomy of said Organ, in a duly founded form. The acts or omissions of any authority, official, public servant or third parties that interfere or impede the development of the functions inherent in government control, constitute an infraction subject to the sanctioning power of the Comptroller General, as provided in subsection c) of the Article 42 of the Law of the National Control System. The Head of the entity as responsible for promoting government control at the institutional level has the following obligations with respect to the OCI: a) Implement and implement an organic unit called "Institutional Control Body"; b) Place the OCI at the highest hierarchical level of the entity's structure; c) Approve when appropriate and in accordance with current provisions,the organic structure proposed by the Head of the OCI in coordination with the Comptroller General, as well as, with the opinion of the Comptroller General in case of variation, according to the applicable regulations; d) Adapt the provisions relating to the functions of the OCI provided for in the Organization's Organization and Functions Regulations, to the provisions contained in the Regulations; e) To approve the classification and number of the positions assigned to the Institutional Control Body, in coordination with the Office of the Comptroller General, in case of variation, according to the applicable regulations; f) Precaution and guarantee the appropriate allocation of the human, economic and logistical resources necessary to fulfill the functions of the OCI. In the case of personnel, the professional profile drawn up by the Head of the OCI must necessarily be met,g) Ensure that the OCI has an annual budget and operational capacity to carry out its functions; h) Cover the positions of the Staff Assignment Panel; i) Guarantee that the entity's servers and officials provide the information required by the OCI, in a timely manner, for the fulfillment of its functions; j) Ensure that the OCI has the technical and functional autonomy that allows it to fulfill its functions without interference or limitations; k) Ensure that OCI personnel participate in training events; l) Report to the Comptroller General the cases of death or resignation of the Head of the OCI, when they have a labor or contractual dependency with the entity, for the purposes of the corresponding actions; m) Others established by the General Comptroller.
The Head of the OCI is not subject to the mandate of the Head of the entity regarding the fulfillment of functions or activities inherent and related to the work of government control. It is the responsibility of the Head of the OCI to manage the unit assigned to his position, subject to the entity's policies and regulations. The Head of the OCI must maintain permanent coordination with the Head of the Entity, especially in the following aspects: a) The implementation and operation of internal control in the entity, in accordance with applicable regulations; b) In the formulation and execution of the Annual Control Plan; c) The execution of unscheduled control tasks requested by the Owner of the entity; d) Report risk situations for the entity observed in the exercise of preventive control;e) Report any lack of collaboration of the entity's servants and officials, or non-compliance with the Law or the Regulations.
The following are the functions of the Institutional Control Body: a) Exercising internal control after the entity's acts and operations based on the guidelines and compliance with the Annual Control Plan referred to in Article 7 of the System Law. National Control, as well as the external control referred to in article 8 of the National Control System Law, commissioned by the General Comptroller; b) Carry out audits of the entity's financial and budgetary statements, as well as its management, in accordance with the guidelines issued by the Comptroller General; c) Execute the control tasks of the acts and operations of the entity provided by the General Comptroller. When these control tasks are required by the Head of the entity and are unscheduled,Its execution will be carried out in accordance with the guidelines issued by the General Comptroller, d) Exercise preventive control in the entity within the framework of the provisions of the provisions issued by the General Comptroller, in order to contribute to improved management, without this compromising the exercise of subsequent control; e) Submit the Reports resulting from its control tasks to both the General Comptroller and the Head of the entity and the sector, when appropriate, in accordance with the provisions on the matter; f) Act ex officio when reasonable indications of illegality, omission or non-compliance are noticed in the acts and operations of the entity, informing the Head of the entity so that the appropriate corrective measures are taken;g) Receive and attend to the complaints made by the servers, public officials and citizens in general, about acts and operations of the entity, granting it the corresponding process to its merit, in accordance with the provisions issued on the matter, h) Formulate, execute and evaluate the Annual Control Plan approved by the Comptroller General, according to the guidelines and provisions issued for this purpose; i) To carry out the follow-up of the corrective measures that the entity implements as a result of the control tasks, checking and qualifying their effective materialization, in accordance with the provisions of the matter; j) Support the Commissions designated by the Comptroller General for the execution of control tasks within the entity. Likewise, the Head of the OCI and the staff of said Body will collaborate,by order of the Comptroller General, in other control tasks, for operational or specialty reasons; k) Verify compliance with the legal provisions and internal regulations applicable to the entity by its organic units and staff; I) Formulate and propose to the entity the OCI annual budget for its corresponding approval; m) Comply diligently and in a timely manner with the orders and requirements formulated by the Comptroller General; n) To ensure that the publicity of the Reports resulting from its control actions is carried out in accordance with the provisions of the matter; o) Caution that any modification of the Personnel Assignment Chart, as well as the corresponding part of the Organization and Functions Regulation,relating to the OCI is carried out in accordance with the provisions of the matter; p) Promote the permanent training of the personnel that make up the OCI, including the Headquarters, through the National Control School of the Comptroller General or any other university or higher-level Institution with official recognition in issues related to government control, Public Administration and those matters related to the management of organizations; q) Maintain in control, custody and at the disposal of the General Comptroller for ten (10) years, the control reports, working papers, complaints received and the documents related to the functional activity of the OCI, after which they are subject to the regulations. current archives for the public sector.The Head of the OCI will adopt the pertinent measures for the precaution and custody of the documentary heritage; r) To ensure that OCI personnel comply with the rules and principles that govern the conduct, impediments, incompatibilities and prohibitions of public officials and servants, in accordance with the provisions of the matter; s) Keep classified information obtained in the exercise of its activities in reserve; t) Others established by the General Comptroller.t) Others established by the General Comptroller.t) Others established by the General Comptroller.
The Sectoral Control Bodies of the Executive Power and the Regional Control Bodies of the Regional Governments, have as their sphere of control their own regional and ministerial organization, respectively. The Sectoral and Regional Control Bodies, by order of the Comptroller General, may execute or support the control tasks to be carried out in the entities included in their sector or region, respectively. In the case of the Control Bodies of the Provincial and District Municipalities, these will circumscribe their control tasks to their own entity. The Office of the Comptroller General, when it deems it pertinent, may order that the Provincial or District Control Body execute or support the control tasks to be carried out in other Provincial Municipalities, District or municipal companies, if applicable.The Comptroller General is the competent body to resolve cases of conflict of jurisdiction between the Sectoral, Regional or Local Control Bodies.
