Risk Management—How Important in Internal Control Process? Risk Management and Other Internal Control Components in the SME Sector: Qualitative Analysis

Olga V. Missioura 
(Nyenrode Business University, The Netherlands)

Abstract: Internal control, according to the COSO Internal Control—Integrated Framework (1992, 2013) consists of five components: financial control activities, risk management, internal environment, information and communication and monitoring. The main focus in internal control issues in the last time concentrate on risk management, but the practice shows that the organizations, especially SME’s focused on other internal control issues. Within small and medium-sized enterprise practice in the Netherlands, internal control components are viewed differently by practising accountants than by researchers involved with these subjects and the related research:
• researchers attach far more importance to the role of risk management in the control process,
• in the opinion of practising accountants—there are other aspects play a more important role: the financing control activities and the culture (as part of control environment) within the organisation, in particular small and medium-sized enterprise practice.

This paper contains an exploratory study, consisting of qualitative in-depth interviews with nine researchers and nine accountants. The study is based on a qualitative matrix method and a visual assessment of the inter-rater reliability (the degree of agreement among raters) concerning the thematic definition of the term Internal Control.

Key words: risk management; internal control; financial control activities; COSO 1992/2013

JEL code: M400