Abstract
Purpose
This article aims to identify management practices that evidence how internal control have been considered essential, from the edition of the State Constitutional Amendment no. 75 of 2012, within the public administration of the executive branch of the State of Ceará, during the period 2012–2021.
Design/methodology/approach
The study relates the identified management practices to COSO (The Committee of Sponsoring Organizations) methodology “Internal Environment” component categories. The research is classified as basic, exploratory and bibliographic, on the theme of internal control in scientific articles published between 2015 and 2021, and documental, carried out through official documents, including the 27 Brazilian constitutions.
Findings
Existence of management practices that corroborate the essentiality of internal control in Ceará.
Research limitations/implications
The study is limited to evidencing the control practices implemented in Ceará, not evaluating them as to their quality.
Practical implications
Contributions on control on constitutional-legal bases for other Brazilian Federation States.
Social implications
Possibility of introducing the research theme into various branches of scientific knowledge, such as political science and contributing to public organizations to implement policies with the proper application of resources for the benefit of society.
Originality/value
The originality of the research is in demonstrating the essentiality of internal control in the State of Ceará, from the edition of management acts performed by the executive branch, based on Constitutional Amendment 75 of 2012, which did not become a dead letter of the law, enabling other states of the federation to do the same.
Keywords
Citation
Gadelha, A.L.L., Gouveia, L.B. and Sarmento, A.M. (2023), "Essential internal control: evidence from the executive branch of the State of Ceará", Revista de Gestão, Vol. 30 No. 1, pp. 32-46. https://doi.org/10.1108/REGE-08-2020-0073
Publisher
:Emerald Publishing Limited
Copyright © 2022, Ana Lúcia Lima Gadelha, Luis Borges Gouveia and Anabela Mesquita Sarmento
License
Published in Revista de Gestão. Published by Emerald Publishing Limited. This article is published under the Creative Commons Attribution (CC BY 4.0) licence. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this licence may be seen at http://creativecommons.org/licences/by/4.0/legalcode
1. Introduction
To achieve efficiency, efficacy and effectiveness in its plans and programs, public activity requires a function that is essential to the Rule of Law: control. There are three types of control: social, external and internal. Social control is exercised by society and consists of surveillance by the recipients of public policies. External control is exercised by agencies and entities outside the organization’s body. In the public sector, it is that exercised by the Federal and State Courts of Accounts. They are autonomous and independent organs of the administration, never participating in the acts performed by it, being responsible for monitoring and inspection (Marçola, 2011).
Internal control is defined by Machado (2015) as a process conducted by the management of an organization to enable, in a reasonable way, the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial statements and compliance with laws and applicable regulations. In this article, we adopt the author’s concept of control as an essential function of surveillance and frequent monitoring of an organization’s resources, with the observance of good practices and integrity in the use of these resources, providing conditions so that the organization, whether public or private, can be evaluated and have the directions corrected to avoid damage and curb or minimize risks. Contemporary authors (Araújo, Santos, Araujo, & Dias, 2017; Silva, Abreu & Couto, 2017; Freire & Batista, 2018) agree and express the importance and the good character of control in organizations, for the economy, to combat fraud, vice and corruption in any entity, whether public or private.
Control in public administration is advocated in the Magna Carta of 1988, which refers to it in articles 70 and 74 (Constitution of the Federative Republic of Brazil, 1988). Besides, other Brazilian laws also do so, such as Law 4.320 (1964), where the first internal control records are located, and the Complementary Law – LRF (Law n. 101, 2000). In public administration, internal control is also pointed as a management tool that improves the quality and effectiveness of services provided (Moreira, Dias, & Souza, 2017).
This scope of control within the public administration to respond to risks and provide security to the organization (Capovilla, Gonçalves, Dantas, & Oliveira, 2018) brings to the function the design of indispensability of achievement. To ensure this desideratum, the state edited Constitutional Amendment No. 75 (2012), which confirmed the treatment of essential, making it indispensable within the state public administration. It should be noted that the State of Ceará had already been implementing some control management actions, which culminated in the enactment of that constitutional amendment. But the treatment given by Constitutional Amendment No. 75 (2012) – that added to the State Charter Article 154, item XXVII (1989) – established the essentiality of the function control, linking it to the important activities: ombudsman, controller, government audit and correction.
The essentiality character printed by the referred constitutional amendment imposed a duty onto the state public administration, and more than that, imprinted on it a quality of being essential, indispensable. However, this essentiality cannot become a dead letter of the law. There must be a commitment by the competent bodies to demonstrate it concretely so that the desired effects for the control function are effectively produced. In the State of Ceará, the central body competent to execute internal control is the office of the State Controller and Auditor General. This state body has been delegated the functions of the ombudsman, controller, government audit and correction. So, it is up to this body to carry out management practices that demonstrate the essentiality of internal control in the state.
Thus, in the context of this constitutional delegation, the research question of this article arises: What practical evidence of the State of Ceará public management proves the pertinence of the expression of essentiality, constitutionally declared, to the control function? After all, from Amendment n. 75 (2012), it is vital to identify which management practices were adopted or strengthened to corroborate the constitutional affirmation of control essentiality.
The article aims to identify management acts practiced by the State of Ceará that corroborate the constitutional assertion, and how they are effective in practice. This justifies the relevance of the study based on the fact that internal control is taken to a condition of essentiality at the constitutional level and, therefore, knowing the effective management decisions may influence other entities and entities of the Federation. There is pertinence and practical importance for other units of the Brazilian Federation because, according to this research, only the State of Ceará – out of the 27 units of the Brazilian Federation introduced the essentiality of internal control by constitutional amendment. This in itself constitutes an important reason for study, which is also of interest to public administration organizations in the country. It aims to verify how this is presented in practice. It is also of interest to private organizations. For the academic area, the article contributes to the enrichment of the theme both from the theoretical–legal side and from the practical side, that is, of interest to the technical–scientific community.
