Internal Control Procedures

Internal control includes financial, operational and compliance controls
and risk management.

Directors have a fiduciary duty to the shareholders


All directors should take great care that they are able to fulfil this duty, for their own personal protection as well as for the shareholders and other stakeholders.


Most major corporate scandals have been the result of directors being unaware of the true financial position of the organisation for which they are responsible.


Every organisation should have a robust system of financial control. The organisation's auditors should be encouraged to review the controls in the business and report to the directors on their findings.


Internal control includes financial, operational and compliance controls and risk management.


Successful business involves taking risks. The purpose of internal control is to help manage and control risk appropriately, rather than to eliminate all risks, since profits are in part the reward for successful risk taking in business.


Risk assessment and control should not be limited to financial risks but should also include other relevant matters. These include external factors that should be exposed in the PEST analysis as well as an increasing range of other factors such as employment litigation, loss of key individuals, succession planning, IT failure/data loss, reputation risk etc.


There are four possible responses to risk: -

  • Avoid the risk. Do not commit to planned action and abandon the proposed project.
  • Mitigate the risk. Invest in standby equipment, duplicate or triplicate critical components, train staff or adopt risk policies such as requiring senior executives to travel in different vehicles.
  • Transfer the risk. Insure against the risk or otherwise spread the exposure to third parties.
  • Retain the risk. In this case the board must evaluate the impact of a worst case scenario and the ability of the organisation to recover. Different organisations have different appetites for risk, as well as varying resilience to disaster.

Corporate governance considerations

Does the board set appropriate policies on internal controls, seek regular assurance that the system is working satisfactorily, and ensure that the system is effective in managing risks?

Does the board consider: -

  • The nature and extent of the risks facing the organisation, which risks are acceptable and to what extent?
  • The likelihood of the risks materialising?
  • The organisation's ability to reduce the incidence and impact on the business of risks that do materialise?
  • The cost of operating particular controls relative to the benefits of managing the associated risks?

* Inspired by the Institute of Directors Standards for the Board

Train to become an excellent company director

Register with the Directors' Academy for courses, resources and events so you can be more confident, more effective - with less stress

What to do next

If you would  like to know more about how we can support your personal development as a director, facilitate an away day or corporate retreat, or assist with your board's corporate governance, contact us or call +44 (0) 7970 891 343.

Contact Us

+44 (0) 7970 891 343

Privacy PolicyTerms & Conditions

Brefi Group Limited

15 Clos Mancheldowne
Barry CF62 5AB, United K

Reg. No. 1669333

© Copyright 2020 Brefi Group Limited. All Rights Reserved.

We used Kartra to build this business. Check it out now.