geacollege
Faculty of Entrepreneurship
RISK-TARGETED INTERNAL CONTROL SYSTEM THAT PROVIDES THE DETECTION OF ESTABLISHED RULES VIOLATION AND MISREPRESENTATIONS OF ACCOUNTING AND FINANCIAL DATA
Natalia Kondrashova*
Kaluga branch of the Financial University, Russia kondrashova.ng@mail.ru
Tatyana Lesina
Kaluga branch of the Russian Presidential Academy of National Economy and Public Administration, Russia lesina.rpa@ya.ru
Kirill Titov
Kaluga branch of the Financial University, Russia titov.kfu@ya.ru
Abstract
Due to the economic changes of Russian Federation, internal control still retains its relevance. The article focuses on the need to improve the efficiency of the created internal control systems in the direction of managing risks of the established rules violations and accounting and financial data misrepresentations. Analysis of the concept of internal control from two methodological points of view allows defining internal control and further considering it as an independent system built into the process of corporate management. Incorporating risk management into the internal control process forms the concept of a risk-targeted internal control system. Following the integrated structure of internal control developed by COSO, the requirements and recommendations of the Russian regulatory legal acts, a model of a risk-oriented internal control system of a commercial organization, represented by an external and internal structure, is proposed. A key element of the internal structure of this system is risk assessment, which involves considering all the facts of economic life through the prism of risks. This allows the organization to develop internal control procedures for all risks of the established rules violations and accounting and financial data misrepresentations and depict them on the risk map. In the course of compiling the risk map, the process of identifying the risks of distortion of the facts of economic life by business processes was specified and an algorithm
Corresponding Author
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
for the formation and its documentation was proposed. Our study contributes to the existing literature and allows to fill the gap in terms of the practical implementation of improving the system of internal control of commercial implementation, taking into account the modern requirements for its implementation.
Key Words
Internal control; internal control system; internal structure; risk of the established rules violations and accounting and financial data misrepresentations; risk map.
INTRODUCTION
The problem of forming an effective system of internal control in modern conditions is becoming increasingly relevant due to the fact that Russia still maintains a high level of economic crimes. According to the World Economic Survey for 2018 prepared by PwC, a significant increase in the number of Russian companies that faced economic crimes in 2016-2018 from 48% to 66% was revealed (PricewaterhouseCoopers, 2018). The high level of fraud in the areas of procurement, theft of assets, bribery and corruption, cybercrime, distortion of accounting data indicate a lack of effectiveness of internal control in Russian organizations. Therefore, there is a need to improve the efficiency of the created internal control systems.
When forming the internal control system, economic entities, striving to achieve the effectiveness of their activities, miss the goals of its organization - "preventing or detecting deviations from the established rules and procedures, as well as distortions of accounting data, accounting (financial) and other reporting" (Ministry of Finance of Russia, 2013).
In the course of its financial and economic activities, economic entities manage a large number of risks: inflation risks for products, raw materials and materials, technical and production risks, liquidity risk, credit and other risks. Meanwhile, non-reflection or incorrect reflection of business transactions in accounting, their valuation that does not meet the requirements of regulatory documents, reflection of non-existent assets and liabilities, as well as other risks, distort the accounting (financial) statements and create favorable conditions for the commission of illegal action and economic crimes.
This problem and its solution requires improving the functioning of internal control to increase the reliability of accounting information and the impossibility of committing illegal actions in the direction of managing risks of deviations from the established rules and distorting accounting and reporting data.
Explanations on the organization of internal control by Russian economic subjects are contained in the 2013 document of the Ministry of Finance of the Russian Federation "Organization and implementation by the economic
33
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
entity of internal control of committed facts of economic life, accounting and accounting (financial) reporting" (hereinafter n3-11/2013) " (Ministry of Finance of Russia, 2013), but they are generic. And in the scientific literature, the methodological aspects of the functioning of effective internal control, capable of excluding the possibility of committing illegal actions, are also given insufficient attention, therefore, there is still a need to develop its methodological tools.
The relevance of the organization of the internal control system is confirmed by the works of Russian scientists: A. G. Volkova, O. S. Glinskaya, S. A. Meshcheryakova, N. D. Pogosyana, I. S. Skorikova, V. P. Suytsa, L. A. Tchaikovsky, E. N. Chernyshova, A. D. Sheremet and others.