The research is characterized, as to its objective, as exploratory, as it aims to present an overview of a new fact to make it more explicit (Gil, 2008). As to its nature, according to Prodanov and Freitas (2013) it is an applied research, as it aims to produce knowledge for practical application, for the solution of specific problems: in this case, through the results found under the title of management acts imposed by the executive branch of the State of Ceará. As for the technical procedures, the research is classified as documentary. According to Gil (2008), it has not yet received analytical treatment or can still be reworked according to the research objects. In this article, the documentary research is based on the reading and analyzing of the main rules issued by the internal control in the State of Ceará that established management acts. As for the research approach, it is qualitative, in which elements of interpretation by the research author prevail (Menezes, Duarte, Carvalho, & Souza, 2019), and deals with phenomena, allowing the hermeneutic analysis of the data (Appolinário, 2004).
As a result of the research, aimed at the characterization of the essentiality of internal control, consideration is focused on the management acts practiced in the internal control area within the Executive Power of the State of Ceará which denotes regulatory initiatives or directives to be complied with by the organs and entities of the state Public Administration. These management acts will be treated as evidence and parameterized by comparison to the categories presented in the “Control Environment” concept adopted by The Committee of Sponsoring Organizations (COSO, 2013). The categories are patterns, processes and structures, which define the concept of control environment (COSO, 2013).
In addition to this introduction, this article is organized into five sections. The second section is the theoretical framework, based on different scientific contributions and control legislation, which is divided into three subtopics: (1) legal frameworks of internal control, (2) the control function as essential to public administration, (3) the control environment according to COSO (2013). The third section deals with methodological procedures; the fourth section deals with results and discussion of the information that shows the essentiality of control through management practices; and finally, in the fifth section, we have the final considerations.
2. The theoretical framework
2.1 Historical and legal landmarks of internal control
Internal control integrates the scope of the control function and, within the organization, occupies a level of extreme importance that affects objectives, plans, information, processes, systems, activities, functions, projects and initiatives (Montenegro, Oliveira, & Lopes, 2017). The internal control system comprises a process that aims to achieve operational effectiveness and efficiency, reliability, criteria compliance and compliance with laws and regulations (Pangaribuan, Donni, Popoola, & Sihombing, 2019).
Authors Santos and Pereira (2019) warn about the substantial absence or inefficiency of internal control in organizations. According to the authors, this can be understood as a result of decisions made by managers who, with limited information, believe that the implemented controls as they are would be sufficient to protect the organization. Therefore, the improvement of controls in public administration sheds light on the activities performed by the public manager, with due accountability for faults and irregularities committed in the exercise of the function (Alencar & Fonseca, 2016).
The importance of internal control in organizations has been a point of agreement for many authors who have studied the subject since its origin. A brief historical rescue is brought by De La Cruz and Delgado (2021), summarized here. The authors allude to its antiquity going back to the appearance of accounting itself. They classify its emergence and evolution into four stages called: genesis – when the first accounting records came up, dating back to 1280; changes, starting in 1902, with the increase in production that led to the need for auditors and accountants, and when internal control started to be discussed as means to prevent fraud; during development, the third stage according to those authors, records the internal control’s objective expansion, due to the hostile and competitive environment that companies were facing; finally, a milestone in the evolution of internal control was the reports of the Committee of Sponsoring Organizations in the COSO Standards Committee in 1992, establishing the fourth stage of integration.
Next, we continue this brief historical review, from legal measures in Brazil standpoint. That begins with reference to Law No. 4.320 (1964) in its articles 76 to 80. In article 77, the referred law mentions three modalities as to internal control time of action: (1) prior, (2) concomitant and (3) subsequent. Meireles (2000) teaches that control is prior when exercised before the conclusion or operation of the act; it is concomitant when it accompanies the performance of the act to follow the regularity of its execution; and, subsequent, when it occurs after the conclusion of the controlled act.
Article 75 of Law no. 4.320 (1964) states the foundations for the exercise of the three types of internal control: (1) “the legality of acts, (2) the loyalty and accountability of the administration agents, (3) the execution and quality of public spending. Another important legal diploma for the evolution of control was the edition of Decree-Law no. 200 (1967), which provided legal basis for Brazil’s administrative reform (Moreira et al., 2017). In the current Brazilian Federal Constitution (1988), the provision of internal and external control stands out in Article 70:
The accounting, financial, budgetary, operational and financial control of the Union and its direct and indirect administration entities, regarding legality, legitimacy, economy, application of subsidies and revenue waiver, will be exercised by the National Congress through external control, and by the internal control system of each branch. (Constitution of the Federative Republic of Brazil, 1988, p. 56).
Likewise, this important function is also described in Article 74:
The Legislative, Executive and Judiciary Branches will maintain, in an integrated manner, an internal control system with the purpose of I – evaluate the fulfillment of the goals outlined in the pluriannual plan, the execution of government programs and the budgets of the Union; II – verify the legality and evaluate the results, as to effectiveness and efficiency, of budgetary, financial and patrimonial management in the bodies and entities of the federal administration, as well as the application of public resources by private law entities; III – exercise the control of credit operations, endorsements and guarantees, as well as the rights and assets of the Union; IV – support the external control in the exercise of its institutional mission. (Constitution of the Federative Republic of Brazil, 1988, p. 58).
Another important milestone for internal control and for the public administration itself was the Law of Fiscal Responsibility – LRF, n. 101 (2000), which sets standards for public finance, focused on the responsibility in fiscal management, aiming at risk prevention and correction of deviations that may affect the balance of public accounts.
