Internal Control System (ICS)

The set of actions, activities, plans, policies, standards, records, organization, procedures and methods - including the attitude developed by directors, executives and collaborators - that we adopt to achieve our organizational objectives; oriented to the effectiveness, efficiency and economy of operations, reliability in the timely generation of information, compliance with applicable laws, rules and regulations.

The Internal Control

The permanent and integral process carried out by all the collaborators of the Company, designed with the purpose of facing the risks and providing a reasonable degree of security on the fulfillment of the organizational objectives; promoting effective, efficient, ethical and transparent management; allowing to prevent irregularities and acts of corruption.

Risk Management

It is the process carried out by our executives and workers that is applied in setting the strategy and at the different levels of the Company. It focuses on the identification, measurement, administration, control and monitoring of risks, to keep them within accepted limits and provide reasonable security in the achievement of our objectives.


  • Promote and optimize the efficiency, effectiveness, ethics, transparency and economy of our operations, as well as the quality of the products and services we provide.}
  • Caring for and protecting the resources and assets of the Company against any form of loss, deterioration, improper use and illegal acts, as well as, in general, against any irregular event or harmful situation that could affect them.
  • Comply with the regulations applicable to our Company and our operations; as well as guarantee the reliability and timeliness of the information.
  • Promote integrity and promote the practice of institutional values and principles.
  • Promote the compliance of employees to be accountable for the resources assigned to their charge and/or for a mission or objective assigned and accepted.

Legal base

We employ our Internal Control and Risk Management System in accordance with the provisions of the following regulatory documents:

  • Law 28716 - Law of Internal Control in State Entities and its amendments.
  • Resolution of the Comptroller General of the Republic 320-2006-CG, Internal Control Standards.
  • Resolution of the Comptroller General of the Republic 409-2019-CG of 12.20.2019, which approves Directive 011-2019-CG/INTEG "Implementation of the Internal Control System in the Central Reserve Bank of Peru, Petroperú S.A., Superintendence of Banking, Insurance and AFP, National Fund for Financing State Business Activity and the Entities that are under its supervision”.
  • Internal Control - Integrated Framework (COSO 2013).
  • Risk Management - Integrated Framework (COSO ERM).
  • Internal Control Policy approved with Board Agreement No. 141-2021-PP dated 12.16.2021.
  • Risk Management Policy approved with Board Agreement No. 041-2019-PP dated 05.27.2019.
  • Code of Corporate Governance of PETROPERÚ, approved with Board Agreement No. 047-2018-PP dated 05.28.2018; modified by Board Agreement No. 110-2020-PP dated 11.05.2020.

Implementation of the Internal Control System 2020 (ICS)

The process of implementation, monitoring and evaluation of the SCI is comprehensive and permanent; In accordance with the current directive, it is carried out by executing the following activities annually:

  • Comprehensive Diagnosis of the ICS.
  • Preparation, approval and execution of the Annual Action Plan (AAP).
  • Semi-annual monitoring of AAP execution.
  • Annual Evaluation of the Implementation of the ICS.
  • Risk Management Documents