Internal control was studied from various points of view by Huefner R. J., Hermanson D. R., Smith J. L., Stephens, N. M., Fourie H., Ackermann S.
Huefner R. J. (2011) studied the weakness of internal control, while Fourie H. & Ackermann C. (2013) studied the effectiveness of the internal control system. Hermanson, D. R., Smith J. L., & Stephens N. M. (2012) conducted a study of how auditors determine the effectiveness of internal controls.
Many of the studies on internal control are based on the assessment of internal control: Fourie H. (2013), Hermanson D. R. (2012), Vijayakumar A. N., Nagaraja N. (2012), Brown N. C., Pott C., Wumpener A. (2014); Clinton S.B., Pinello A.S., Skaife H.A. (2014).
Kinney Jr, W. R. (2000), Rae K., Subramaniam N. (2008) and Arwinge Olof (2013) discuss the need for additional research within the framework of internal control, as it has long been viewed by organizations as an important tool for achieving their goals.
So, Kinney Jr, W. R. (2000), O'Leary C., Iselin E., & Sharma D. (2006), Humphrey C. (2007), Rae K., Subramaniam N. (2008) and Arwinge Olof (2013) emphasize the need for further research regarding the reliability and efficiency of its organization.
Thus, the lack of theoretical development in the scientific literature and the illumination in the regulatory legal acts of the methods of internal control predetermined the need for further development of scientific and methodological recommendations on the formation of a reliable and effective system of internal control.
The purpose of this article is to improve the methodological tools of internal control in the direction of the organization and functioning of a risk-oriented system of internal control of the committed facts of the economic life of an economic entity.
To achieve this goal it is necessary to solve the following tasks:
-	propose a model of a risk-based internal control system of an economic entity;
-	reveal the algorithm for the formation and documentation of the risk map of the probability of deviations from the established rules and the distortion of accounting and reporting data;
-	specify the process of identifying the risks of distortion of the facts of economic life in business processes.
34
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
THE METHOD
The method of this work is based on a systems approach using various general scientific methods, such as: analysis, synthesis, deduction, induction, grouping, generalization, comparison, formalization and modeling. The theoretical basis of the study was the works of Russian and foreign scientists - economists, Russian legislative and regulatory acts on the organization of internal control in economic entities.
The scientific novelty consists in improving the methodological tools for organizing and operating a risk-based internal control system, highlighting and documenting business processes in the risk map of control procedures for minimizing risks of deviations from the established rules and distortion of accounting data and accounting (financial) reports.
DISCUSSIONS
The concept of internal control as a control exercised within an economic entity is identified with the concept of control. In the economic literature, these concepts are considered in inseparable connection with the management process from two methodological positions (Kondrashova, 2017, p. 26):
-	as a complex function and an integral part of business management;
-	as an independent management process and a holistic system.
In the framework of the first direction A. D. Sheremet and V. P. Suitz determines that "control is an important function of management, an integral part of the system of regulation of financial relations" (Sheremet and Suitz, 2014, p. 42).
S. A. Meshcheryakov believes that "control is a management function, which is a system for monitoring and checking the operation of an object in accordance with the management decisions made, and also allows to identify deviations for the intended purposes and take corrective measures if necessary" (Meshcheryakov, 2008, p. 6).
In the framework of the second direction A. G. Volkov and E. N. Chernyshov define that "control is a process ensuring compliance of a managed object with accepted management decisions and aimed at successful achievement of goals" (2011, p. 8), and N. D. Pogosyan notes that "control is a set of regular and continuous processes by means of which their participants in a legitimate form ensure the effective functioning of the public sector, as well as the activities of other economic entities, regardless of their form of ownership" (Melnik, Panteleev and Zvezdin, 2004, p. 12-13).
O. S. Glinskaya and I. S. Skorikova notes that "control is a systematic process aimed at identifying changes in actual versus planned performance of an organization, showing the feasibility of a chosen management strategy, allowing for timely corrective actions to be taken in order to achieve its objectives in order to obtain the maximum possible economic benefits" (2011, p. 259).
35
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
L. A. Chaykovskaya defines that "internal control is designed to ensure the fulfillment of the managerial function, being a complex system of measures, in terms of planning, accounting, economic analysis, organization of information, cash flow, and document flow" (2016, p. 170).
