This presentation was made by Paula Gómez-Trueba Santamaría, Captain Financial Controller, Internal auditor, Spanish Ministry of Defense. The webinar organised by SIGMA was held on 10 March 2021. Its main objective was to discuss how senior public managers manage the risks associated to public financial management, especially during the COVID-19 pandemic crisis.
3. 2
Ministry
Organism
Date
SUM PERCENTAGES
OF THE 5
COMPONENTS
PERCENTAGE CONFIDENCE DEGREE
SYSTEM MATURITY LEVEL 0 0%
INTERNAL CONTROL
COMPONENTS
TOTAL SCORE BY
COMPONENT
PERCENTAGE
COMPONENT MATURITY
LEVEL
0%
0%
0%
0%
INTERNAL CONTROL SYSTEM EVALUATION SUMMARY
0%
VALUATION BY INTERNAL CONTROL COMPONENT
MONITORING ACTIVITIES
CONTROL ENVIRONMENT
RISK ASSESMENT
CONTROL ACTIVITIES
INFORMATION AND
COMMUNICATION
0
0
0
0
0
4. 3
ANNEX I: Internal Control Evaluation Tool
Criteria Test Answers
Auditee
Comments
Auditor
Comments
5. 4
ANNEX I: Internal Control Evaluation Tool
YES NO
In
process
Are periodic internal control evaluation activities planned?
Do the evaluations cover the most relevant processes?
Are the results of the internal control evaluations communicated to the
evaluated area or to the person responsible for the evaluated process?
Are these evaluations documented?
0 0 0
TOTAL CONFIDENCE LEVEL 0%
TOTAL BY TYPE OF ANSWER
SUM TOTAL ANSWERS 0
Auditor comments
MONITORING ACTIVITIES: The follow-up includes the activities designed with the purpose of continuously improving internal control, by periodically monitoring
and evaluating its effectiveness, efficiency and economy.
Auditee comments
COMMUNICATION OF
THE EVALUATION OF
INTERNAL CONTROL
INTERNAL CONTROL
EVALUATION
CRITERIA TEST
ANSWERS
6. 5
ANNEX I: Internal Control Evaluation Tool
CONTROL ENVIRONMENT
The set of standards, processes and structures that constitute the basis on which
the internal control of the organization will be carried out.
Integrity &
Ethical
Values
Internal
Control
Organizational
Structure
Human
Resources
Professional
Competence
7. 6
ANNEX I: Internal Control Evaluation Tool
RISK ASSESSMENT
The process of identifying and analyzing the risks faced by the entity in the pursuit
of meeting its objectives, as well as designing the appropriate responses to them.
Institutional
Objectives
Identification
& Evaluation
Risks
Monitoring Fraud Risks
8. 7
ANNEX I: Internal Control Evaluation Tool
CONTROL ACTIVITIES
The procedures established to reduce risks and achieve the entity's objectives. In this sense, the entity is responsible
for the existence of appropriate controls, that they function according to a plan over time, that they have an adequate
cost, and that they are understandable, reasonable and are directly related to the control objectives.
Control Activities
Control over
Technology
Processes and
Procedures
9. 8
ANNEX I: Internal Control Evaluation Tool
INFORMATION & COMMUNICATION
Essential for the execution of the internal control objectives. Information and communication systems
contribute to the identification, capture and exchange of relevant information, in a way that allows
management and staff to fulfill their functions. The information has to be appropriate, timely, updated,
accurate and accessible.
Information
Internal
Communication
External
Comunnication
10. 9
ANNEX I: Internal Control Evaluation Tool
MONITORING ACTIVITIES
The activities designed with the purpose of continuously improving internal control,
by periodically monitoring and evaluating its effectiveness, efficiency and economy.
Internal Control Evaluation
Communication of the
Evaluation
11. 10
TOTAL BY COMPONENT
CONTROL CONFIDENCE
LEVEL
MEANING
HIGHER THAN 75% HIGHER THAN 15% HIGH
Reasonably defined and implemented internal control
system. It is important to strengthen your self-
assessment and continuous improvement.
HIGHER THAN 50%
AND LESS THAN
OR EQUAL TO 75%
HIGHER THAN 10% AND
LESS THAN OR EQUAL TO
15%
MEDIUM
Internal control system with aspects that require better
development and must be identified to be corrected
HIGHER THAN 25%
AND LESS THAN
OR EQUAL TO 50%
HIGHER THAN 5% AND
LESS THAN OR EQUAL TO
10%
LOW
Internal control system with serious limitations to
correct. It requires the execution of an improvement
plan.
LESS THAN OR
EQUAL TO 25%
LESS THAN OR EQUAL TO
5%
NON-EXISTENT
Internal control system non-existent or with serious
deficiencies
RANGE TABLE FOR THE EVALUATION OF THE INTERNAL CONTROL SYSTEM
ANNEX I: Internal Control Evaluation Tool
12. 11
ANNEX III: Covid 19 Risks
Public Procurement Risks
Internal Control Risks
Internal Audit Risks
Budgeting Risks
Field
13. 12
ANNEX III: Covid 19 Risks
Component
Public
Procurement &
Budgeting
Internal
control & audit
14. 13
ANNEX III: Covid 19 Risks
Risk Owner
Probability
Impact
Severity
Control
Risk Exposure