Organizational management of risky companies in the context of the perspective advancement of the system and resource security of the Ministry of Defence of Ukraine

The article arouses interest among managers and scientists who deal with the problems of internal control and risk management. The study is aimed at managers who require clarification of the nature of risk-based internal control. The regulation of the system of state internal financial control. The prerequisites for its formation are analyzed and the main elements are characterized. The article reveals the tendencies and vector of development of internal control and risk management in the Ministry of Defense of Ukraine and the Armed Forces of Ukraine in the context of the implementation of the tasks assigned to the Ministry of Defense and the Armed Forces of Ukraine. The main attention in the article is paid to the analysis of the guiding documents regulating the issues of internal control and risk management and their relationship with the documents of defense planning. A retrospective review of the development of riskoriented internal control was carried out. The research used methods of analysis, synthesis, and systems approach. The number of normative legal acts and other documents have been determined that directly regulate the issues of internal control. The main national standards of risk management have been determined, the publication of which has become an essential step in the development of risk management. The elements of the internal control system are revealed and their brief description is provided. A certain algorithm and procedure for the development of organizational documents on internal control issues in the institution.


Introduction
Today, risk management is being introduced in the Ministry of Defense of Ukraine and the Armed Forces of Ukraine as an element of the organization's internal control. The establishment of the institution of risk management is primarily due to both the implementation of state programs for reforming the defense department and the use of modern approaches to management activities (Pro zatverdzhennya; Pro skhvalennya Stratehiyi; Pro zatverdzhennya formy; Doktryna "Upravlinnya oboronnymy resursamy"). * Corresponding author: PhD, Senior lector of Department of financial support, e-mail: aloishyn@gmail.com, ORCID: 0000-0003-2769-9336 At the same time, the approaches to internal control and risk management available in Ukraine are based to a large extent on borrowing tools and approaches defined in international and national standards of other countries.
The driving force in the implementation of the establishment of internal control and risk management can be: 1) Popularization of risk-oriented internal control; 2) Communicating the benefits of risk-based internal control to managers at all levels; ISSN 2534-9228 (2020) VUZF review, 5(4) 3) Development and implementation of a risk-oriented internal control system with mandatory consideration of national specifics.
Unfortunately, this question remains open.
To accomplish this task, it is necessary to analyze the procedure for exercising internal control in the system of the defense department.
The purpose of the article is to analyze the implementation of internal control in the system of the Ministry of Defense of Ukraine as a tool for preventing ineffective managerial decisions in the field of defense resources management.

Material and methods
The following methods of theoretical and empirical research were used in the research, namely: comparison, analysis, synthesis, induction, deduction, system approach.
To ensure the achievement of the purpose of the article, it is proposed to decompose the purpose of scientific research and partially: 1) Analyze the content of the state internal financial control; 2) analyze the documents regulating the implementation of internal control in the system of the Ministry of Defense and the Armed Forces of Ukraine; 3) To analyze the relationship of risk management with the defense planning process based on the capabilities in the system of the Ministry of Defense and the Armed Forces of Ukraine.
4) Highlight the main features of internal control and risk management.

Results and discussion
Analysis of recent studies and publications indicates that significant attention has been paid to the issue of risk-oriented internal control. Such scientists and managers as: A. Loyshyn First of all, the new system of internal control does not cancel the existing mechanisms and methods of control, but only supplements it with a modern instrument called risk management. This allows you to prevent events that may affect the achievement of goals (certain abilities) and rationally use limited resources, and not react to events that have already occurred and have negative consequences for the activities of a budget institution.
Thus, building a modern and efficient public administration is a key condition for joining the European Union.
For a logical presentation of information, one should dwell on the national approach to the regulation of the subject matter.
A high-quality and perfect management system helps budget-funded institutions to achieve their goals. The concept of state internal financial control makes it possible to apply those management mechanisms that will ensure compliance with the legality and efficiency of the use of budget funds and resources to achieve results in accordance with the established goal, objectives, plans and requirements for the activities of the relevant institution.
State internal financial control, including internal control, should be applied throughout the public sector and used both to manage budgetary and European funds, and to form a more efficient and publicly accountable public administration system that works in the public ISSN 2534-9228 (2020) VUZF review, 5(4) interest, ensures sustainable development of the country and provides quality services.