The Sectoral and Regional Control Bodies, in addition to their own functions that they must fulfill at the institutional level, will perform the following functions: to formulate the Annual Control Plan, dealing with complaints, standardizing criteria for the execution of control tasks, among others, in order to contribute to an optimal and uniform development of government control; b) Integrate and consolidate the information related to the operation, performance, limitations or others of the OCI of the entities included in the sector or region, respectively, when the Comptroller General provides;c) Inform the Office of the Comptroller General of any aspect related to the OCI of the entities included in the sector or region, respectively, that may affect their operation, as well as those related to the functional performance of the Heads of OCI, in order to be evaluated by the Comptroller General, d) Issue the Annual Report to the Regional Council, in accordance with the provisions issued by the Comptroller General.
The OCI will refrain from performing or intervening in functions and activities inherent to the scope of responsibility and responsibility of the entity's administration and management. In accordance with this, and without this list being limiting, they are prevented from: a) Carrying out control tasks that aim to verify complaints, complaints, claims or other aspects related to the employment relationship of officials and servants of the entity, b) Substitute the entity's servants and officials in the performance of their duties; c) Endorse, endorse or issue documents as a requirement for approval of acts or operations of the administration, with the exception of the acts of the Control Body, d) Take inventory and register operations,and participate in the actions of security or protection of property, typical of the work of the administration; e) Participate as a member of the Special Contracting and Procurement Committees, in accordance with current provisions; f) Others that are determined by the respective regulations.
The appointment of the Head of the OCI is the exclusive and exclusive competence of the Office of the Comptroller General and is carried out by means of a Comptroller's Resolution published in the Official Gazette El Peruano. The appointment is subject to the provisions of article 19 of the National Control System Law, and is carried out through the following modalities: a) By Public Merit Contest, convened by the General Comptroller, at the national, regional or local, as appropriate, which may comprise one or more entities. The call will be published in the Official Gazette El Peruano and in one of national circulation. Said process may be carried out with the participation of consulting companies specialized in evaluation and selection of personnel, if deemed appropriate; b) By direct appointment of the professional staff of the General Comptroller,according to the provisions that the Comptroller General dictates on the matter; c) By transfer, at the opportunity that the General Comptroller considers convenient and in accordance with the provisions it issues on the matter. To assume the position of Head of OCI, whatever the form of appointment, the following requirements must be met: a) Absence of impediment or incompatibility to work in the service of the State (Sworn Declaration); b) Have a Professional Title, as well as Tuition and Habilitation in the respective Professional College, when appropriate; c) Verifiable experience of not less than five (05) years in the exercise of government control or in private auditing; d) Not having been convicted of willful crime with a firm resolution;e) Not having been administratively sanctioned by an entity with suspension for more than thirty (30) days, as well as, not having been dismissed or dismissed during the last five (05) years before its application (Sworn Statement); f) Failure to maintain a pending judicial process with the entity or the Comptroller General, with a pre-existing nature to their application, derived from the exercise of the public function in general (Sworn Statement); g) Not to have been definitively separated from the exercise of the position due to the deficient or negligent performance of the control function, during the last two years counted since the corresponding Comptroller's Resolution was firm or caused state; h) Not having a family relationship within the fourth degree of consanguinity and second degree of affinity, or by reason of marriage,with officials and directors of the entity or with those who are in charge of the administration of public assets or resources, even when they have ceased their functions in the last two (02) years (Sworn Statement); i) Not have performed management activities in executive or advisory functions in the entity in the last four (04) years (Sworn Statement); j) Training accredited by the National Control School of the General Comptroller of the Republic or other institutions in subjects related to government control or public administration, in the last two (02) years; k) Others determined by the Comptroller General, related to the function performed by the entity. The Comptroller General may carry out the subsequent verification of the information presented.The Heads of OCI appointed by the Comptroller General will exercise their functions in the entities for a period of three (03) years. Exceptionally, and for duly substantiated reasons, qualified in accordance with the procedures issued in this regard, may remain for a period of less than three (03) years or, if applicable, a longer time in the entity, which does not It must exceed five (05) years.
The transfer of the Heads of OCI will be considered, fundamentally, the following criteria: a) Family reasons of the Head of the OCI and / or effects on his health, b) Information referring to evaluations or other aspects of the Heads of OCI, c) Information regarding the functional performance of the Head of the OCI; d) Assigned budget and other aspects of the Entities where the Head of OCI will be transferred. The transfers made in application of the criteria prescribed in paragraphs b) and c) will be carried out without prejudice to the corresponding complementary actions.
The Office of the Comptroller General of the Republic (2007), this entity through its different organic units or decentralized bodies exercises permanent supervision over the operation of the OCI, as well as compliance with the functions assigned to it by the Regulations and other provisions on The matter. The Office of the Comptroller General evaluates through its different organic units or decentralized bodies, the functional acts of the OCI as indicated in the Regulations and other provisions on the matter, which are issued for this purpose. The entity will not be able to evaluate the functional acts of the OCI, therefore, if it considers that the control function is being exercised negligently and / or insufficiently, it must proceed to send the relevant documentation to the Comptroller General for the corresponding evaluation.The forms of evaluation of the functional performance of the OCI will be carried out according to the provisions that the Comptroller General dictates on the matter, which are: a) Performance evaluation: Refers to the objective and systematic verification and evaluation of the acts, actions and results produced by the Head of the Institutional Control Body as well as the technical and specialized personnel, in the exercise of government control, in accordance with the norms, procedures and principles that regulate the exercise of government control; b) Summary Verification: Refers to the verification of a complaint, fact,or significant irregularity against the interests of the State or specific aspect referring to the action of a Head of Institutional Control Body that means or implies negligent performance in the exercise of their functions; activity that must be carried out within a summary period. The forms of evaluation will be developed in strict observance of the principles that govern the government control established in the Law of the National Control System, and especially, those of opportunity, materiality, legality, legality, reasonableness, proportionality, objectivity, veracity, as well as due process. The Comptroller General may order, as a preventive and temporary measure, the suspension of the control function of the Head of the OCI,at the beginning or during the execution of any of the forms of evaluation provided for in the Regulations, when there are signs of a serious functional misconduct that merits such suspension. The suspension of the control function of the Head of the OCI is carried out by means of a Controlling Resolution and may be maintained until the completion of the evaluation in which he is involved. Said measure is liable to be contested by means of an appeal for reconsideration, within the fifth (05) business day of notification. The evaluation of the OCI will be carried out taking into account the following criteria: a) Compliance with the Annual Control Plan and its levels of efficiency, effectiveness and economy; b) Quality of the Reports resulting from the control tasks;c) Quality of the recommendations formulated to improve or correct the situations that imply deficiencies in the management of the entity, as well as, actions carried out by the Head of the OCI in order to verify and follow up on the implementation of the recommendations; d) Adequate functional conduct and training of the OCI Chief and its staff, in the terms established by the rules of the matter that govern their actions, as well as the managerial capacity in the conduct of the OCI; e) Relationship with the Technical Governing Body: proactive attitude, optimum level of coordination with the General Comptroller, assistance and level of commitment to the institutional activities of the CGR, if applicable.actions carried out by the Head of the OCI for the purposes of verifying and monitoring the implementation of recommendations; d) Adequate functional conduct and training of the OCI Chief and its staff, in the terms established by the rules of the matter that govern their actions, as well as the managerial capacity in the conduct of the OCI; e) Relationship with the Technical Governing Body: proactive attitude, optimum level of coordination with the General Comptroller, assistance and level of commitment to the institutional activities of the CGR, if applicable.actions carried out by the Head of the OCI for the purposes of verifying and monitoring the implementation of recommendations; d) Adequate functional conduct and training of the OCI Chief and its staff, in the terms established by the rules of the matter that govern their actions, as well as the managerial capacity in the conduct of the OCI; e) Relationship with the Technical Governing Body: proactive attitude, optimum level of coordination with the General Comptroller, assistance and level of commitment to the institutional activities of the CGR, if applicable.optimum level of coordination with the General Comptroller, assistance and level of commitment to the institutional activities of the CGR, if applicable.optimum level of coordination with the General Comptroller, assistance and level of commitment to the institutional activities of the CGR, if applicable.