In Ceará, a set of measures were taken to establish and strengthen the state control function. We start the survey of these measures as a theoretical–legal basis to justify a certain pioneering in treating internal control in a robust way, within the state public administration. This robustness, evidently, was marked in the state constitution itself, which establishes in Article 154, item XXVII:
… the control activities of the State Public Administration, essential to its operation, shall specifically include the functions of ombudsman, controller, government audit and correction.” (NR) Added by Constitutional Amendment No. 75, December 2012. Official Gazette on December 27, 2012. (Constitution of the State of Ceará, 1989, p. 48).
In Ceará, other law editions constituted fundamental landmarks for control. One of them was Law no. 13,297 (2003), which created the Office of the Controller – SECON, the state’s central agency for internal control, whose mission was to watch over the regularity of public resources, exercising auditing activities, rationalization of resources and financial control. After SECON creation in 2003, two more critical laws were issued to strengthen the Internal Control Body: Law 13,325 (2003), which created the positions and the auditing career; and Law 13,875 (2007), which expanded the functions of the body by joining the actions of the Ombudsman and Transparency systems, changing its name to Secretariat of the Office of the Controller and Ombudsman – SECON.
In 2008, the State Controller and Ombudsman launched the first Transparency Portal of the State Executive Branch, which became an essential instrument for social control (Araújo & Nunes, 2017). In 2009, with the publication of Law No. 14,306 (2009), SECON powers were again expanded, and it was renamed State Controller and Auditor General – CGE [in the Portuguese acronym]. According to Araújo and Nunes (2017), after the incorporation of the Ombudsman’s Office, CGE became part of the State Government with the mission of ensuring quality and regularity in public resources administration.
In Ceará, other advancements occurred as of 2012, such as the participation of society in the management of public policies, the institution of the Ethics and Public Transparency System, the implementation of processes and organizational structures related to public governance with a focus on social control, and the rationalization and control of public spending, contributing to the defense of values and principles of morality, transparency, efficiency and other principles in favor of public goods (Nunes, Lima, & Oliveira, 2012).
2.2 The control function as essential to public administration
The word “essential” is: “relative to the essence, which constitutes the essence, indispensable, necessary, important and fundamental” (Ferreira, 1986, p. 712). Based on this concept, it can be stated that the Constitution of the State of Ceará, through Constitutional Amendment No. 75 (2012), imprinted a character of indispensability to the control in the state public administration, with the addition of Article 154, item XXVII.
Constitutional amendment is the introduction of new rules in a constitutional text. It is a form of amendment that uses a special rite to introduce it into the constitutional text, to keep it consistent with the Constitution’s other precepts, principles and rules (Bonavides, 1994).
The Constitutional Amendment n. 75 (2012) imprinted the essentiality to the control activities. It established the macro-functions of Ombudsman, Controller, Audit and Correction of Ceará State Public Administration. It is worth noting that, regarding the treatment given to the essentiality of control on a constitutional basis, the federal sphere in Brazil has not had the same success with the publication of the proposed amendment to the 1988 Constitution. PEC [Constitutional Amendment Proposal, in the Portuguese Acronym] n. 45 (2009) had its processing closed on December 21, 2018. The federal proposal aimed to add item XXIII to article 37 of the Federal Constitution (1988), specifying the macro-functions mentioned in Ceará’s Amendment n. 75 (2012). Concepts related to these macro-functions are briefly presented below.
The Public Ombudsman has been strengthening as an interface instrument between public management and democracy, with advancements in access to information and public transparency (Silva & Oliveira, 2020). In this understanding, Biagini (2016) has that the Public Ombudsman must be an agent of change, driven by meeting user needs. They significantly contribute to democratic procedures (Comparato, 2016).
The controller is conceptualized as an administrative unit that uses accounting data and is responsible for designing, developing, applying and coordinating all accounting tools within the organization (Lima, Reis, Alvarenga, & Campos, 2015). As an administrative body, it has the purpose of ensuring adequate information for the decision-making process. Rubens and Gouveia (2020) share this understanding, stating that the Controller’s Office is the department responsible for generating information, allowing managers to make decisions. Opinions such as those of Oliveira and Higashi (2018) point out that the role of the Controller’s Office is not only to manage the organization’s accounting system, but to be a department with a multidisciplinary profile to meet the breadth of its functions.
Many are the concepts and definitions that are presented for auditing, given by scholars, researchers and professional class representative bodies. The evolution of knowledge and of social and business relations between people and organizations in society also contribute to the evolution of the concept.
In the lesson of Araújo et al. (2017), adherence to internal control as a managerial tool in the public sphere allows ex ante reflections, which enables the balance between risk, action and consequences. Internal control has a set of practices as objectives, whose purpose is the protection of the entity’s interests, safeguarding its assets and interests (Cruz, Santos, & Leone, 2018).
In this context, public resources’ attentive and rigorous supervision is essential, aiming to curb irregularities, deviations and fraud. This perspective of inspection implies the population’s participation, which activates another form of control: social control. The idea of social control has brought a new mentality to the population, which has moved from a passive position, merely receiving state services, to an active condition, participating in government decisions (Silva, Gonçalves, Santos, & Pirkiel, 2018).
What can be understood from the positions expressed by these authors is that control has contributed to the execution of some fundamental factors, such as good planning, transparent, efficient and effective management, risk prevention, correction of deviations and the achievement of fiscal balance and public accounts. In addition, the control also presents itself as an instrument of strong expression against corruption, administrative improbity. Cambi and Bertoncini (2016) and Cortez (2019) also favor the exercise of social control in this understanding.
However, highlighting the importance of internal control in organizations does not guarantee established objectives and results achievement. Some factors may restrict the reasonable assurance of achieving the entity’s results, such as erroneous judgments or decisions, or external events that may lead an organization not to achieve its operational objectives (COSO, 2013).