Bazmi N. A., Rehman M., Rehman C. A. (2016, p. 16) depict internal control as "a system within an organization designed to provide reasonable checks against the achievement of an organizational goal".
Based on the foregoing, we will consider internal control in the widest sense — systemic, as an independent system built into the process of corporation management. The internal control system is a set of interrelated control procedures carried out to achieve the objectives of the organization and determine the compliance of activities with the established requirements.
MAIN PART
In 1985, the United States established the National Commission on Fraudulent Financial Reporting, known as the Treadway Commission (Treadway Commission), to investigate the causes of fraud in the financial statements and make recommendations for their suppression (Johnstone, Gramling and Rittenberg, 2014). Subsequently, the Committee for the Treadway Commission (COSO) was created under the direction of the Commission.
In 1992, COSO developed an integrated internal control framework. Graphically, it is represented by a cube, in the upper plane of which the columns (operations, reporting and compliance) are associated with five components — rows of the second plane and the general structure of the business (third plane) (Pfister, 2009). This structure has been widely recognized and is the most widely used throughout the world.
According to the structure (COSO, 2011), the internal control system consists of five main components related to seventeen principles, among which (Kondrashova, 2017, p. 31): control environment: risk assessment; control activities; information and communication; and monitoring.
This structure is also recognized in Russia. The PZ-11/2013, published in 2013 (Ministry of Finance of Russia, 2013), contains explanations on the organization and implementation by an economic entity (with the exception of organizations of the public administration sector) of internal control.
It also highlights five main elements of internal control:
-	control environment;
-	risk assessment;
-	internal control procedures;
-	information and communication;
-	internal control assessment.
Inclusion in the internal control process of managing risks of deviations from the established rules and distortion of accounting and reporting data forms the concept of a risk-oriented internal control system.
36
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
Based on our review of literature and Russian regulatory legal acts, a model of a risk-oriented internal control system can be proposed (Kondrashova, 2017, p. 29).
Visually, it is represented by an internal structure and external environment (Figure 1). The external environment of the system is "output", "input", "feedback" and "external environment". The internal structure is the "black box", the processing of the "input" to the "output".
Figure 1: Model of corporate risk-targeted internal control system
Source: Own survey.
To achieve the goal of the internal control system, the "output" can be an administrative document on control (Regulations on internal control and documents on the results of its implementation). During the operation of this system, the result of the implementation of the administrative document will be information and documentation on the results of the control and monitoring of the internal control system.
The interdependence of the system and the external environment determines the principle of the "black box", according to which the system forms its properties and manifests them only in the process of interaction with the external environment. In the course of its operation, it reacts to the effects of the external environment and develops. This communication will be carried out through the management process conducted by the management of a commercial organization.
The "input" will be the requirements for the mandatory implementation of internal control and the recommendations of the n3-11/2013 on the organization and implementation of internal control of the committed facts of economic life.
37
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
Requirements for the mandatory implementation of internal control in the economic entities of the Russian Federation are governed by the following norms:
-	Art. 19 of the Federal Law dated December 06, 2011 No. 402-03 "On Accounting";
-	Art. 87.1 of the Federal Law dated December 26, 1995 No. 208-03 "On Joint-Stock Companies";
-	Art. 4, 7 of the Federal Law of 07.08.2001 No. 115-03 "On Counteracting the Legalization (Laundering) of Criminal Proceeds and the Financing of Terrorism".
Feedback components are customer claims, customer feedback and other factors. Feedback arises in case of non-compliance with the expectations of customers (users), reflected in the terms of contracts, due to non-compliance with these conditions or their changes. Inconsistencies should be resolved in the course of work on claims and complaints.
Internal structure - a set of interrelated elements. Ministry of Finance. According to the Ministry of Finance information, internal control is connected with the need to obtain confidence that the economic entity ensures the efficiency and effectiveness of its activities, the accuracy and timeliness of the accounting (financial) statements, compliance with the law when committing the facts of economic life and accounting. Its elements are: control environment, risk assessment, internal control procedures, information and communication, evaluation of internal control.
A key element of the internal structure of this system (Figure 1) is risk assessment - the process of identifying and analyzing risks.
"Risk can be defined as real or potential events that reduce the likelihood of achieving business goals ... Risk can be defined" (COSO, 2011, p. 14). That is, risk is the probability of events that prevent an organization from achieving its goals.