On the other hand, in order to determine the severity of the detected functional deficiencies, the following criteria will be taken into account: a) Nature of the deficiency: It implies determining whether the detected deficiency results from a breach of an essential aspect of the exercise of the functions. the Head of OCI; b) Intentionality: Identify if the deficiency detected, by action or omission, is the product of a malicious act; c) Potential damage or risk: It implies warning if the detected deficiency has caused any damage or potential economic or administrative risk to the entity, generated as a direct consequence of its action or omission; d) Reiteration: It means verifying the times in which the detected deficiency has been incurred;e) Acknowledgment by the Head of the OCI of the infraction committed and attitude of amendment before it is detected. If, as a result of the evaluation carried out, it is determined that the Head of the OCI has performed his control function in a poor manner, taking into account the principles of reasonableness and proportionality, the adoption of any of the following measures will be recommended: a) Separation definitive of the function of Head of OCI, which will be applicable when the deficiencies detected are serious, in accordance with the provisions of article 34 and the Principles stipulated in article 31 of the Regulations; b) The initiation of the sanctioning procedure, if the Head of OCI has an employment relationship with the entity, in accordance with the applicable regulations; c) Verbal or written warning to the Head of OCI,if this is personnel of the General Comptroller. If actions b) or c) are adopted, they will be registered with the General Comptroller. The result of the evaluation made to the technical and specialized personnel of the OCI, in the exercise of government control, will be disclosed to the Head of the entity, who will adopt the actions they deem appropriate, according to their competence. For said evaluation, the criteria indicated in articles 33 and 34 of the Regulations, as applicable, would be taken into consideration. The definitive separation of the function of Head of the OCI is carried out by the Comptroller General in an exclusive and exclusive manner, in accordance with article 19 of the Law of the National Control System. Said separation may only be provided by reason expressly provided for in the Regulations.The following are causes for the definitive separation of the Head of the OCI: a) The determination of poor performance in the execution of control tasks, in accordance with the Report on the evaluation of the functional performance of the Head of the OCI and / or summary verification, b) Incur in a supervening manner in the breach of any of the requirements established in paragraphs a), d) and e) of article 25 of the Regulations. The deficient qualification of the functional performance of the Head of the OCI leads to his definitive separation from the control function, this measure being exclusively related to the separation of office. The reports issued by the Comptroller General in which the final separation of the head of the OCI has been determined will be sent to the Holders of the entities on which they depend on labor,for the purposes of adopting the actions they deem pertinent, according to their competences. The definitive separation will be ordered by the Comptroller's Resolution, and must be duly motivated, according to the regulations of the matter. The resolution of separation will be notified personally to the Head of OCI in the place that he has communicated as his domicile, unless during the evaluation he had indicated a different domicile in which the corresponding notification must be made. If there is a refusal to receive said notification from the Head of the OCI, the fact will be recorded in the Minutes, taking it as well notified. In the event that the Head of the OCI is not found, this will be recorded in the Minutes, and a notice will be placed at the address, indicating the new date on which the notification will become effective.If the notification cannot be delivered directly on the new date, an Act will be left under the door together with the notification, thereby exhausting the procedure. An appeal may be filed against said Resolution within fifteen (15) business days after notification. With the Resolution that resolves the appeal, the administrative route is exhausted, after notification of the Resolution through the foreseen procedure. The Resolution declaring the definitive separation due to unfavorable evaluation may be published in the Legal Norms Bulletin of the Official Gazette El Peruano once it becomes firm or causes state. In the cases of definitive separation, completion of the assignment or suspension of the control function,The Head of the OCI has the obligation to make a documented delivery of the position to the official or server determined by the Comptroller General, within a period of ten (10) business days following the date of notification of the respective act, except for duly substantiated reasons. authorize an extension of the term. The Comptroller General, in the cases that may be necessary, may provide that the Head of the entity designates the official or server who receives the delivery of the position.may provide that the Head of the entity designates the official or server who receives the delivery of the position.may provide that the Head of the entity designates the official or server who receives the delivery of the position.