In the public administration case, control assumes a role of extreme relevance because it allows the monitoring of administrative acts and the accountability of its agents whenever they practice acts affected by irregularities or deviations from the public purpose (Alencar & Fonseca, 2016; Freire & Batista, 2018). In the wake of this understanding, Elsayed and Elshandidy (2021) propose the hypothesis that the effectiveness of an internal control system reveals more risk factors and increases the ability of managers to discover higher levels of risk information.
2.3 COSO and the internal control environment
Initially, the concept of internal control from the perspective of COSO – Integrated Framework – is addressed, and it can be defined as: “A process conducted by the governance structure, management and other entity personnel, and designed to provide reasonable assurance regarding the achievement of objectives related to operations, disclosure and compliance. This definition reflects some fundamental concepts.” (COSO, 2013, p. 6).
Before 1992, numerous authors had already been broadening the scope of internal control onto a systemic view, being seen as a process implemented by the senior management of an entity aiming to provide reasonable assurance in its operations to achieve its social objectives. The principles and practices of internal control and risk management were expanded and updated as of 1992 by the Committee of Sponsoring Organization – COSO of the Treadway Commission – COSO I (Machado, 2015).
COSO – The Committee of Sponsoring Organizations (2013) is a nonprofit, private entity whose recommendations are references for internal control. In 2001, COSO initiated a strategy that broadened the focus of control to integrate the treatment of organizational risks and developed an enterprise risk management framework that could provide the fundamental principles and concepts using a common language. In 2004, the COSO Council published the Enterprise Risk Management – Integrated Framework, and in 2017, an update of the 2014 version was released. This article will allude to the control environment addressed in COSO – Integrated Framework – Executive Summary (COSO, 2013).
Internal control is conducted to achieve objectives. It is a process consisting of continuous tasks and activities, performed by people capable of providing reasonable assurance, adaptable to the structure, and flexible throughout the entity. COSO has defined five interrelated components for control. They are: “control environment; risk assessment; control activities; information and communication; and monitoring activities” (COSO, 2013, pp. 7-8). The following are brief definitions of each of these five components.
The control environment refers to the set of rules, processes and structures that is the basis for conducting internal control in the organization. In this context, control environment draws fully on the governance structure and top management that set guidelines on the importance of internal control. Risk assessment is treated as necessary to evaluate the effectiveness of internal control itself, concerning the achievement of the organization’s objectives. As for the control activities component, these are defined as actions established by employing policies and procedures that contribute to the fulfillment of the management-set guidelines to mitigate risks to objectives achievement. Information and communication are necessary components to support the other components of the internal environment: information supports the achievement of the organization’s objectives, and communication is an interactive, ongoing process that provides, shares and enables the obtaining of information needed by the organization. Monitoring activities relate to ongoing and/or independent evaluations that are made to verify the presence and functioning of the five components of internal control, including evaluating the effectiveness of controls in the principles related to each component (COSO, 2013).
This article addresses the COSO (2013, p. 7) concept of control environment defined as “the set of standards, processes, and structures that provide the basis for internal control throughout the organization”. These elements, that make up the definition of control environment, as standards, processes and structures, are identified as essential for the correlation to be made with the research results treated as management practices. The intention is to connect the acts practiced by the executive branch of the State of Ceará in the area of internal control to those elements brought in the control environment definition by COSO (2013). The internal control environment, according to COSO (2013, p. 7), covers integrity, ethical values and parameters that allow overseeing the governance structure, the organizational structure, the delegation of authority and responsibility; attracts, develops and retains talent, keeps rigor in the face of measures, incentives and rewards. In short, it impacts the entire internal control system. As stated by Capovilla and Gonçalves (2018), the internal control environment lays the foundation for the effectiveness of an internal control structure.
To clearly establish this relationship of the research findings with the elements of the internal control environment, concepts for these referred elements are adopted, even if briefly or even modestly. Thus, the definition for the term “Standard” is documented as commitment, used in common and repeated times by people related to a particular function; “Processes” are defined as a set of planned and interrelated activities performed with the aim of generating products or services that meet the needs of customers, whether internal or external, through the combination of people, methods and tools (Comissão Técnica Nacional de Governança [National Governance Technical Commission], 2010). In turn, “Structure” concept can be taken in a looser definition as a frame, framework (Ferreira, 1986).
3. Methodological procedures
The research was conducted primarily through a bibliographic review, which served as basis for exploring the theoretical framework, considering articles and scientific journals that address the control theme. To this end, keywords on internal control and its relations to government management and public administration were searched on specialized websites. The research platforms consulted were the Knowledge Library (B-on), SciELO – Scientific Electronic Library Online, Elsevier, Scopus, Proquest and ResearchGate. The present study is based on the principle of consulting a bibliographic base with more recent authorial approaches, specially brought by Proquest, Elsevier, Scopus and ResearchGate bases, with references from 2015 to 2021. The articles selected, read and analyzed provided support for the theoretical foundation of the main concepts and categories explored in this study.
The documental research, which uses materials that have not received analytical treatment (Prodanov & Freitas, 2013), collected data from official sources of the executive branch of the State of Ceará, referring to legal regulations and other official documents that address the internal control theme. Among those, the ones presenting characteristics and results with COSO (2013) internal environment categories were selected. The documental review made it possible to compare the evidence found with the categories of COSO (2013) “Internal Environment” components of: standards, processes and structures. COSO’s objective is to guide organizations on internal control principles and procedures, specifically to ensure reliable financial reporting and to prevent fraud. Thus, the practical part of the research used the elements of COSO internal environment as a parameter to assess the existence of evidence of management acts that promote the essentiality of control in the state.
The choice of COSO methodology is justified because, among its components, the concept of control environment is the one that allows the comparison to management acts performed by the control in the State of Ceará, in the intent of this research. From this comparison, analyses were made to identify if control in the state is actually essential in its treatment. The research was conducted from August 2020 to August 2021.