COSO, KPMG argue that risk management and control should be considered by enterprises as a means of maximizing opportunities and reducing potential losses associated with undesirable events (Pfister, 2009; COSO, 2011).
For the creation and reliable operation of this system, the leading role belongs to the leadership of a commercial organization. It should define and approve the control procedures, assign control functions for its implementation to specific employees. Internal control procedures are aimed at minimizing risks, therefore, first of all, the types of risks of deviations from the established rules and distortion of accounting and reporting data should be distinguished. Their characteristics will be presented in Table 1.
Table 1: The description of risks of the established rules violations and accounting and financial data misrepresentations
38
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
Kind of risk	Criteria	Description
1	2	3
Risk of incompleteness	Completeness	The risk that not all perfect facts are actually reflected in accounting
The risk of non-existent facts	Emergence and existence	The risk that reflected facts of economic life do not occur in the reporting period and do not relate to the organization's activities
Risk of non-existent rights and obligations	Rights and obligations	The risk that the property recorded in the accounting, the obligations of the organization and its property rights do not actually exist
Risk of inaccuracy assessment	Evaluation and distribution	The risk that revenues and expenses, assets and liabilities are reflected in the wrong value measurement in the relevant accounts and accounting registers
Data corruption risk	Submission and disclosure	The risk that accounting information is incorrectly disclosed and presented in the financial statements
Source: Own survey.
In the process of identifying risks in a particular organization, a map of the risks of distortion of accounting and reporting data is compiled. For this, first of all, it is necessary to collect information about all the facts of economic life and their combination. Using the example of a conditional organization, we systematize and distribute these facts across business processes and summarize these data in Table 2. The risk analysis of accounting and reporting data is distorted as part of the identified business processes.
Table 2: Systematization of the economic factors of Russian corporate life and their split by business processes_
Buisness process	Account arrangement of the economic life factors	The number of factors of economic life, units		The volume of monetary turnover of the facts of economic life, mln. rub.	
		2018	2019	2018	2019
Finance management	66	"Calculation of short-term loans and borrowings" and 67	"Calculation of long-term loans and borrowings", 50 "Cash", 51 "Cost calculation accounts", 52 "Currency accounts", 55 "Special bank accounts", 57 "Transfers in transition"				
Cost management	20 "Primary production", 26 "General expenses", 44 "Sale expenses", 90.2 "Cost of sales", 91.2 "Other expenses"				
Procurement Management	60 "Calculations with suppliers and contractors"				
Other business processes	other accounts				
Total					
Source: Own survey.
39
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
According to Table 2, it is possible to identify the largest number of facts of economic life and the amount of monetary turnover that falls on a certain business process of a commercial organization in the previous and current year and conduct continuous monitoring of internal control over this business process.
Then, for each business process, a risk map of the facts of economic life in the organization is compiled (Ministry of Finance of Russia, 2013, paragraph 13.3) in the form of a table with a reflection of each fact of economic life or their combination, with the characteristics of risks and control procedures for their minimization. For example, according to the "Procurement Management" business process, which usually accounts for the largest amount of cash flow, it can have the form shown in Table 3 on Appendix.
The control procedures presented in Table 3 indicate that the use of internal control tools is possible through the introduction of an accounting computer program, since accounting is automated. In addition, internal control procedures include: reconciliation of data, verification of arithmetic calculations, verification of the correctness of specifying details and paperwork. To prevent the possibility of incorrect correspondence of accounts, reflection of non-existent facts of economic life and the related accounting entries allows the use of restriction, authorization and authorization tools in a computer program. The use of the above procedures allows you to prevent violations and abuses, and in identifying them simplifies the search for the perpetrators.
The position on internal control is the "way out" of the internal control system (Figure 1), it must be documented card of risks of deviations from the established rules and distortion of accounting and reporting data.
We recommend regularly assessing the performance of this system and continuous monitoring of internal controls on the risks of business processes with the highest turnover of operations and cash. This will allow the organization to reveal the specifics of the functioning of internal control to identify deviations from the established rules and procedures, prevent abuses and fully comply with the requirements of legislative acts.
