Topic 4: How Mature are your Internal Controls?

By examining key indicators of control maturity, you’ll uncover insights into the strengths and weaknesses of your control framework and identify opportunities for improvement.To enhance the maturity of your internal controls and strengthen your organisation’s risk management practices, you’ll have to self-assess using the self-assessment checklist below.

The self-assessment checklist helps to assess the maturity of existing key controls in four specific processes:

  1. Budget preparation and monitoring
  2. Income processing and management
  3. Payroll processing and adjusting
  4. Procedure of goods and services

By comparing your existing controls to the description of good control practices in each of the processes, you can assign a score ranging from 0 to 4, which represents the maturity level of control establishment. In particular, you should consider whether the control exists, whether it is performed on time by appropriate personnel, and whether adequate documentation is maintained.

The image below illustrates the actions to consider depending on the maturity score, take a look!

Now that you know more about assessing Internal Control Maturity, it’s time to do it yourself!

Internal Control Self-Assessment

This self-assessment is intended to help you assess the maturity of your organisation’s internal control framework. By thoroughly investigating various aspects of your control environment, you will gain valuable insights into the effectiveness, efficiency, and dependability of your internal controls. This process will help you identify your organisation’s strengths, weaknesses, and areas for improvement, allowing you to improve risk management practices and strengthen its overall governance structure. Join us as we go through this self-assessment and gain valuable insights into the maturity of your internal controls.

This self-assessment will guide you through various key areas of internal controls, allowing you to assess the maturity level of each aspect on a scale of 1 to 4, with 1 indicating a low level of maturity and 4 indicating a high level of maturity. 

  • For each topic or section, carefully consider your organisation’s practices, processes, and procedures, and select the score that best reflects your current level of maturity. 
  • Once you have completed the self-assessment, review the results to identify areas of strength and areas for improvement. 
  • Use these insights to develop action plans and prioritise initiatives aimed at enhancing the maturity of your internal controls and strengthening your organisation’s overall risk management framework. 

Let’s get started on assessing the maturity of your internal controls and driving continuous improvement within your organisation. Download the pdf below to begin assessing your organisations maturity level.

By assessing the maturity level of key areas, you have identified strengths and areas for improvement, laying the foundation for enhancing your organisation’s risk management framework. Utilise the assessment results to prioritise initiatives, develop action plans, and drive continuous improvement in your internal control practices. Remember that maturity is a journey of ongoing monitoring, and refinement of your internal controls is essential to adapt to changing circumstances and emerging risks. 

We encourage you to download the PDF version of this assessment to keep a record of your results and share them with your team for collaborative action planning.

Thank you for your participation, and we wish you success in strengthening your organisation’s internal controls and achieving your risk management objectives.


This module has provided a comprehensive overview of measuring financial sustainability in a non-profit organisation, including:

  • exploring the influential factors that affect it financial sustainability,
  • assess the importance of assessing and managing risks to achieve long-term stability. 

Throughout the module, we delved into various aspects of financial sustainability, including identifying key risks, understanding the relationship between risk and controls, and examining examples of risks and controls commonly encountered in non-profit organisations. 

Additionally, we emphasized the significance of establishing good internal controls and provided a self-assessment checklist to evaluate the maturity of existing key controls in specific processes. By applying the insights gained from this module, organisations can enhance their financial management practices, mitigate risks effectively, and strengthen their overall financial sustainability.

We encourage continued learning and implementation of best practices to support the mission-driven work of non-profit organisations and ensure their long-term success.