Internal control needs to be understood and viewed in the context of the characteristics specific to each institution, for example: 1) Goal (mission) and tasks; 2) Focusing on achieving certain goals; 3) The use of state resources; 4) The importance of the budgeting process; 5) The specifics of the business process (which requires a balance between legality, honesty and transparency and modern management values such as efficiency and effectiveness) 6) The boundaries of their accountability. Each manager, taking into account the specifics of the activity, is obliged to select and implement the necessary mechanisms, use the appropriate tools and methods directly aimed at the high-quality performance of the institution's tasks in order to achieve its goals and objectives, taking into account the principles of legality, economy, efficiency, effectiveness, transparency and rationality.
In fact, state internal financial control is a set of measures aimed at ensuring in the activities of the manager of budget funds economical, efficient, effective, targeted, legal and transparent management of budget funds by the organization and implementation of internal control, internal audit and activities to harmonize them.
The purpose of the state internal financial control is to strengthen managerial responsibility for the effective management of resources in accordance with the tasks of the manager of budgetary funds on the basis of the principles of good governance, ensured by the implementation of the financial management and control system and the activities of internal audit.
According to the concept of state internal financial control, responsibility for all aspects of internal control rests with managers, who are held accountable for how the internal control system contributes to the efficiency of public services. The established internal audit units of the budgetary funds manager are subordinate and accountable to the head, are responsible for assessing the effectiveness and efficiency of the internal control system, as well as providing recommendations for its improvement, but the responsibility for its implementation remains with the management of the relevant institution.
In the conditions of a properly functioning of the state internal financial control, the heads of independent structural units should have more freedom and flexibility regarding the ways to achieve goals, but such managerial freedom should be balanced with the level of their responsibility and accountability for achieving goals.
INTOSAI Guidelines for Internal Control in the Public Sector and the EC The Institute of Internal Auditors The system of state internal financial control in Ukraine is built taking into account the main international standards of state internal control, namely: 1) INTOSAI Guidelines for Internal Control in the Public Sector and the EC; 2) Memorandum IIA (The Institute of Internal Auditors).
Modern state internal financial control is a combination of three interrelated elements: 1) internal control (managerial accountability -financial management and control); 2) functionally independent internal audit; 3) central division of harmonization. Internal control is seen as a combination of financial management and control with an independent internal audit function. The responsibility of each manager is to create and maintain adequate internal control systems for the implementation of tasks, setting goals, planning activities, budgeting, accounting, control, reporting, documentation and monitoring.
Leading financial management and control systems are based on managerial responsibility, which provides for a balanced configuration of accountability and responsibility arrangements, delegation of decision-making authority, and a ISSN 2534-9228 (2020) VUZF review, 5(4) level of executive autonomy in using the resources necessary to achieve expected results.
Leaders at all levels must be held accountable for their performance -not only for implementation policies, but also for financial management and control policies. Each manager is responsible for the formation and implementation of proper financial management and control systems for the implementation of assigned tasks, setting goals, planning activities, budgeting, accounting, control, reporting, documentation and monitoring. Support to heads of institutions for objective assessment of existing financial management and control systems is provided through the internal audit function. The role of internal audit is the assessment of the financial management and control system, organized by the head, identifying imperfections / deviations of the relevant system, providing recommendations for its improvement.
One of the basic principles of state internal financial control is a clear distinction between internal control and internal audit. Internal audit should determine how internal control is carried out. That is, internal control is a set of measures that the manager applies to ensure compliance with the legality and efficiency of the use of budget funds, the achievement of results in accordance with the established goal, objectives, plans and requirements for the activities of the manager of budget funds and his subordinate institutions, not limited only to financial aspects of activities of the institution.
In accordance with Article 26 of the Budget Code of Ukraine, internal audit is the activities of the internal audit unit in an institution aimed at improving the management system, preventing the facts of illegal, ineffective and ineffective use of budget funds, errors or other shortcomings in the activities of the manager of budgetary funds and its subordinate institutions, improvement of internal control (Byudzhetniy kodeks Ukraí̈ni).
As of now, the internal control system in the Ministry of Defense of Ukraine is regulated in accordance with the order of the Ministry of Defense of Ukraine dated April 4, 2019 No. 145 "On approval of the procedure for organizing internal control and risk management in the system of the Ministry of Defense of Ukraine", which entered into force on July 1 Of 2019 (Nakaz Ministerstva oborony Ukrayiny).
This Thus, considering the issue of terminology, goals and areas of activity for internal control, it is necessary to determine the range of normative legal acts that directly regulate the organization and functioning of internal control both at the national and departmental levels, in accordance with which the table has been drawn up (Table 1).
Further, it is proposed to consider the content and objectives of internal control in the system of the Ministry of Defense of Ukraine and the Armed Forces of Ukraine.
So, according to Article 26 of the Budget Code of Ukraine, internal control is a set of measures that is used by the head to ensure compliance with the legality and efficiency of the use of budget funds, the achievement of results in accordance with the established goal, objectives, plans and requirements for the activities of a budgetary institution and its subordinate institutions.
If we analyze modern foreign approaches to risk management, then we can highlight the following documents, which, in their content, give an idea of the successful construction of a risk management model in an organization (enterprise) and the ability to conduct the correct risk management policy (Table 2):  The procedure for internal control and risk management of economic entities is determined using the national standards of the series ISO 9000 "Quality Management Systems" and ISO 31000 "Risk Management" Internal control standards Codification of generally accepted principles, which are the basis for the formation of common approaches to the organization and implementation of internal control. The standards serve as a framework document and define the main values of internal control in the Ministry of Defense of Ukraine and the Armed Forces of Ukraine 1) compliance with laws, other regulatory legal acts, regulations, rules and procedures established by the Ministry of Defense and the Armed Forces; 2) ensuring that certain tasks are performed in the most efficient, most and cost-effective way; 3) ensuring the optimal use of resources and preserving them from loss, damage, illegal or ineffective use; 4) prevention of potential events that negatively affect the achievement of goals and the development of abilities; 5) timely use of opportunities created by circumstances to improve processes and development of abilities; 6) ensuring the reliability and timeliness of financial, statistical and management reporting and other information that is used to make management decisions.
During the formulation of the purpose and content of internal control, capability-based defense planning plays a special role. We can say that the stages of planning the development of each abilities and the stages of implementation of internal control and risk management are conceptually identical. In the course of achieving the goals for the implementation of internal control, considerable attention was focused on the synchronization of the ideology of internal  To understand the functioning of the internal control system, the principles of its functioning and elements should be disclosed.
In 1) continuity -policies, rules and measures aimed at achieving a specific goal (mission), strategic and other goals, objectives, plans and requirements for the institution's activities, minimizing the impact of risks. It is used constantly for timely response to changes in the ISSN 2534-9228 (2020) VUZF review, 5(4) activities of the institution; 2) objectivity -making management decisions based on complete and reliable information based on documentary and factual data and excludes the influence of subjective factors; 3) delegation of authority -distribution of powers and a clear definition of the responsibilities of the management and personnel of the institution, granting them the appropriate rights and resources necessary for the performance of official duties 4) responsibility -the management and staff of the institution are responsible for their decisions, actions and tasks within the framework of official duties; 5) preventive measures -timely implementation of control measures to prevent the occurrence of deviations from the established norms; 6) differentiation of internal control and internal audit -internal audit is carried out to assess the functioning of the internal control system, provide recommendations for its improvement without directly implementing measures for organizing internal control, risk management and making managerial decisions on the management of financial and other resources; 7) openness -the introduction of feedback mechanisms and ensuring the necessary degree of transparency when assessing the internal control system. The internal control system in the institution consists of the following elements: 1) internal environment -processes, operations, regulations, structures and distribution of powers for their implementation, rules and principles of human resource management, aimed at ensuring the implementation of the institution's tasks and functions and achieving goals (missions), strategic and other goals, plans and requirements establish.
2) risk management -the activities of management and employees of the institution to identify risks, conduct their assessment, identify ways to respond to identified and assessed risks, review identified and assessed risks to identify new and those that have changed; 3) control measures -a set of management actions implemented in the institution, which are carried out by the management and employees of the institution to influence the risks to achieve the institution's goals (objectives), strategic and other goals, objectives, plans and requirements for the institution; 4) information and communication (information and communication exchange)creation of information, its collection, documentation, analysis, transfer of information and its use by the management and employees of the institution to perform and evaluate the results of tasks and functions; 5) monitoring -tracking the state of the organization and functioning of the internal control system as a whole and / or its individual elements.
The elements of internal control are interconnected; apply to all activities and financial and non-financial processes in the institution.
The head of the institution ensures the proper functioning and communication of all elements of internal control. The elements of internal control are interconnected; apply to all activities and financial and non-financial processes of the institution.
The head of the institution ensures the proper functioning and communication of all elements of internal control.