CONCLUSION
Thus, the inclusion in the internal control process of managing risks of the established rules violations and accounting and financial data misrepresentations forms the concept of a risk-oriented internal control system. Risk-oriented corporate internal control system model has been proposed with the specification of the process of identifying risks considering economic life factors relation to business processes, an algorithm for generating and documenting the risk map of the established rules violations and accounting and financial data misrepresentations has been defined. The proposed approach will improve the methodological tools of internal control in the direction of managing the risk of the established rules violations and accounting and financial data misrepresentations.
40
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
FINDINGS
The purpose of this article was to improve the methodological tools of internal control. The study examined the concepts of internal control and its interpretation from two methodological points of view. We can say that internal control is an independent system that is built into the process of corporate management as a set of interrelated control procedures that are carried out to achieve the goals of corporation and determine the compliance of activities with the established requirements.
Considering internal control from this point of view, and following the integrated structure of internal control developed by COSO, to the requirements and recommendations of Russian regulatory legal acts, a model of a risk-oriented corporate internal control system is proposed. It is represented by the external and internal structure, the connection between the elements of this system is revealed.
Some aspects that should be considered to ensure the effectiveness of the internal control system are highlighted: for its reliable functioning, the leading role belongs to the corporate management. It should determine and approve the control procedures, assign control functions for its implementation to specific employees; to officially specify then in corporate internal control regulations; regularly assess the performance of this system and continuously engage the business processes risks internal control with the highest cash flow.
The goal of this article has been achieved by defining a model of a risk-oriented corporate internal control system, specifying the process of identifying risks of the established rules violations and distortions of the facts of economic life by business processes, the algorithm for generating and documenting the risk map of the established rules violations and accounting and financial data misrepresentations. A key element of the internal structure of this system is the risk map, which involves consideration of all facts of economic life through the prism of risks, which allows corporation to develop internal control procedures for all risks of the established rules violations and accounting and financial data misrepresentations.
The proposed recommendations will allow the corporation to reveal the core of the functioning of internal control and to completely fulfill the requirements of legislative acts.
ACKNOWLEDGEM ENTS
The authors are grateful for the advice and valuable comments of the professors of the Accounting, Analysis and Audit Department of the Financial University under the Government of the Russian Federation Alexander Alekseevich Savin and Zhanna Arakelovna Kevorkova, we'd also like to thank the Associate Professor of the Department of Social Sciences of Kaluga Finance University Larisa Vasilievna Titova for her personal assistance in preparing this article.
41
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
REFERENCES
Arwinge, O. (2013). Internal Control: A Study of Concept and Themes. Heidelberg: Physica-Verlag HD.
Bazmi, N. A., Rehman, M., Rehman, C. A. (2016). Issues and Challenges faced by internal auditors of private sector. Social Science Learning Education Journal, 1(1), 15-19.
Brown, N. C., Pott, C., Wumpener, A. (2014). The effect of internal control and risk management regulation on earnings quality: Evidence from Germany. Journal of Accounting and Public Policy, 33(1), 1-31.
Chaykovskaya, L. A. (2016). Effective internal control and factors affecting it. Audit and Financial Analysis, 1, 170-176.
Clinton, S. B., Pinello, A. S., Skaife, H. A. (2014). The implications of ineffective internal control and SOX 404 reporting for financial analysts. Journal of Accounting and Public Policy, 33(4), 303-327.
COSO (2011). Internal Control - Integrated Framework. Framework: December 2011. Retrieved 25 September 2019 from: http://felaban.s3-website-us-west-2.amazonaws.com/boletines_clain/archivo20140723210329PM.pdf
Fourie, H., Ackermann, C. (2013). The impact of COSO control components on internal control effectiveness: an internal audit perspective. Journal of Economic and Financial Sciences, 6(2), 495-518.
Glinskaya, O. S., Skorikova, I. S. (2011). Basic concepts and requirements of control. Audit and Financial Analysis, 3, 258-261.
Hermanson, D. R., Smith, J. L., Stephens, N. M. (2012). How Effective are Organizations' Internal Controls? Insights into Specific Internal Control Elements. Current Issues in Auditing, 6(1), A31-A50.
Huefner, R. J. (2011). Internal control weaknesses in local government. The CPA Journal, 81(7), 20.
Humphrey, C. (2007). Auditing research: A review across the disciplinary divide. Accounting, Auditing and Accountability Journal, 21(2), 170-203.