In the following topics, the study focuses on the findings, essentially of a legal nature, processes and management tools found, based on the methodology described above, classifying them according to the categories of the control environment identified by COSO I. That converges to the recognition of the essentiality declared by the State Constitution in relation to internal control and practiced by the executive branch of the State of Ceará.
4. Results and discussion
This article set out to find evidence of management practices by the executive branch of the State of Ceará, Brazil which somehow certify the treatment of essentiality ordered on constitutional bases. To this end, a comparison correlation was established with one of the components described by COSO (2013), which is the internal environment, as means to measure this internal control environment. Table 1 presents the classification of the main pieces of evidence found and affected by the executive branch of the State of Ceará in the period from 2012 to 2021, through the association to concepts of the categories that form the “control environment”, according to COSO (2013).
The internal environment is described by COSO (2013) as the environment in which the following categories are found: standards, processes and structures. These categories characterize the existence of an internal control environment. It is observed that, from the concepts of COSO’s internal control environment, there is a correlation of the research findings and the categories adopted by that Methodology. It can then be stated that the management acts performed by the executive branch of Ceará, from 2012 to 2021 reflect a priority in the treatment of internal control in the state, thus demonstrating the essential character propounded by the Constitution of Ceará.
The internal control standards, processes and procedures are defined by the State’s Internal Control Central Body and have a normative and/or guidance character, according to article 41 of Law 13,875 (2007), which provides on the executive branch management model, delegating to the Office of the Controller and Ombudsman the mission of watching over the observance of Public Administration principles, exercising the general coordination, the normative guidance, the technical supervision and the performance of activities inherent to the state’s internal control.
In this control environment in the executive branch of the State of Ceará, examples of structures put into practice are the creation of the internal control agency, the structuring of the auditor’s career, and the expansion of the agency’s functions, with the addition of the Ombudsman and Transparency topics in 2007, through Law no. 13,875 (2007). Table 1 also contemplates as examples of management practices the recent implementation, in 2019, of control advisory offices in 25 state agencies. The implementation of these structures intends to strengthen the execution of public policies, both through the centralized execution by the State Controller’s Office and General Ombudsman’s Office and in a decentralized manner, in state agencies and entities.
It is considered that establishing a constitutional rule with repercussions in the internal control area is not commonplace. We can see that in this study, only the State of Ceará, among the other 26 states of the federation, presented in this device an essential character. These management acts can manifest themselves sometimes as processes, other times as structures, and other as institutions of standards, all of which are commanded by legal rules, with several examples put in practice as shown in Table 1.
In fact, the answer to the question proposed by this article is found when we observe evidence of a practical–legal order that shows a favorable environment treating control as essential in the State of Ceará. One could question the effectiveness of this standardization, arguing that only the establishment of legislation would not guarantee the practice of management. However, public administration is bound by the principle of legality, and nothing can be done except by the virtue of law. When the state issues laws, decrees, and other legal norms, there is an exercise of control (external and internal) over these acts and the implementation of the objects they deal with, including set penalties for noncompliance. Obviously, many things can become a dead letter, but subject to such controls, and even more, considering that law making requires great effort for parliament approval, it can be admitted that internal control legislation already in place in the State of Ceará, alongside its practical developments, does constitute management acts that affirm the essentiality of internal control taken to the constitutional aegis. It is corroborated that the infra-constitutional laws edited already meet the parameter of essentiality of internal control in the state. Moreover, one can affirm that there is practical application of the objects and objectives of legal regulations.
The setting of these standards, processes and control structures, established by the legal species edited in the state, particularly since 2012, is the basis for the decision-making process in the control of the public administration. In fact, public administration must always act under the law – the principle of legality –to ensure the effectiveness of its acts. This means that the Public Administration could not have issued these legal acts, but in this case the control would not have been strengthened.
Thus, from the recognition of the evidence and the correlations with internal environment categories of COSO (2013), it can be inferred that the management acts reported in Table 1 translate into practical measures of concretization of the essentiality of internal control addressed in the constitutional scope of the Ceará State Amendment No. 75 (2012). It can also be inferred that a fruitful environment of promotion of internal control is, currently in the state, operating under constitutional–legal tutelage.
5. Final considerations
As for the central objective of this article, the results presented allow us to infer that the management acts performed by the Public Administration of the State of Ceará, during the period 2012–2021, find resonance in the “control environment” of COSO (2013) and, therefore, indicate the treatment of “essential” ordered on a constitutional basis.
The findings also allow contributions on the theme of control on a constitutional basis, providing the discussion in various branches of scientific knowledge, such as political science and contribute to the public organizations to implement policies with due observance of the issued control mechanisms.
The practical contribution of this work is the influence for the treatment of internal control as essential under the aegis of constitutional mandates within the Brazilian Federation. As done in the State of Ceará, this can be applied with the aim of strengthening public policies and the proper use of public resources. What can be inferred from this study is that laws on internal control can be issued in any sphere of the Brazilian Federation, but what was sought to show through this study is that there is a strong relationship between the legal activism of internal control and the constitutional declaration of its essentiality in the State of Ceará.
As for the limitations of the research, it can be said that the results do not present comments on the merit of the choices of management acts implemented by the executive branch of the State of Ceará. In this aspect, the article opens the way for new research, such as conducting comparative analyses of the results of policies achieved by entities of the Brazilian Federation that have assumed control as essential and those that have not, or even analyzing the efficacy and effectiveness of these acts of control.