Powers of managers and staff on internal control and risk management. In accordance with the requirements of the order of the Ministry of Defense of Ukraine dated April 4, 2019 № 145 "On approval of the organization of internal control and risk management in the system of the Ministry of Defense of Ukraine" defined the following powers of managers and personnel on internal control and risk management: The Minister of Defense of Ukraine organizes The Chief of the General Staff of the Armed Forces of Ukraine organizes internal control and risk management in the General Staff of the Armed Forces of Ukraine; The Chief Inspector of the Ministry of Defense of Ukraine coordinates risk management in the Ministry of Defense and assesses the state of organization and quality of the internal control system as a whole and / or its individual elements during inspections in the Ministry of Defense; heads of military administration bodies coordinate, supervise and evaluate the functioning of internal control and risk management in subordinate institutions, organize and ensure the functioning of internal control and risk management in their military administration bodies; Those responsible for activities coordinate and supervise the functioning of internal control and risk management in the area of their responsibility; the head of the institution organizes and ensures the implementation of internal control in accordance with the legislation governing the planning of the institution, budget process, management of budget funds, state property and other resources, organization and maintenance of accounting, preparation and submission of reports, administrative services , implementation of control and supervisory functions, procurement of goods, works and services, legal work, work with staff, activities to prevent and detect corruption, ensuring secrecy and information security, information protection in information, telecommunications and information and telecommunications systems, organizations document circulation, including electronic, and management of information flows, interaction with mass media and the public, the decision of other questions connected with functioning of establishment; The personnel of the institutions perform the tasks assigned to them on internal control and risk management in accordance with the acts of legislation and duly approved job descriptions (functional responsibilities).
The algorithm and procedure for the development of organizational documents on internal control issues. In accordance with the requirements of the order of the Ministry of Defense of Ukraine on April 4, 2019 No. 145 "On approval of the procedure for organizing internal control and risk management in the system of the Ministry of Defense of Ukraine", institutions for the proper functioning of the internal control and risk management system must ensure the development and approval of organizational and current documents.
Organizational documents are developed when introducing internal control. Changes are made to them as needed. Organizational documents include: 1) Internal control regulation; 2) Description of the internal environment, taking into account the specifics of the institution.
The regulation on internal control defines the mechanism for exercising internal control, regulates risk management issues in the institution, distributes responsibilities between officials of the institution regarding the proper functioning of the internal control system, establishes requirements for the exchange of information and communication, the timing and procedure for monitoring and reporting on internal control issues taking into account the requirements of the top-level military command and control body.
Current documents that are developed annually: 1) Risk register; 2) Risk management plan; 3) Internal control monitoring plan; 4) Reporting documents on internal control. Thus, for the processing of organizational documents, it is necessary to carry out a number ISSN 2534-9228 (2020) VUZF review, 5(4) of activities: 1. Identify an internal control manager. The working out the order of the commander of the military unit on the determination of the manager of internal control and the organization of his activities and approval of his functional duties. In military command and control bodies, in the absence of regular internal control units, the head of the military command body assigns the powers of the internal control coordinator to an official designated by the internal control manager.
2. Development and approval by the order of the commander (chief) of the Regulation on internal control.
3. Making changes to the functional responsibilities of the heads of directorates, departments and services for the organization of internal control in the subordinate structure and subordinate military units in the direction of activity.
4. Development of a description of the internal environment.
5. Creation of a working group on risk assessment. Definition of response measures, periodic review and refinement. The working group is approved by the order of the commander.

Conclusions
No internal control system is able to provide a complete guarantee that errors, deviations or unwanted consequences will not occur in the activities of the institution.
At the same time, the attitude of the institution's management to effectively fulfill the assigned tasks, maintain and develop certain capabilities, combined with an effective risk management and internal control system, will have a significant positive impact on the achievement of certain strategic and operational goals.
If the management of the institution and the relevant officials cultivate values aimed at obtaining corruption benefits from the existing organizational and administrative powers to manage resources, then the institution's internal control system is ineffective. The internal control system cannot provide the manager with guarantees of its reliability, if the officials of the institution are directly guilty of the occurrence of offenses related to the use and management of resources, fraud and other abuses, do not feel the inevitability of punishment for the actions committed, and in the event of such actions being repeated, they are not removed from official duties up to dismissal.
Since internal control depends on the human factor, there is always the possibility of unsatisfactory design, misjudgment, misunderstanding or misunderstanding, abuse, failure to properly preserve property, or overuse of resources.
Organizational changes and management behavior have a decisive influence on the effectiveness of internal controls and the activities of the institution. The management on an ongoing basis has to review and update control measures, bring their change to the attention of employees of the institution and demonstrate their compliance with their own example.
Prospects for further research are being considered in the search for practical problems in the functioning of the internal control system and the solution of recommendations to improve the quality of its functioning.