The assignment of the OCI Headquarters proceeds as long as the appointment of the Head of the OCI by the Comptroller General is not carried out, as well as, in the cases provided for in the Regulations. The OCI Headquarters must be commissioned in the following cases: a) For vacancy reasons; b) In the cases of absence of the Head of the OCI due to leave, vacations, permits or other assumptions, whatever their nature, granted in accordance with the Law; c) For other reasons that the Comptroller General considers justified. The order is carried out in any of the following ways:a) By Resolution of the Comptroller to a professional with an employment relationship with the Comptroller General and who meets the requirements established in article 25 of the Regulations; b) By Resolution of the Comptroller, the assignment of the functions of an OCI may be arranged to a Head of OCI who is in the exercise of the office in another entity under the scope of the National Control System, c) By express provision of the Head of the entity, will proceed to order the OCI to a professional, who meets the requirements established in article 25 of the Regulation, in the cases provided for in paragraphs a) and c) of article 47; d) The Head of the OCI in the cases provided for in paragraph b) of article 47, will propose to the Head of the entity the person who will temporarily exercise their functions,which must meet the requirements established in article 25 of the Regulation, and the Holder of the entity must formalize the proposal. The Head of the entity, in the cases of literals c) and d), must communicate to the General Comptroller the commission made. Each job will last no more than two (02) years, according to the applicable labor regime. The commissioning of the OCI concludes by the occurrence of the following events: 1. Appointment of the Head of the OCI by the Comptroller General, 2. Compliance with the period provided for in the preceding article; 3. Unfavorable result of the evaluation made to the Head in charge of the OCI carried out by means of a summary verification.in the cases of literals c) and d), he must communicate to the General Comptroller the commission made. Each job will last no more than two (02) years, according to the applicable labor regime. The commissioning of the OCI concludes by the occurrence of the following events: 1. Appointment of the Head of the OCI by the Comptroller General, 2. Compliance with the period provided for in the preceding article; 3. Unfavorable result of the evaluation made to the Head in charge of the OCI carried out by means of a summary verification.in the cases of literals c) and d), he must communicate to the General Comptroller the commission made. Each job will last no more than two (02) years, according to the applicable labor regime. The commissioning of the OCI concludes by the occurrence of the following events: 1. Appointment of the Head of the OCI by the Comptroller General, 2. Compliance with the period provided for in the preceding article; 3. Unfavorable result of the evaluation made to the Head in charge of the OCI carried out by means of a summary verification.Compliance with the period provided in the preceding article; 3. Unfavorable result of the evaluation made to the Head in charge of the OCI carried out by means of a summary verification.Compliance with the period provided in the preceding article; 3. Unfavorable result of the evaluation made to the Head in charge of the OCI carried out by means of a summary verification.Entities will be subject to compliance with the following provisions: 1. Only the OCI Headquarters may be assigned to personnel with a labor or contractual relationship with the entity. 2. The commission of the OCI Headquarters, operates from the formalization of the commission by the Holder. The Comptroller General has the power to carry out the verifications that it deems pertinent and to verify that the commission was not carried out in accordance with the aforementioned procedure, or in the event that any supervening incompatibility was determined in accordance with the provisions of letter b). of article 38, which prevents the person in charge from continuing in the exercise of the position, the order will be annulled and the pertinent corrective actions will be recommended. 3. Any personnel action involving displacement,Variation or conclusion in the employment or contractual situation of the person in charge of the OCI Headquarters will be previously communicated to the Comptroller General, for its evaluation and respective approval, if appropriate. The Holder is under the obligation to comply with this provision and to respond to the Comptroller General for its non-compliance.
Interpreting the IAI-Spain (2013), the effectiveness of the Institutional Control Body is specified within the framework of the COSO approach to internal control; Said control is a management instrument that is used to provide a reasonable guarantee of compliance with the objectives established by the owner or designated official. The internal control structure is the set of plans, methods, procedures and other measures, including the attitude of the Management, which an institution has to offer a reasonable guarantee that the following objectives are met: (i) Promote methodical operations, economic, efficient and effective as well as quality products and services, in accordance with the mission of the institution (ii) Preserve resources against any loss due to waste, abuse, mismanagement,error and fraud (iii) Respect the laws, regulations and directives of the Directorate, and, (iv) Prepare and maintain reliable financial and management data correctly and timely presented in the reports. The COSO Report incorporated into a single conceptual structure the different approaches existing worldwide and updated the processes of design, implementation and evaluation of internal control. Likewise, it defines internal control as a process that constitutes a means to achieve an end, and not an end in itself. It also indicates that it is executed by people at each level of an organization and provides reasonable security for achieving the following objectives: (i) effectiveness and efficiency in operations, (ii) reliability in financial information, and (iii) compliance with laws and regulations.This control must be built within the entity's infrastructure and must be intertwined with its operating activities.
It is indicated that internal control is made up of five interrelated components: (i) control environment, (ii) risk assessment, (iii) de control activities, (iv) forma information and communication, and (v) monitoring (supervision).
In September 2004, COSO issued the document "Corporate Risk Management -
Integrated Framework ”, promoting a broad and comprehensive approach in companies and government organizations. Likewise, this approach expands the components proposed in the Internal Control - Integrated Framework to eight components, namely: (i) internal environment, (ii) establishment of objectives, (iii) identification of events, (iv) risk assessment, (v) risk response, (vi) control activities, (vii) information and communication, and (viii) supervision.
The Internal Control Standards constitute guidelines, criteria, methods and provisions for the application and regulation of internal control in the main areas of the administrative or operational activity of the entities, including those related to financial, logistics and personnel management of works, information systems and ethical values, among others. They are dictated with the purpose of promoting an adequate administration of the resources in the entities. The owners, officers and servers of each entity, according to their competence, are responsible for establishing, maintaining, reviewing and updating the internal control structure depending on the nature of their activities and volume of operations. Likewise, it is the obligation of the holders to issue the specific rules applicable to their entity, according to their nature,structure, functions and processes in harmony with the provisions of this document. The Internal Control Standards are based on generally accepted criteria and practices, as well as those guidelines and control standards.
The Internal Control Standards aim to promote the strengthening of internal control systems and improve public management, in relation to the protection of heritage and the achievement of institutional objectives and goals. In this context, the objectives of the Internal Control Standards are: i) Serve as a frame of reference in terms of internal control for the issuance of the respective institutional regulations, as well as for the regulation of administrative and operational procedures derived from it; ii) Guide the formulation of specific regulations for the operation of management processes and management information in entities; iii) Guide and unify the application of internal control in entities.
It is a comprehensive process carried out by the head, officers and servants of an entity, designed to face risks and to give reasonable assurance that, in achieving the entity's mission, the following management objectives will be achieved: (i) Promote the efficiency, effectiveness, transparency and economy in the operations of the entity, as well as the quality of the services it provides (ii) Take care and protect resources and assets against any form of loss, deterioration, misuse and illegal acts, as well as in generalagainst any irregular act or harmful situation that could affect them (iii) Comply with the regulations applicable to the entity and its operations (iv) Guarantee the reliability and timeliness of the information (v) Promote and promote the practice of institutional values (vi) Promote the compliance of the officials or servants to render accounts for the funds and assets in their charge or for a mission or objective entrusted and accepted.
