Internal Control System




The activities carried out within Internal Control Department have been given below.

                Internal Control System Report has been completed in June, 2011 and the revision studies have been completed in 2014. The revision studies are continued.



1-Within the existing state evaluation, the survey study have been completed under the following topics and the existing state has been determined.

                * Identification of Productivity Affairs,

                * Performance Analysis in Organizational and Executive Processes,

                * Performance Analysis of Unit-Department Efficiency,

                * Ethic Evaluation,

                * Internal Control Reliability Analysis,

                * Internal Stakeholder Satisfaction Analysis,

                * Employees' Satisfaction,

                * Information Systems Needs Analysis

2- Ethic rules have been determined intended for;


                * Activities

                * Administration.

3- Task analysis has been completed and task analysis reclamation open areas have been constituted.

4- Core processes have been determined and classified in three groups.

                * Administration processes,

                * Operational processes,

                * Support processes.

5- After the determination of core processes, processes of each core process, sub processes of the processes and process steps of the sub processes have been determined and process hierarchy tables of each core process have been prepared.

6- Critical control points of each core process have been determined.

7- Core process definition form of each process has been prepared.

8- Work flow and organization charts;

                *Institute organizational chart has been designed.

                * "Organization Charts" of working titles have been designed on the base of the core processes or the processes.

                * Flow process diagrams have been particularly designed for each core process.

9- Determination of common duties and responsibilities,

                Common duties have been determined and common duties, responsibilities and authorizations have been determined for administrators, department heads, technical staff, executives of the stations, executives of the units and support staff.


10- Job descriptions for each working title in organization chart have been determined and the detailed information and the affairs in the task analysis have been prepared in substance and respectively.

11- As part of the regulations about the competence, "Subsidiarity Form" which includes all the details and the explanations of the subsidiarity according to the importance of the decisions and risk has been generated in order to identify the responsibilities and jurisdictions clearly and distribute the tasks in this context.

12- Critical tasks have been determined.

                *Directorship Process

                * Coordinatorship Process

                * Project Preparation and Management Process

                * Laboratory Process

                * Purchasing Process

                * Revolving Funds Process

                * Accounting Services Process



                It consists of the stages of;

1-Determination of the Risks

2-Evaluation of the Risks,

3-Management of the Risks.


Determination of the Risks

1-Reclamation open areas have been generated as a result of the questionnaires.

2- Variance analysis tables (analysis of the difference between the existing state and the ordinary state) have been generated.

3- Baseline Risk Lists have been determined as 35 items under these topics.


                * Performance Management and Motivation

                * Communication and Coordination

                * In-service Training

                * Staff Structure

                * Operating Environment Conditions

                * Organizational Structure and Administration

                * Information Technologies

Evaluation of the Risks

1- Risk evaluation table has been prepared by the determined baseline risks.

                *Probability of occurrence of the risk

                * The effect of the risk in case of the actualization

                *Determination of the defect in case of the occurrence of the risk.

2- Significance levels of the risks, according to the risk score which is calculated by the multiplication of the probability of the occurrence of the risk and the influence score, have been indicated in "Risk Grading Matrix Table" by registering the risk numbers

3- "Critical Risk Areas Evaluation Table" has been prepared.

                The effects of the risks on critical achievement factors (Internal/Foreign Customer Satisfaction, Service Cost, Actualization Period of the Task, Process Influence Severity, Employee Satisfaction) have been determined. 

4- The risks have been classified and the related areas of the risks (administration and operational, strategic, information technologies, monitoring and reporting) have been determined.

5- Risk profile tables have been prepared.

6- Risk capacity estimating table has been prepared and structural and residual risks have been determined.

7- Response tables of the risks have been prepared. The responses of the risks [risk transfer (division), acknowledgement of the risk (bearing), reduction of the risk (improvement), elimination of the risk (avoidance)] have been determined and the actualization areas related with responses have been determined.

8- Risk Action Plan Tables have been prepared under these topics.

                *Preparation of "Corporate and Individual Performance Systems

                * Information Technologies Applications



In this context; the following tables have been prepared/revised over.

1-Training-experience table

2- Task inventory table

3-Deputation form,

4-Delegation report form,

5-Internal mobility analysis table,

6-Annual and excuse leave form.



In this context; the following tables have been prepared/revised over.

1-Registration, Filing, Documents and Archive System has been analyzed.

2- Declaration Methods of Inaccuracy, Irregularity and Corruptions have been standardized.

                *Inaccuracy declaration form,

                * Complaint form,

                * Record form


                Monitoring activities have been performed in order to evaluate the quality of Internal Control System. In this context; the following tables have been prepared/revised over.

                *Corrective/Preventive activity form,

                * Employee suggestion form,

                * Internal Control System monitoring form


                The system has been constituted and Adjustment Action Plan is sent to Strategy Development Presidency by indicating whether the existing state provides assurance to Adjustment Action Plans or not and in case of providing, the action/activity which provides the assurance. ​