avedos risk2value icon control türkis

Internal Control System

Controls help organizations keep performance or a state of affairs within a range that is expected, allowed or accepted. Controls within a process are internal in nature and based on a combination of components – ranging from the social environment affecting employee behavior to guidelines, methods and other essential information. The internal control structure outlines which of these various components are included in the control. This plan guarantees the company’s efforts to uphold compliance with guidelines, processes and authorization limits.


Internal controls can also include other areas such as intercompany controls in financial reporting, IT controls, compliance controls, and export controls and customs (ECC).  Since these areas are very unique, they are individually designed to fit their specific purpose. The approach for each of these disciplines, however, is the same:

Identify risks

Identify potential errors in the business process.

Choose suitable controls

Define controls to avoid risks.

Anchor controls in the process

Inform about the process and control through active communication.

Document actions

Create audit-proof verification of all executed controls.

Validate controls

Ensure that controls are upheld.

Check effectiveness

Test the design and operational effectiveness on a regular basis.


  • Finding the right balance between globally binding rules and comparable levels of control by improving processes in smaller legal entities with too many complex requirements.
  • Assigning and allocating sufficient resources across the organization.
  • Respecting the segregation of duties in smaller organizations where only one employee is responsible for completing multiple tasks in a critical process.
  • Meeting managements' expectations while keeping the involvement of the 1st line at a reasonable level.
  • Ensuring that their framework is consistently applied in all affiliated entities regardless of their size and unique culture.
  • Developing the maturity level of internal controls without losing the 1st line or management.
  • Establishing ICS as a business enabler rather than a necessary burden.

Our solution with risk2value

IKS mit risk2value grafische Darstellung
  • Find all information on all controls in one system (i.e. single point of truth).
  • Eliminate potential problems with controls by managing their weak spots centrally and monitoring their progress.
  • Integrate all control owners efficiently in a workflow-driven process.
  • Define generic, central control objectives (i.e. key controls) and adapt them locally (e.g. through modifications or more detail).
  • Map company-level controls through questionnaires that can be individually modified by business users and sent ad hoc with different inquiries at any time to the various business classes.
  • Combine various assessment approaches across different companies or business units.
  • Manage and distribute year-end controls automatically when the testing phase begins.
  • Submit controls with resolved issues for immediate retesting.
EnBW Logo blau gelb

EnBW - Integrated risk management and internal control system

Browse our webinars, podcast episodes,
blog posts and more.

A small selection of our ICS customers

These companies trust our expertise.

Romana Hanig avedos Mitarbeiter

Any questions?
We’d be happy to assist!

Romana Hanig