Association of management practices taken by the executive branch of the State of Ceará from 2012 - 2021 to elements of the internal environment of COSO (2013)
| 2012-2021 pieces of evidence | Internal environment categories – COSO |
|---|---|
| 2012 – Implementation of the Preventive Internal Control – Complementary Law n. 119 (2012) and its regulating decrees | Standards/Process |
| 2012 – Institution of the State System of Access to Information – Law n. 15,175 (2012) | Standards/Structures |
| 2013 – Alteration of the organizational structure and provisions for new regulations and positions in CGE – Law n. 15,360 (2013) and Decree n. 31,238 (2013) | Standards/Structures |
| 2013 – Creation of 39 liaison positions to work in the Preventive Internal Control System in CGE and in other government agencies – Law 15,360 (2013) | Standards/Structures |
| 2013 – Disclosure of the Risk and Control Matrix of the State Controller’s Office and Ombudsman’s Office – Ordinance CGE n. 003 (2013) | Standards |
| 2013 – Institution of the Code of Ethics and Conduct of the State Public Administration – Decree n. 31,198 (2013) | Standards |
| 2014 – Regulation of the Voluntary Transfers macro-process – Decrees n. 31,406 of (2014) and 31,621 (2014) | Standards/Structures/Processes |
| 2016 – Institution of the first Ethics Commission of the CGE – Ordinance CGE n. 87 (2016) | Standards |
| 2018 – Institution of the integrity program Law n. 16,717 (2018) 2019 – Establishment of the Internal Control and Ombudsman Offices – Ordinance CGE n. 59 (2019) | Standards |
| 2020 – Establishment of the Risk Management Policy – State Decree n. 33,805 (2020) | Standards/Structures |
| 2021 – Regulation of federal law no. 12,846/2013, which provides administrative and civil accountability of legal entities for the practice of acts against the public administration. Decree n. 33,951 (2021) | Processes |
Source(s): Elaborated by the author based on data collected from official sources
References
Alencar, C. O., & Fonseca, A. C. P. D. (2016). Excellence in public management: The contribution of the internal control of the Brazilian Navy. REGE - Revista de Gestão, 23(2), 172–184. doi: 10.1016/j.rege.2016.01.001.
Appolinário, F. (2004). Dicionário de metodologia científica: Um guia para a produção do conhecimento científico. São Paulo, SP: Atlas.
Araújo, D. A., & Nunes, P. R. C. (2017). Class manual no. 02 - The control function in the state executive power. Fortaleza, CE: Escola de Gestão Pública do Estado do Ceará.
Araújo, R. M., Santos, R. C., Araujo, M. A. D., & Dias, T. F. (2017). Internal control in Rio Grande do Norte: A study in the view of municipal controllers. Nucleus, 14(1), 79-94. doi: 10.3738/1982.2278.2143.
Biagini, L. (2016). The university public ombudsman and democratic management. In L. Biagini (Org.), The role of the ombudsman in the university academic context (pp. 4-31). Editora UFPE. Available from: http://www.upe.br/ouvidoria/phocadownload/userupload/publicacoes/o_papel_da_ouvidoria_no_contexto_academico_universitario.pdf
Bonavides, P. (1994). Curso de direito constitucional. São Paulo, SP: Malheiros Editores.
Cambi, E. A. S., & Bertoncini, M. E. S. N. (2016). Citizenship and the fight against corruption: Extrapenal proposals to improve the Brazilian legal system. Conpedi Law Review, 223–244. doi: 10.26668/2448-3931_conpedilawreview/2015.v1i1.3354.
Capovilla, R. A., & Gonçalves, R. S. (2018). Assessing internal control environment through maturity in government organizations. Contextus, 16(2), 146–185. doi: 10.19094/contextus.v16i2.1064.
Capovilla, R. A., Gonçalves, R. S., Dantas, J. A., & Oliveira, A. B. S. (2018). Governmental maturity model of internal control structures. Advances in Scientific and Applied Accounting, 11(2), 267–289. doi: 10.14392/asaa.2018110205.
Comissão Tecnica de Governança (2010). Manual de Controles Internos. 2a, Abrapp. 2a. Edited by ABRAPP. São Paulo: ABRAPP.
Committee of Sponsoring Organizations of The Treadway Commission. (2013). Internal control - integrated framework - executive summary. Available from: https://www.coso.org/Documents/990025P-Executive-Summary-final-may20.pdf
Comparato, B. K. (2016). Public ombudsmen as instruments for strengthening participatory democracy and enhancing citizenship. In R. A. Menezes, & A. S. R. Cardoso (Org.) (Eds.), Brazilian public ombudsmanship : reflections, advances and challenges (pp. 43–53). IPEA. Available from: http://repositorio.ipea.gov.br/handle/11058/9710
Complementary Law n. 101 of May 04, 2000. (2000). Estabelece normas de finanças públicas voltadas para a responsabilidade na gestão fiscal e dá outras providências. Available from: http://www.planalto.gov.br/ccivil_03/leis/lcp/lcp101.htm
Complementary Law n. 119, of December 28, 2012. (2012). Provides for rules for agreements, congeneric instruments, collaboration term, fomentation term and cooperation agreement concluded under mutual cooperation by the organs and entities of the state executive power. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/Lei-Complementar-119_Atualizada-at%C3%A9-LC-155.pdf
Constitutional Amendment No. 75, December 20, 2012. (2012). Amends provisions of the state constitution of Ceará. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/Emenda-Constitucional-n%C2%BA-75-de-20-de-dezembro-de-2012.pdf
Constitution of the Federative Republic of Brazil of October 5, 1988. (1988). Available from: https://www2.senado.leg.br/bdsf/bitstream/handle/id/518231/CF88_Livro_EC91_2016.pdf
Constitution of the State of Ceará, October 5, 1989. (1989). Updated until constitutional amendment No. 94 of December 17, 2018, INESP, 2018. Available from: https://www.al.ce.gov.br/index.php/atividades-legislativas/constituicao-do-estado-do- Ceara
Cortez, L. F. A. (2019). The fight against corruption and administrative law. Cadernos Jurídicos, 47, 165–174. Available from: https://www.tjsp.jus.br/download/EPM/Publicacoes/CadernosJuridicos/47.11.pdf?d=636909377789222583
Cruz, V., Santos, R., & Leone, R. J. G. (2018). Internal control in small family businesses: An application of the COSO II model. Journal of Micro and Small Enterprise, 12(1), 3–17. doi: 10.21714/19-82-25372018v12n1p317.
De La Cruz, L. V., & Delgado, F. M. (2021). Evolución del control interno hacia una gestión integrada al control de gestión. Estudios de La Gestión - Revista Internacional de Administracíon, 10(10), 211–230. doi: 10.32719/25506641.2021.10.10.
Decree n. 31,238, of June 25, 2013. (2013). Amends the organizational structure, approves the regulations and provides for the allocation and denomination of management and advisory positions of the Office of the State Comptroller and Ombudsman (CGE). Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/DECRETO-N%C2%BA-31.238_Estrutura-CGE.pdf
Decree No. 31,198 of April 30, 2013. (2013). Institui o código de ética e conduta da administração pública estadual, e dá outras providências. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/Decreto-N.-31.198-1.pdf
Decree n. 31.406, of January 29, 2014. (2014). Regulamenta as etapas de I a IV do art.3 da lei complementar nº-119, de 28 de dezembro de 2012, que dispõe sobre regras para a transferência de recursos financeiros por meio de convênios e instrumentos congêneres, e dá outras providências.
Decree n. 31.621, of November 07, 2014. (2014). Regulamenta as etapas V e VI do artigo 3 da lei complementar n. 119 de 28 de dezembro de 2012, que dispõe sobre regras para a transferência de recursos financeiros por meio de convênios e instrumentos congêneres, e dá outras providências, Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/Decreto- n%C2%BA-31.621-de-07-de-novembro-de-2014-1.pdf
Decree n. 33.805 of November 09, 2020. (2020). Institui a política de gestão de riscos do poder executivo do estado do Ceará. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2020/11/Decreto-33805-2020-Politica-de-Gestao-de-Riscos-do20201110p01.pdf
Decree n. 33.951 of February 23, 2021. (2021). Regulates, under the state executive power, the federal law n. 12.846 of August 1, 2013, which provides for the administrative and civil accountability of legal entities to practice acts against the public administration and other provisions. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2021/02/do20210224p01-paginas-8-13.pdf
Elsayed, M., & Elshandidy, T. (2021). Advances in accounting internal control effectiveness, textual risk disclosure and their usefulness: U. S. Evidence (Vol. 53, 100531). Elsevier. doi: 10.1016/j.adiac.2021.100531.
Ferreira, A. B. H. (1986). Novo dicionário da língua portuguesa. Rio de Janeiro, RJ: Nova Fronteira Publisher.
Freire, D. A. A., & Batista, P. C. D. S. (2018). Preventive nature of internal control in the public sector. Revista Controle - Doutrina e Artigos, 15(2), 380–413. doi: 10.32586/rcda.v15i2.413.
Gil, A. C. (2008). Como Elaborar Projetos de Pesquisa (4th ed.). São Paulo, SP: Atlas Publishing House.
Law 13.325 of July 14, 2003. (2003). Structures and approves the career and position plan for the internal control audit career, created by §5º of art. 21 of law n. 13.297 of March 07, 2003, and makes other provisions. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do-ceara/organizacao-tematica/trabalho-administracao-e-servico-publico/item/3278-lei-n-13-325-de-14-07-03-d-o-de-15-07-03
Law n. 13.297 of March 07, 2003. (2003). Provides on the management model of the executive branch, alters the structure of the state administration, promotes the extinction and creation of management and superior advisory positions, and makes other provisions. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do-ceara/organizacao-tematica/leis-orcamentaria/item/6229-lei-n-13-297-de-07-03-03-d-o-de-07-03-03
Law n. 13.875 of February 07, 2007. (2007). Provides on the management model of the executive branch, alters the structure of the state administration, promotes the extinction and creation of positions of direction and superior advice, and makes other provisions. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do-ceara/organizacao-tematica/trabalho-administracao-e-servico-publico/item/4932-lei-n-13-875-de-07-02-07-d-o-de-07-02-07-oriundo-do-projeto-de-lei-n-6-877-07-1-executivo
Law n. 14,306, of March 02, 2009. (2009). Alters provisions of Law n. 13.875, of February 7, 2007, and subsequent amendments and makes other provisions. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do-ceara/organizacao-tematica/trabalho-administracao-e-servico-publico/item/4501-lei-n-14-306-de-02-03-09-d-o-de-05-03-09
Law n. 15,175, of June 28, 2012. (2012). Defines specific rules for the implementation of the provisions of federal law n. 12.527, of November 18, 2011, under the public administration of the State of Ceará, and makes other provisions. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do- ceara/organizacao-tematica/trabalho-administracao-e-servico-publico/item/1976-lei-n-15-175-de-28-06-12-d-o-11-07-12
Law n. 15,360, of June 04, 2013. (2013). Amends provisions of Law No. 13.875, of February 7, 2007, which provides for the management model of the Executive Branch. Available from: https://belt.al.ce.gov.br/index.php/legislacao-do-ceara/organizacao-tematica/trabalho-administracao-e-servico-publico/item/3466-lei-n-15-360-de-04-06-13-d-o-10-06-13
Law No. 16.717, of December 21, 2018. (2018). Establishes the integrity program of the executive branch. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2019/01/LEI-N%C2%BA16.717-21-de-dezembro-de-2018.pdf
Lei n. 4.320, de 17 de março de 1964. (1964). Estatui Normas Gerais de Direito Financeiro para elaboração e controle dos orçamentos e balanços da União, dos Estados, dos Municípios e do Distrito Federal. Available from: http://www.planalto.gov.br/ccivil_03/Leis/L4320.htm
Lima, J. M., Reis, P., Alvarenga, F. O., & Campos, D. F. (2015). The performance of the controller in organizations: A comparative case study between medium and small business. Anais do XII SEGeT - Simpósio de Excelência em Gestão e Tecnologia, 1–15. Available from: https://www.aedb.br/seget/arquivos/artigos15/35522560.pdf
Machado, C. M. (2015). The importance of the precepts of corporate governance and internal control on the evolution and internationalization of accounting and auditing standards. Available from: http://www.crcrs.org.br/arquivos/livros/livro_governanca_corporativa2.pdf
Marçola, C. (2011). Auditoria interna como instrumento de controle social na administração pública. Revista Do Serviço Público, 62(01), 75–87. Available from: https://revista.enap.gov.br/index.php/RSP/article/view/62
Meireles, H. L. (2000). Direito administrativo brasileiro. São Paulo: Malheiros Editores.
