Nuestra Empresa - ISA

​Internal Control Policy

ISA Economic Group

Approved at Board of Directors’ meeting No. 654 of July 27, 2007


Based on this policy, Grupo ISA declares its criteria and framework for action regarding internal control as part of the guiding and control mechanisms that facilitate the search for a unit of purpose and direction.


Internal control is inherent to the processes; it is immerse in the whole organization and, therefore Grupo IS believes it is a strategic element to safely achieve its objectives.

Legal reference framework

Grupo ISA Companies follow, respect and apply legal provisions in connection with internal control and the regulations from the relevant country and the sector to which they belong; thus control systems should incorporate said requirements. 

Concept outline

The concept outline for Grupo ISA Companies’ internal control adopts the model components from the Committee Of Sponsoring Organizations of the Treadway Commission (COSO).

Internal Control:

It is a process carried out by the Board of Directors or alike, the management and workers, designed to provide reasonable safety on the achievement of objectives at the following categories:

Effectiveness and efficiency of operations

Reliability on financial reports

Asset protection

Compliance with applicable laws and regulations

Internal Audit:

Independent and objective assessment and consulting activity devised for adding value and improving the organization operations.

It allows an organization to accomplish its objectives by providing it with a systematic and disciplined approach to assess and improve effectiveness and efficiency on risk management, internal control and corporate governance processes. 


Grupo ISA Companies clearly and expressly define the objective, systematic and endorsed application of internal control for all companies.

Internal controls help companies achieving its goals, assuring reliability on financial statements and accomplishing laws and regulations.

Application criteria

Grupo ISA Companies adopt the following criteria for applying this policy:

  • Self-control: Workers should effectively and efficiently perform such activities and processes managed by each at their day-to-day activities.
  • Effectiveness: Degree of performing planned activities and procurement of results.
  • Efficiency: Rational and optimal use of resources. 

Framework for action

Each Grupo ISA company should have an efficient, effective control system, consistent with the Parent Company’s guidelines.

The Parent Company’s Board of Directors, through the Corporate Auditing Committee, is the maximum control body at Grupo ISA, in charge of monitoring internal control effectiveness and efficiency. It supervises, directs and approves Grupo ISA’S internal control general framework.

Each company’s manager is responsible for internal control design, implementation and management.  

Taking into account the country’s regulatory scheme, and the size and needs of the affiliate, the Board of Directors or like body will decide whether an Auditing Committee is created or not; such Committee should be composed by members from the Board of Directors or like body and by the Corporate Auditor. In addition, the Manager and Auditor from the affiliate will also participate, with voice but no vote. In view of the above, at such companies where no Audit Committee is created, the Board of Directors or like body will develop Internal Control System-related matters. 

The area responsible for each Grupo ISA company internal audit will carry out assessments to internal control based on risk analysis and other COSO elements and will make recommendations for improvement.

Each Grupo ISA Company’s worker applies such criteria defined in this policy to create, keep and exercise effective and efficient controls on processes and activities under his/her charge.