The internal control system to the set of actions, activities, plans, policies, norms, records, organization, procedures and methods, including the attitude of the authorities and staff, organized and instituted in each entity, to achieve the institutional objectives. that seeks. Likewise, its components are made up of: (i) The control environment, understood as the organizational environment favorable to the exercise of practices, values, behaviors and appropriate rules for the operation of internal control and scrupulous management (ii) Risk assessment, which must identify, analyze and manage the factors or events that may adversely affect the fulfillment of the purposes, goals, objectives, activities and institutional operations (iii) The activities of managerial control,which are the control policies and procedures that the owner or designated officer, management and the competent executive levels impart, in relation to the functions assigned to the staff, in order to ensure compliance with the entity's objectives (iv) The prevention and monitoring activities, referring to the actions that must be taken in the performance of the assigned functions, in order to care for and ensure respectively, their suitability and quality for achieving the objectives of internal control (v) The systems information and communication, through which the registration, processing, integration and disclosure of information, with databases and accessible and modern computer solutions, effectively serve to provide reliability,transparency and efficiency in the institutional internal control and management processes (vi) The monitoring of results, consisting of the updated review and verification of the attention and achievements of the internal control measures implemented, including the implementation of the recommendations made in its reports (vii) The improvement commitments, on whose merit the organs and personnel of the institutional administration carry out self-evaluations for the better development of internal control and report on any deficiency deficiency that can be corrected, forcing them to comply with the provisions or recommendations that are formulated for the improvement or optimization of their work.consisting of the updated review and verification of the attention and achievements of the internal control measures implemented, including the implementation of the recommendations formulated in its reports (vii) The improvement commitments, on whose merit the organs and personnel of the institutional administration carry out Self-evaluations for the better development of internal control and report any deficiency deviation capable of correction, forcing to comply with the provisions or recommendations that are formulated for the improvement or optimization of their work.consisting of the updated review and verification of the attention and achievements of the internal control measures implemented, including the implementation of the recommendations formulated in its reports (vii) The improvement commitments, on whose merit the organs and personnel of the institutional administration carry out Self-evaluations for the better development of internal control and report any deficiency deviation capable of correction, forcing to comply with the provisions or recommendations that are formulated for the improvement or optimization of their work.on whose merit the organs and personnel of the institutional administration carry out self-evaluations for the better development of internal control and report on any deviation deficiency that can be corrected, forcing them to comply with the provisions or recommendations that are formulated for the improvement or optimization of their work..on whose merit the organs and personnel of the institutional administration carry out self-evaluations for the better development of internal control and report on any deviation deficiency that can be corrected, forcing them to comply with the provisions or recommendations that are formulated for the improvement or optimization of their work..
The adequate implementation and systemic functioning of internal control in entities requires that the institutional administration appropriately foresees and designs a proper organization for this purpose, and promotes levels of organization, rationality and the application of uniform criteria that contribute to better implementation and comprehensive evaluation.. In this sense, it is considered that the principles applicable to the internal control system are: (i) self-control, by virtue of which all officials and servers must control their work, detect deficiencies or deviations, and carry out corrections to improve their work and achieve of the expected results; (ii) self-regulation, such as the institutional capacity to develop the provisions, methods, and procedures that allow it to safeguard, carry out, and ensure effectiveness, efficiency,transparency and legality in the results of their processes, activities or operations; and (iii) self-management, by which each entity is responsible for conducting, planning, executing, coordinating and evaluating the functions it is responsible for, subject to the applicable regulations and objectives set for its fulfillment. The systemic organization of internal control is institutionally designed and established taking into account the responsibilities of direction, administration and supervision of its functional components, for which levels of strategic, operational and evaluation control will be foreseen in its structure.coordinate and evaluate the functions under their charge subject to the applicable regulations and objectives set for their fulfillment. The systemic organization of internal control is institutionally designed and established taking into account the responsibilities of direction, administration and supervision of its functional components, for which levels of strategic, operational and evaluation control will be foreseen in its structure.coordinate and evaluate the functions under their charge subject to the applicable regulations and objectives set for their fulfillment. The systemic organization of internal control is institutionally designed and established taking into account the responsibilities of direction, administration and supervision of its functional components, for which levels of strategic, operational and evaluation control will be foreseen in its structure.
The modern approach established by COSO indicates that the components of the internal control structure are interrelated and include various elements that are integrated into the management process. Therefore, in this document, for the purposes of the proper formalization and implementation of the internal control structure in all entities, it is conceived that it be organized based on the following five components: a. Control environment; b. Risks evaluation; c. Management control activities; d. Information and communication; and. Supervision, which groups prevention and monitoring activities, follow-up of results and improvement commitments. These components are those recognized internationally by the main world organizations specialized in internal control and,Although its name and its constituent elements may admit variations, its use facilitates the standardized implementation of the internal control structure in entities, also contributing to its orderly, uniform and comprehensive evaluation by the competent control bodies.
Internal control is carried out by various hierarchical levels. Lower-level officials, internal auditors and staff contribute to making the internal control system function effectively, efficiently and economically. The head, officials and all the entity's personnel are responsible for the application and supervision of internal control, as well as maintaining a solid internal control structure that promotes the achievement of its objectives, as well as the efficiency, effectiveness and economy of operations.
In order to contribute to the strengthening of internal control in the entities, the holder or designated official must assume the commitment to implement the criteria described below: i) Institutional support for internal controls: The holder, the officials and all the Entity staff must show and maintain a positive attitude and support for the proper functioning of internal controls. Attitude is a characteristic of each entity and is reflected in all aspects related to its performance. Their participation and support favors the existence of a positive attitude; ii) Management responsibility: Every public official has a duty to be accountable to a higher authority and to the public for public funds or assets under his / her responsibility or for a commissioned and accepted mission or objective;iii) Climate of trust at work: The incumbent and the officials must promote an appropriate climate of trust that ensures the adequate flow of information among the entity's employees. Trust allows promoting a work atmosphere conducive to the operation of internal controls, based on mutual security and cooperation between people as well as their integrity and competence, whose environment provides feedback on the fulfillment of duties and aspects of responsibility; iv) Transparency in management: Transparency in the management of resources and assets, in accordance with the respective regulations in force,It includes both the obligation of the entity to disclose information on the activities carried out related to the fulfillment of its purposes, as well as the power of the public to access such information, to know and evaluate in its entirety, the performance and manner of conducting the management; v) Reasonable assurance about achieving internal control objectives. The effective internal control structure provides reasonable assurance about achieving the stated objectives. The owner or designated official of each entity must identify the risks involved in the operations and estimate their acceptable margins in quantitative and qualitative terms, according to the circumstances.v) Reasonable assurance about achieving internal control objectives. The effective internal control structure provides reasonable assurance about achieving the stated objectives. The owner or designated official of each entity must identify the risks involved in the operations and estimate their acceptable margins in quantitative and qualitative terms, according to the circumstances.v) Reasonable assurance about achieving internal control objectives. The effective internal control structure provides reasonable assurance about achieving the stated objectives. The owner or designated official of each entity must identify the risks involved in the operations and estimate their acceptable margins in quantitative and qualitative terms, according to the circumstances.
