Internal control under the approach of COSO ERM framework components: a study in a higher education institution

Purpose: The present work aimed to investigate the perception of managers in a State Higher Education Institution regarding the alignment of the institutional internal control system with international standards, as proposed by COSO in the document Enterprise Risk Management Integrated Framework. Methodology: To this end, 40 questionnaires were applied to the institution's civil servants to investigate the internal control system. The methodological procedure used in this research was a exploratory approach and, according to this approach, the research can be considered as qualitative and quantitative; as for its typology, a case study was chosen. For this research, data were collected using structured interviews conducted through the application of an elaborated questionnaire and the statistical analyzes were operationalized through the Mann Whitney U and the Kruskal-Wallis tests. Based on the bibliographic survey, 35 competencies related to the components of COSO ERM were listed. Results: The results obtained in the analyzes presented significant evidence on the presence of mimetic isomorphism among the public servants analyzed, since a few out of the 35 skills analyzed showed statistically significant differences. By the results, it was possible to understand the general alignment level of UEPB's internal control system with the aspects recommended by COSO. Taking as reference the framework studied as an interconnected structure, where each of the risk management components represents actions necessary for attaining the organizational objectives. Contributions of the Study: The research results contribute to the literature, consolidating risk management practices in the public sector and verifying the profile of agents in terms of their perception of risk management practices, allowing managers to have an operational view of the results found, leading to to improvements in risk management.