Menezes, A. H. N., Duarte, F. R., Carvalho, L. O. R., & Souza, T. E. S. (2019). Scientific methodology theory and application in distance education. Petrolina, Pernambuco: Universidade Federal Do Vale Do São Francisco.
Montenegro, M., Oliveira, L. C. A. M., & Lopes, M. S. (2017). The adequacy of internal control in the Aeronautics Command: An endogenous perception. Géstion Pública, 28(68), 51–66. doi: 10.15446/innovar.v28n68.70471.
Moreira, M. A., Dias, A. G. S., & Souza, P. M. De. (2017). Internal control as a public management tool. Journal of Accounting Information, 11(4), 39–53. doi: 10.34629/ric.v11i4.39-53.
Nunes, P. R. C., Lima, A. O., & Oliveira, M. C. (2012). Evidências de Práticas de Governança em Sociedades de Economia Mista da Administração Pública do Estado do Ceará. Anais do EnANPAD - Encontro Anual da Associação Nacional dos Programas de Pós-Graduação em Administração, 1–16. Available from: http://www.anpad.org.br/admin/pdf/2012_APB1137.pdf
Oliveira, F. H., & Higashi, R. (2018). The Logistics Controller: The contribution of a logistics specialized pBatistrofessional. Independent Journal of Management & Production (IJM&P), 9(5), 680–698. doi: 10.14807/ijmp.v9i5.807.
Ordinance CGE n. 003, of January 22, 2013. (2013). Divulga matriz de risco e controle da Controladoria e Ouvidoria Geral do Estado e dá outras providências. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/Portaria-003-2013.pdf
Ordinance CGE n. 59, April 30, 2019. (2019). Establishes the attributions regarding the internal control and ombudsman’s office. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2019/05/Portaria-n%C2%BA-59-2019-pages-6-7.pdf
Ordinance n. 087, of April 08, 2016. (2016). Establishes the sectorial commission of public ethics of the comptroller and ombudsman general of the state. Available from: https://www.cge.ce.gov.br/wp-content/uploads/sites/20/2018/04/PORTARIA-N%C2%BA-0872016-14-DE-ABRIL-DE-2016.pdf
Pangaribuan, H., Donni, R. W. P., Popoola, O. M. J., & Sihombing, J. (2019). Exploring disclosures of internal control as the impact of earnings quality and audit committee. 3–22. doi: 10.52962/ipjaf.2019.3.1.61.
Prodanov, C. C., & Freitas, E. C. (2013). Metodologia do trabalho científico: Métodos e técnicas da pesquisa e do trabalho acadêmico. Feevale. doi: 10.1017/CBO9781107415324.004.
Proposal for Constitutional Amendment n. 45 of October 6, 2009. (2009). Proposal to add item XXIII to article 37 of the Federal Constitution, stating on the activities of the internal control system. Archived December 21, 2018. Available from: https://www25.senado.leg.br/web/atividade/materias/-/materia/93534
Rubens, C., & Gouveia, L. B. (2020). O papel das controladorias na transparência das informações: Seu contexto e atuação dentro do poder público. Revista Controle - Doutrina e Artigos, 18(1), 170–195. doi: 10.32586/rcda.v18i1.561.
Santos, E. F., & Pereira, A. (2019). Internal control deficiencies: An analysis by rational choices. RIC - Journal of Accounting Information, 13(4), 61–82. Available from: https://www.proquest.com/docview/2509669505/998C5657953F4FEBPQ/5
Silva, J. I. A. O., & Oliveira, T. F. S. D. E. (2020). Ombudsmanship and public management: A necessary relationship. Holos, 5(36), 1–32. doi: 10.15628/holos.2020.8459.
Silva, A. H. C., Abreu, C. L., & Couto, D. C. de F. (2017). Evolution of internal control in the public sector: A study of new regulations issued between 2003-2016. Revista de Contabilidade do Mestrado em Ciências Contábeis da UERJ (Online), 22(2), 20–38. Available from: https://www.e- publicacoes.uerj.br/index.php/rcmccuerj/article/view/32362
Silva, R. M. P., Gonçalves, A. O., Santos, A. C., & Pirkiel, E. C. (2018). Social control: The performance of municipal councils in the Northeast region. Management and Regionality, 34(101), 74–90. doi: 10.13037/gr.vol34n101.4067.
Further reading
Batista, D. A., & Oliveira, E. B. (2019). Archival auditing: A proposal for requirements. Information and Society, 29(1), 159–180. doi: 10.22478/ufpb.1809-4783.2019v29n1.44006.
Pietro, M. S. Z. (2007). Direito administrativo. Paulo, SP: Atlas São.
Velásquez Rueda, M. del R. (2019). Auditoría interna como herramienta pedagógica para las organizaciones. Signos - Investigación en Sistemas de gestión, 11(1), 145–160. doi: 10.15332/s2145-1389.2019.0001.09.