Johnstone, K. M., Gramling, A. A., Rittenberg, L. E. (2014). Auditing a Risk-Based Approach to Conducting a Quality Audit (9th Ed.). Mason: Cengage Learning.
Kinney Jr, W. R. (2000). Research opportunities in internal control quality and quality assurance. Auditing: A Journal of Practice & Theory, 19(s-1), 83-90.
Kondrashova, N. G. (2017). Stages of the implementation of internal control in small commercial organizations. Auditor, 4, 26-33.
KPMG (1999). The KPMG Review. Internal Control: A Practical Guide. Service Point (UK) Limited.	Retrieved	25	September	2019	from:
https://ecgi.global/sites/default/files//codes/documents/kpmg_internal_control_practical_guid e.pdf
Melnik, M. V., Panteleev, A. S., Zvezdin, A. L. (2004). Revision and Control: Textbook, Melnik M. V. (Ed.). Moscow: Foreign CCF-Press Publ.
Meshcheryakov, S.A. (2008). Control and Audit: Textbook. St. Petersburg: SPbGLTU.
Ministry of Finance of Russia (2013). Organization and implementation by an economic entity of internal control of the committed facts of economic life, accounting and preparation of accounting (financial) statements. Information No. PZ-11/2013. Retrieved 25 September 2019	from:
http://www.consultant.ru/document/cons_doc_LAW_156407/cdadff1e0354fc861324bb0ead 93305a88bd2865/
O'Leary, C., Iselin, E., Sharma, D. (2006). The relative effects of elements of internal control on auditors' evaluations of internal control. Pacific Accounting Review, 18(2), 69-96.
Pfister, J. A. (2009). Managing Organizational Culture for Effective Internal Control: From Practice to Theory. Heidelberg: Physica-Verlag.
PricewaterhouseCoopers (2018). Russian Economic Crimes Survey 2018. Retrieved 25 September 2019 from: https://www.pwc.ru/ru/publications/recs-2018.html
Rae, K., Subramaniam, N. (2008). Quality of internal control procedures: Antecedents and moderating effect on organizational justice and employee fraud. Managerial Auditing Journal, 23(2), 104-124.
Sheremet, A. D., Suitz, V. P. (2014). Audit: Textbook. 6th ed. Moscow: INFRA-M Publ.
42
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
Vijayakumar, A. N., Nagaraja, N. (2012). Internal control systems: Effectiveness of internal audit in risk management at public sector enterprises. BVIMR Management Edge, 5(1), 1-8. Volkov, A. G., Chernyshev, E. N. (2011). Control and Revision: Textbook. Moscow: Publishing center EAOI.
43
Advances in Business-Related Scientific Research Journal, Volume 10, No. 2, 2019
APPENDIX
Table 3: The integrated risk map of the established rules violations and accounting and financial data misrepresentations corresponding to the "Stock Management" business process
Risk	Description	Control procedures
The risk of nonexistent facts	Provision of fictitious services	Daily check of the availability of documents and correctness of registration details of documents
	Acquisition of non-existent rights, licenses	Daily check of the availability of documents and correctness of registration details of documents
	Relocation of inventories between warehouses during inventory	During the inventory to conduct automatic reconciliation of data
	Theft of inventories when leaving a warehouse	Restrict access to the warehouse of unauthorized persons
Risk of incompleteness	Reflect not all orders	Daily reconciliation of these documents and their reflection in the computer program, authorize access to the computer program
	When taking inventory is not considered surplus	Daily check of correctness of paperwork and their reflection in the computer program
	The reflection of the receipt or disposal of inventories is not in the reporting period	Verification and documentation of identified deviations
Risk of non-existent rights and obligations	Placing unauthorized orders	Limiting the possibility of entering into a computer program without specifying additional data by an accountant
	Issuance of guarantees and sureties	Limiting the possibility of entering into a computer program without specifying additional data by an accountant
Risk of inaccuracy assessment	Supply of goods, performance of work and provision of services at inflated prices	Confirmation of payment authorization by all responsible persons
	Creating regrading of inventories	Verification and documentation of identified deviations
Data corruption risk	All procurement accounting data is reflected in the accounting (financial) statements.	Modify the computer program so that at the end of each month the whole cycle of work on the processing of documents ends with the impossibility of making changes in the closed months
Source: Own survey.
44