An internal control structure cannot itself guarantee effective and efficient management, with complete, accurate and reliable financial information and records, nor can it be free from errors, irregularities or fraud. The effectiveness of internal control can be affected by causes associated with human and material resources, as well as changes in the external and internal environment. The operation of the internal control system depends on the human factor, and may be affected by an error in conception, judgment, negligence or corruption. Therefore, even when the competence and integrity of the personnel applying internal control can be controlled, through an adequate selection and training process, these qualities may yield to external or internal pressure within the entity. It's more,If the personnel performing internal control do not understand what their role in the process is or decide to ignore it, internal control will be ineffective. Another limiting factor is the restrictions that, in terms of material resources, entities may face. Consequently, the costs of controls should be considered in relation to their benefit. Maintaining an internal control system with the objective of eliminating the risk of loss is not realistic and would lead to high costs that would not justify the derived benefits. Therefore, when determining the design and implementation of a particular control, the probability that a risk exists and its potential effect on the entity must be considered together with the costs related to the implementation of the new control. Changes in the external and internal environment of the entity,such as organizational changes and the attitude of the incumbent and officials can have an impact on the effectiveness of internal control and on the personnel who operate the controls. For this reason, the owner or designated official must periodically evaluate internal controls, inform staff of the changes that are implemented, and respect compliance with controls, setting a good example for all.
CONTROL ENVIRONMENT
Interpreting IAI-Spain (2013), the control environment component defines the establishment of an organizational environment favorable to the exercise of good practices, values, behaviors and appropriate rules, to sensitize the members of the entity and generate a culture of internal control.. These appropriate practices, values, behaviors and rules contribute to the establishment and strengthening of internal control policies and procedures that lead to the achievement of institutional objectives and the institutional culture of control. The owner, officers and other members of the entity must consider the attitude assumed regarding internal control as fundamental. The nature of this attitude fixes the organizational climate and, above all,provides discipline through influencing the behavior of staff as a whole. This component includes: Management Philosophy; Integrity and ethical values; Strategic management; Organizational structure; Human resources management; Professional competence; Assignment of authority and responsibilities; Institutional Control Body. The quality of the control environment is the result of the combination of the factors that determine it. The greater or lesser degree of their development will strengthen or weaken the control environment and culture, also influencing the quality of the entity's performance.Professional competence; Assignment of authority and responsibilities; Institutional Control Body. The quality of the control environment is the result of the combination of the factors that determine it. The greater or lesser degree of their development will strengthen or weaken the control environment and culture, also influencing the quality of the entity's performance.Professional competence; Assignment of authority and responsibilities; Institutional Control Body. The quality of the control environment is the result of the combination of the factors that determine it. The greater or lesser degree of their development will strengthen or weaken the control environment and culture, also influencing the quality of the entity's performance.
Management Philosophy: The management philosophy and style includes the conduct and attitudes that should characterize the entity's management with respect to internal control. It should aim to establish an environment of positive trust and support for internal control, through an open attitude towards learning and innovations, transparency in decision-making, behavior oriented towards values and ethics, as well as a clear determination towards objective performance measurement, among others.
Integrity and ethical values: The integrity and ethical values of the owner, officials and servers determine their preferences and value judgments, which translate into standards of conduct and management styles. The owner or designated official and other employees must maintain an attitude of permanent support for internal control based on the integrity and ethical values established in the entity.
Strategic administration: The entities require the systematic and positively correlated formulation with the strategic plans and objectives for their effective administration and control, from which the operation programming and its associated goals are derived, as well as its expression in monetary units of the annual budget.
Organizational structure: The holder or designated official must develop, approve and update the organizational structure in the framework of efficiency and effectiveness that best contributes to the fulfillment of its objectives and the achievement of its mission.
Administration of human resources: It is necessary that the owner or designated official establish policies and procedures necessary to ensure proper planning and administration of the entity's human resources, so as to guarantee professional development and ensure transparency, efficiency and vocation community service.
Professional competence: The holder or designated official must recognize as an essential element the professional competence of the staff, in accordance with the assigned functions and responsibilities.
Assignment of authority and responsibility: It is necessary to clearly assign personnel their duties and responsibilities, as well as establish information relationships, levels and authorization rules, as well as the limits of their authority.
Control Body: The existence of internal control activities by the corresponding specialized organic unit called Institutional Control Body, which must be properly implemented, contributes significantly to the good control environment.
RISKS EVALUATION
Interpreting the IAI-Spain (2013), the risk assessment component encompasses the process of identifying and analyzing the risks to which the entity is exposed in order to achieve its objectives and prepare an appropriate response to them. Risk assessment is part of the risk management process, and includes: planning, identification, assessment or analysis, management or response, and monitoring of the entity's risks. Risk management is a process that must be executed in all entities. The owner or designated official must assign responsibility for its execution to an organic area or unit of the entity. Likewise, the owner or designated official and the designated organic area or unit must define the methodology, strategies,tactics and procedures for the risk management process. Additionally, this does not exempt the other organic areas or units, in accordance with the defined methodology, strategies, tactics and procedures, to identify potential events that could affect the proper execution of their processes, as well as the achievement of their objectives and those of the entity, in order to keep them within a tolerance margin that allows providing reasonable assurance about their compliance. Through the identification and assessment of risks, the vulnerability of the system can be evaluated, identifying the degree to which the current control manages the risks. To achieve this, knowledge of the entity must be acquired, so that it is possible to identify the processes and critical points,as well as the events that may affect the activities of the entity. Since the economic, technological, regulatory and operational conditions are constantly changing, risk management must be a continuous process.
