Turkish Court of Accounts Updates its Risk Management Process

The Turkish Court of Accounts (TCA), the country’s Supreme Audit Institution (SAI), is finalizing an update to its Enterprise Risk Management (ERM) process, which will enable it to carry out its activities more efficiently and effectively.

This update aligns with the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) “Internal Control – Integrated Framework,” which COSO updated in 2013, and with COSO’s new “Enterprise Risk Management – Integrated Framework.” COSO issued its updated ERM framework in 2017 to help organizations improve their approach to managing risk in an evolving business environment.

A committee appointed by TCA’s management has been working for two years to restructure the SAI’s ERM process, which TCA originally established in accordance with COSO’s principles and with a 2005 law on Public Financial Management and Control and subsequent regulations. The committee is also working to develop risk management implementation guidelines and renew the risk inventory.

Over the last two years, TCA has held 19 workshops, several interviews, and numerous meetings, which enabled nearly 400 employees to provide input into the update. The committee has almost completed its assignment; in May 2021, it submitted the new risk inventory and draft risk management implementation guidelines to management. According to the new guidelines, the risk management process consists of eight steps (see figure).

SAI Turkey ERM process

These guidelines highlight the importance of considering risks when both setting strategy and conducting day-to-day operations. Their biggest innovation is the integration of principles from COSO’s updated internal control and ERM frameworks regarding risk identification and analysis, and implementation of controls in all business processes.

After publishing the new guidelines and assessing the results of its updated risk management process and risk inventory, TCA plans to take further steps to update its internal control and ERM systems to ensure all components align with the principles of COSO’s
frameworks.

Back To Top