The standard internal control model, known as MECI, implemented at the University of La Guajira, is a comprehensive system designed to strengthen management and administration in the institution. This model is based on a set of principles, rules and processes that seek to ensure efficiency, effectiveness and transparency in all university operations.
Modelo estándar de Control Interno – MECI
The new structure of the MECI is defined through the seventh dimension of the Integrated Planning and Management Model MIPG, which seeks alignment with good control practices, which is why its structure is based on five components, namely:
- control environment.
- risk management.
- control activities.
- information and communication.
- monitoring activities.
This structure is accompanied by a scheme for assigning responsibilities and roles for risk management and control, which is distributed among various employees of the entity, and is not the exclusive task of the internal control offices:
Strategic line, The company's senior management and the management team.
First Line, The company's public managers and process leaders are also part of this group.
Second Line, The committee is made up of officers responsible for monitoring and evaluating controls and risk management (heads of planning, supervisors and auditors of contracts or projects, risk committees where they exist, contracting committee, among others).
Third Line, The Internal Control Office.
Internal control system
The Internal Control System is integrated into the Integrated Planning and Management Model, through the MECI, as one of the 7 dimensions of the MIPG, becoming the fundamental factor to reasonably guarantee compliance with institutional objectives.
Components
Control environment, To have the minimum conditions for the exercise of internal control. This is achieved with the commitment, leadership and guidelines of senior management and the Institutional Internal Control Coordination Committee.
Risk management, This exercise is carried out under the leadership of the management team and all of the entity's employees, and makes it possible to identify, evaluate and manage potential events, both internal and external, that may affect the achievement of institutional objectives.
Control activities, Implementation of controls, i.e., mechanisms to treat risks, as follows:
- Determine actions that contribute to mitigate risks.
- Define controls on TIC.
- Implementar políticas de operación mediante procedimientos u otros mecanismos que den cuenta de su aplicación en materia de control.
Information and communication, It is verified that the policies, guidelines and mechanisms for obtaining, capturing, processing and generating data within and in the environment of each entity meet the need to disclose the results, to show improvements in administrative management and to ensure that the information and communication of the entity and of each process is adequate to the specific needs of the value groups and stakeholders.
Monitoring activities, Generation of periodic evaluations (self-evaluation, audits), and its purpose is to assess:
- The effectiveness of the public entity's internal control.
- The efficiency, efficacy and effectiveness of the processes.
- The level of execution of plans, programs and projects.
Management results, with the purpose of detecting deviations, establishing trends, and generating recommendations to guide the improvement actions of the public entity.