Establishing institutional objectives is a precondition for risk assessment: Objectives must be defined before the incumbent or designated official begins to identify the risks that may affect the achievement of the goals and before executing the actions to manage them. These are set at the strategic, tactical and operational level of the entity, which are associated with long, medium and short-term decisions respectively. A risk assessment process must be put in place where the entity's goals are previously adequately defined, as well as the methods, techniques and tools that will be used for the risk management process and the type of reports, documents and communications that must be generated and exchanged. Roles must also be established,responsibilities and the work environment for effective risk management. This means that competent personnel must be in place to identify and assess potential risks. Internal control can only give reasonable assurance that an entity's objectives are met. Risk assessment is a component of internal control and plays an essential role in selecting the appropriate control activities to be carried out. Risk management should be part of the culture of an entity. It should be incorporated into the entity's philosophy, practices and business processes, rather than being viewed or practiced as a separate activity. When this is accomplished, everyone in the entity becomes involved in risk management. This component includes:Risk management planning; Identification of risks; Risk assessment; Risk response.
Risk management planning: It is the process of developing and documenting a clear, organized and interactive strategy to identify and assess the risks that may impact an entity, preventing the achievement of the objectives. Plans, response methods and monitoring of changes must be developed, as well as a program to obtain the necessary resources to define actions in response to risks.
Identification of risks: The identification of risks typifies all the risks that may affect the achievement of the entity's objectives due to external or internal factors. External factors include economic, environmental, political, social, and technological factors. Internal factors reflect management's choices and include infrastructure, personnel, processes, and technology.
Risk assessment: The risk analysis or assessment allows the entity to consider how the potential risks may affect the achievement of its objectives. It begins with a detailed study of the specific risk issues that have been decided to evaluate. The purpose is to obtain enough information about risk situations to estimate their probability of occurrence, time, response and consequences.
Risk response: Management identifies risk response options considering probability and impact in relation to risk tolerance and its cost-benefit ratio. Consideration of risk management and selection and implementation of a response are an integral part of risk management.
MANAGEMENT CONTROL ACTIVITIES
Interpreting the IAI-Spain (2013), the management control activities component includes established policies and procedures to ensure that the necessary actions are being taken in the management of risks that may affect the entity's objectives, helping to ensure the compliance with these. The owner or designated official must establish a control policy that translates into a set of documented procedures that allow control activities to be carried out. The procedures are the set of specifications, relationships and systemic ordering of the tasks required to comply with the entity's activities and processes. The procedures establish the methods to carry out the tasks and the assignment of responsibility and authority in the execution of the activities.Management control activities are intended to enable an adequate response to risks in accordance with the plans established to avoid, reduce, share and accept the identified risks that may affect the achievement of the entity's objectives. For this purpose, control activities should focus on the management of those risks that may cause harm to the entity. Management control activities occur in all processes, operations, levels and functions of the entity. They include a range of detection and prevention control activities as diverse as: approval and authorization procedures, verifications, controls over access to resources and files, reconciliations, performance review of operations, segregation of responsibilities,review of processes and supervision. To be effective, management control activities must be adequate, operate consistently according to a plan, and have a cost-benefit analysis. Likewise, they must be reasonable, understandable and directly related to the entity's objectives. This component includes: Authorization and approval procedures; Segregation of functions; Cost-benefit evaluation; Controls over access to resources or files; Verifications and reconciliations; Performance evaluation; Accountability; Review of processes, activities and tasks; Controls for Information and Communication Technologies (ICT).operate consistently according to a plan and have a cost-benefit analysis. Likewise, they must be reasonable, understandable and directly related to the entity's objectives. This component includes: Authorization and approval procedures; Segregation of functions; Cost-benefit evaluation; Controls over access to resources or files; Verifications and reconciliations; Performance evaluation; Accountability; Review of processes, activities and tasks; Controls for Information and Communication Technologies (ICT).operate consistently according to a plan and have a cost-benefit analysis. Likewise, they must be reasonable, understandable and directly related to the entity's objectives. This component includes: Authorization and approval procedures; Segregation of functions; Cost-benefit evaluation; Controls over access to resources or files; Verifications and reconciliations; Performance evaluation; Accountability; Review of processes, activities and tasks; Controls for Information and Communication Technologies (ICT).Controls over access to resources or files; Verifications and reconciliations; Performance evaluation; Accountability; Review of processes, activities and tasks; Controls for Information and Communication Technologies (ICT).Controls over access to resources or files; Verifications and reconciliations; Performance evaluation; Accountability; Review of processes, activities and tasks; Controls for Information and Communication Technologies (ICT).
Authorization and approval procedures: The responsibility for each process, activity or organizational task must be clearly defined, specifically assigned and formally communicated to the respective official. The execution of the processes, activities, or tasks must have the authorization and approval of the officials with the respective rank of authority.
Segregation of duties: Segregation of duties in positions or work teams should help reduce the risks of error or fraud in processes, activities or tasks. In other words, a single position or work team should not have control of all the key stages in a process, activity or task.
Cost-benefit evaluation: The design and implementation of any control activity or procedure must be preceded by a cost-benefit evaluation considering as criteria the feasibility and convenience in relation to the achievement of the objectives, among others.
Controls on access to resources or files: Access to resources or files should be limited to authorized personnel who are responsible for the use or custody of the same. The responsibility regarding the use and custody must be evidenced through the registration in receipts, inventories or any other document or means that allows effective control over the resources or files.
Verifications and reconciliations: Significant processes, activities or tasks must be verified before and after they are carried out, as well as finally being registered and classified for subsequent review.
Performance evaluation: A permanent management evaluation must be carried out, taking as a regular basis the organizational plans and the current regulatory provisions, to prevent and correct any possible deficiency or irregularity that affects the principles of applicable efficiency, effectiveness, economy and legality.
Accountability: The entity, the holders, officials and public servants are required to render accounts for the use of resources and assets, missionary compliance and institutional objectives, as well as the achievement of the expected results, for which purpose the established internal control system must provide the relevant information and support.
Documentation of processes, activities and tasks: The processes, activities and tasks must be duly documented to ensure their proper development in accordance with the established standards, facilitate their correct review and guarantee the traceability of the products or services generated.
Review of processes, activities and tasks: The processes, activities and tasks must be periodically reviewed to ensure that they comply with the regulations, policies, current procedures and other requirements. This type of review in an entity should be clearly distinguished from monitoring internal control.
Controls for Information and Communication Technologies: The entity's information is provided through the use of Information and Communication Technologies (ICT). ICT encompasses data, information systems, associated technology, facilities and personnel. The ICT control activities include controls that guarantee the processing of the information for the missionary compliance and the objectives of the entity, and should be designed to prevent, detect and correct errors and irregularities while the information flows through the systems.
