**3. Internal control as an element of the risk management process**

Risk management is one of the basic elements (processes) of managing a unit. Its primary aim is to increase the probability of achieving goals. In order to manage risk successfully, one should establish and adopt objectives which are to be achieved in a particular time and specific objectives of particular organizational departments. Defining objectives allows for identification of risk which can endanger the achievement of goals. In the process of risk management, it is important to take measures to reduce risk to an acceptable level. Risk management undertaken by the management of a unit is a continuous process. To emphasize the importance of risk management, three standards of financial control announced in a communication from the Minister of Finance in January 2003 [14] were introduced:


Effective risk management is one of the elements of effective management of a public administration unit [15]. The Act on public finance has been in force as of 1 January 2010, with the exception of regulations concerning the obligation to plan and implement budgets in a task-based manner, which are effective as of 1 January 2012 [16]. One of the significant changes with respect to the previous Act of 30 June 2005 is the implementation of regulations concerning internal control and its coordination in units from the public finance sector and local government units. Pursuant to the Act on public finance (Article 68), internal control is a set of measures taken

in order to guarantee achievement of objectives and completion of tasks in a legal, effective, economical and timely manner. The aim of such control is to ensure:


Standards of internal control drawn up by the Minister of Finance and currently subject to consultation constitute an attempt to arrange this type of control. It has been primarily emphasized that it is necessary to organize such control at two levels [17]. The basic level of internal control is a unit from the public finance sector (first level of internal control). It is the head of the unit who is responsible for the functioning of internal control. There should be internal control in government and self-government administration at the level of a government administration department as a whole (second level of internal control). Mayors of villages, towns and cities, province governors or marshals are responsible for the functioning of internal control at this level [18]. There is a project on standards of internal control which includes five areas:


**63**

*Risk Assessment Methodology in Public Financial Institutions*

Risk management is an implemented system of procedures and rules, which is used to identify, analyse, assess and monitor risk. It allows not only to reduce risk but also to take advantages of any opportunities that may appear [19]. A correct system is supposed to improve results in the future and support decision-making on an ongoing basis. Therefore, it should comprise a planned, logical, comprehensive and documented strategy [20]. Such strategy includes instructions, plans and procedures which will function in everyday work of a particular office or its organizational units in order to manage risk. In local government units, risk can be considered in the following areas: finance (e.g. income from tax on real estate is lower than expected), human resources (e.g. mistakes made by employees when making various decisions), IT (e.g. faulty software) and other areas which influence the risk of failure to achieve established objectives and results. Therefore, risk management in local government units should be subject to a strictly defined

1.Establishing objectives and understanding the context of a particular field

• Acceptance of risk (resulting from the fact that costs of prevention exceed potential losses related to the occurrence of a particular phenomenon)

• Transfer of risk (e.g. taking out insurance policies, relying on guarantees of

Governments and public services in European Union (EU) countries often make available information on the nature and scope of investment in risk management because stakeholders want to be sure that risk is adequately supervised and resources are adequately protected [21]. If Poland wants to be perceived as a country where investments pay off, it should implement a risk management system which will meet relevant standards established by the European Commission. In the administrative system, senior management is responsible for risk management

• Counteracting risk (creating and implementing action plans)

*DOI: http://dx.doi.org/10.5772/intechopen.91152*

**4. Risk management in the public sector**

process which comprises the following elements:

• Probability of the occurrence of risk

4.Estimating and prioritizing risk (high and low risk)

5.Assessing risk (whether it is acceptable or not)

• Withdrawing from certain activities

correct performance of contracts)

whose objectives are the following [22]:

• Efficient, economical and effective use of resources

• Achievement of goals

• Protection of assets

• Consequences of certain events

6.Methods of dealing with risk:

2.Identifying risk

3.Analysing risk:
