Internal Controls

From Open Risk Manual


Internal Controls denotes the set of policies and procedures implemented within the organization with the objective of ensuring Compliance with laws and regulations as well as internal rules and plans. All the means, tangible and intangible that can be employed or used to ensure that established objectives are met.

Design elements of Internal Controls

Designing effective internal controls depends heavily on the risk domain being addressed. Some general principles are listed here[1]

  • Internal controls are designed to ensure that each identified risk has a policy, process or other measure, as well as a control to ensure that such policy, process or other measure is being applied and works as intended.
  • Internal controls help ensure process integrity, compliance and effectiveness.
  • Internal controls help provide comfort that financial and management information is reliable, timely and complete
  • Internal controls help establish that the firm is in compliance with its various obligations, including applicable laws and regulations.
  • Internal controls place reasonable checks on managerial and employee discretion.

Internal and External Audit

The Internal Audit function is responsible for setting up and monitoring the internal control system


See Also


  1. BCBS, Principles for enhancing corporate governance