INFORMATION AND COMMUNICATION
Interpreting the IAI-Spain (2013), the information and communication component means the methods, processes, channels, means and actions that, with a systemic and regular approach, ensure the flow of information in all directions with quality and opportunity. This allows fulfilling individual and group responsibilities. Information relates not only to internally generated data, but also to external events, activities, and conditions that must be translated into the form of data or information for decision-making. Likewise, there must be effective communication in a broad sense through the processes and hierarchical levels of the entity. Communication is inherent in information systems, and its adequate transmission to personnel is essential so that it can fulfill its responsibilities.This component includes: Functions and characteristics of the information; Information and responsibility; Quality and sufficiency of information; Information systems; Flexibility to change; Institutional archive; Internal communication; External communication
Functions and characteristics of the information: The information is the result of the operational, financial and control activities coming from inside or outside the entity. It must transmit an existing situation at a certain moment, gathering the characteristics of reliability, opportunity and utility in order for the user to have essential elements in the execution of their operational or management tasks.
Information and responsibility: The information must allow public officials and servants to fulfill their obligations and responsibilities. The pertinent data must be captured, identified, selected, registered, structured in information and communicated in a timely manner.
Quality and sufficiency of the information: The owner or designated official must ensure the reliability, quality, sufficiency, relevance and timeliness of the information generated and communicated. For this, the necessary mechanisms must be designed, evaluated and implemented to ensure the characteristics that all useful information must have as part of the internal control system.
Information systems: The information systems designed and implemented by the entity constitute an instrument for the establishment of organizational strategies and, therefore, for the achievement of objectives and goals. Therefore, it must adjust to the characteristics, needs and nature of the entity. In this way, the information system provides information as input for decision-making, facilitating and guaranteeing transparency in accountability.
Flexibility to change: Information systems should be periodically reviewed, and if necessary, redesigned when deficiencies in their processes and products are detected. When the entity changes objectives and goals, strategy, policies and work programs, among others, the impact on the information systems must be considered to adopt the necessary actions.
Institutional archiving: The owner or designated official must establish and apply appropriate archiving policies and procedures for the preservation and preservation of documents and information according to their usefulness or by technical or legal requirement, such as accounting, administrative and management, among others, including sources of livelihood.
Internal communication: Internal communication is the flow of messages within a network of interdependent relationships that flows down, through and up the structure of the entity, in order to obtain a clear and effective message. It must also serve as control, motivation and expression of the users.
External communication: The entity's external communication should be aimed at ensuring that the flow of messages and the exchange of information with customers, users and the general public is carried out in a safe, correct and timely manner, generating confidence and positive image the entity.
Communication channels: Communication channels are means designed according to the needs of the entity and that consider a formal, informal and multidirectional distribution mechanism for the dissemination of information. Communication channels must ensure that the information reaches each recipient in the quantity, quality and opportunity required for the best execution of processes, activities and tasks.
SUPERVISION
Interpreting the IAI-Spain (2013), the internal control system should be subject to supervision to assess the effectiveness and quality of its operation over time and allow feedback. For this, supervision, also identified as follow-up, includes a set of self-control activities incorporated into the entity's processes and operations, for the purpose of improvement and evaluation. These activities are carried out through prevention and monitoring, follow-up of results and improvement commitments. Internal control being a system that promotes a proactive attitude and self-control at the organizational levels in order to ensure the proper execution of processes, procedures and operations;The supervision or monitoring component allows establishing and evaluating if the system works properly or if changes are necessary. In this sense, the supervision process involves monitoring and evaluating, at the appropriate levels, the design, operation, and manner in which internal control measures are adopted for their corresponding updating and improvement. Supervision activities are carried out with respect to all institutional processes and operations, making it possible to identify opportunities for improvement and the adoption of preventive or corrective actions. This requires an organizational culture that fosters self-control and transparency of management, oriented towards caution and the achievement of internal control objectives.Supervision is carried out continuously and should be modified once conditions change, forming part of the entity's operations gear. It comprises the following: Prevention and monitoring; Timely monitoring of internal control; Report of deficiencies; Monitoring and implementation of corrective measures; Self appraisal; Independent evaluations.
Prevention and monitoring: The monitoring of the entity's processes and operations must make it possible to know in a timely manner whether these are carried out adequately to achieve its objectives and whether prevention, compliance and correction actions are taken in the performance of the assigned functions. necessary to guarantee their suitability and quality.
Timely monitoring of internal control: The implementation of internal control measures over the entity's processes and operations must be subject to timely monitoring in order to determine its validity, consistency and quality, as well as to make the pertinent modifications to maintain its effectiveness. Monitoring is done through continuous monitoring or punctual evaluations.
Reporting of deficiencies: The weaknesses and deficiencies detected as a result of the monitoring process must be recorded and made available to those responsible in order for them to take the necessary actions to correct it.
Implementation and monitoring of corrective measures: When errors or deficiencies that constitute opportunities for improvement are detected or reported, the entity must adopt the measures that are most appropriate for the objectives and institutional resources, carrying out the corresponding monitoring of its implementation and results. The follow-up must also ensure the adequate and timely implementation of the recommendations resulting from the observations of the control actions.
Self-evaluation: The periodic execution of self-evaluations on the management and internal control of the entity should be promoted and established, for whose merit the institutional behavior can be verified and the opportunities for improvement identified can be reported. It corresponds to its organs and competent personnel to comply with the provisions or recommendations derived from the respective self-evaluation, through commitments to institutional improvement.
Independent evaluations: Independent evaluations must be carried out by the competent control bodies to guarantee the periodic and impartial assessment and verification of the behavior of the internal control system and the development of institutional management, identifying deficiencies and formulating the appropriate recommendations for their improvement.
BIBLIOGRAPHY
- Aldave Uriarte Juan and Meniz Roque Julio (2013) Government control and audit. Lime. EDIGRABER.Bravo Cervantes, Miguel (2013) Government internal control. Editorial San Marcos.Hernández Celis, Luis Domingo (2013) Internal control and government audit. Lime. University of San Martín de Porres. Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA. Rodríguez Urbano, Ana Apolonia (2013) Principles and process of government control. Lime. EDIGRABER.
Aldave Uriarte Juan and Meniz Roque Julio (2013) Government control and audit. Lime. EDIGRABER.
Hernández Celis, Luis Domingo (2013) Internal control and government audit. Lime. University of San Martín de Porres.
Rodríguez Urbano, Ana Apolonia (2013) Principles and process of government control. Lime. EDIGRABER.
Bravo Cervantes, Miguel (2013) Government internal control. Lime. Editorial San Marcos.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Institute of Internal Auditors of Spain-Coopers & Lybrand SA. (2013) The new concepts of internal control - COSO Report. Madrid. Ediciones Días de Santos SA.
Download the original file
