Fuzzy Governance Model

: This article aims to analyze the functions of corporate governance agents as a key part of the study and evaluation of the internal control by the independent auditor to propose a governance fuzzy model based on legality. This is a descriptive–hermeneutical study based on mercantile-securities law, the code of best practice of corporate governance, and auditing standards. The research design is cross-sectional and uses fuzzy logic theory as an alternative tool in contrast to classical mathematical models. The results suggest that corporate governance agents strongly inﬂuence the application of a management system. Evidence is given regarding the positive relationship between the functions of corporate governance agents as a management system. Additionally, the importance of an internal control management system as an inherent mechanism for governance is proven. The scientiﬁc value of this work lies in showing how the interaction between the application of mathematical models based on fuzzy set theory and the qualitative attributes of internal control policies and practices. It is a tool to evaluate governance as a management system for decision making. This work emphasizes that a model based on fuzzy sets is useful to evaluate a management system of internal control policies and procedures necessary to improve corporate governance.


Introduction
Corporate collapses and scandals, recognized as the financial catastrophes of the late twentieth and the early twenty-first century, were models of business failures [1]. They were caused by a deficient or absent supervision of the internal control policies and procedures. This mainly affected the notes and amounts reported on the financial statements approved by their corporate governance. Several companies make up the amounts of the trial balance and tend to mislead investors, customers, and suppliers [2]. They include fictitious sales to obtain incentives or credits and omit commitments to show low indebtedness. In addition, they overvalue some assets through the capitalization of operating expenses, which changes the profits at the end of the year and, therefore, the stockholders' equity. They also register non-existent assets to place shares and convertible bonds in preferential fiscal territories and manage all kinds of inappropriate registers to decrease the tax base. The corporate structure of transnational companies is that of a corporate government. It comprehends senior management, the internal audit committee, an external auditor, and policies and procedures of the internal control system that define how corporations and their functions should operate. Corporate government extends to all areas in an organization to achieve the economic goals of the entity and maintain its assets. The breach and application of an internal control system leads corporations to issue unreliable financial reports and make wrong decisions that could trigger financial disasters, technical bankruptcy, and eventually, the dissolution of a company. However, this denotes the absence of internal controls and raises questions as: Is corporate governance a management system for internal control? Do corporate governance agents exercise a sound control system management? Does internal control compliance guarantee reliable accounting reports? Is fuzzy logic an evaluation system for internal control policies and procedures as an agent of corporate governance?
The aim of this work is to analyze the functions of the agents that make up the corporate governance, the shareholders' assembly, the board of directors, and the audit functions. This is carried out from the study and evaluation of the internal control conducted by the independent auditor. We seek to propose a governance model as a management system based on the mechanisms of legality, the law of the stock market, and the code of corporate best practices. The scientific value of this work lies in showing that the interaction between the application of fuzzy models based on fuzzy set theory and the qualitative attributes of internal control policies and processes is a tool to evaluate governance as a management system in decision making.
This study has a descriptive character under the critical hermeneutic approach [3]. We consider the use of the hermeneutical principles and the fact that "the explanation of the real (social and economic) limitations that act on the interpreter should be used". The work is based on the International Auditing Standards ( [4], NIA 260, NIA 265, NIA 700, NIA 705), ([5], B3050, B5030, Guide 6060) related to the independent auditor's report ( [6], p. 58), the securities market law, and the code of good corporate practice. This document is a proposal based on the fact that conventional quantitative methods and techniques are not appropriate for treating social systems [7]. Fuzzy logic emerges as the ideal tool for modeling complex situations since it allows for making decisions considering qualitative attributes of a dynamic complex system. It is an excellent alternative for the study of governance due to its complexity and non-linear behavior based on subjective estimates of available information and the expertise and experience of those who manage it.
The first section reviews the theoretical and normative literature related to governance while the second one discusses the actors of governance. The methodological proposal is presented in the third section and a proposal for a fuzzy Governance Model as a management system is explained in the fourth section. Finally, the discussion of this work are presented.

Board of Directors
Corporate governance is a model of administrative management and long-term leadership through which corporations must be controlled and operated with disclosure and transparency. It suggests a relevant influence on the top management leadership and is responsible for the implementation of procedures to verify and safeguard the integrity of the financial reporting in the company.
Governance is performed through management and control [8], which involves the relationship between the top management of the company, its board of directors, and the interested third parties [9]. The roles and responsibilities of the board of directors must be separated from those of the top management to monitor and hold shareholders accountable. Corporate governance is the way to follow organizations and defines their managerial style [10]. It is the internal control environment of an entity [11] established by the board of directors, the committee of best corporate practices, and the audit committee [12]. The shareholders' meeting is responsible for appointing the people that will become members of the board of directors, responsible for appointing the people that will become members of the board of directors, responsible for supporting the represented company ( [13], p. 379), its institutions, creditors, and third parties involved ( [14], p. 147).
Corporate governance guarantees decision making [15]. The management of the corporate government protects the assets, avoids conflicts of interest, and separates the property, functions, and activities of internal control [16].
The board of directors is expected to play a key role in corporate governance and must guarantee the successful perpetuation of the corporation. The Principles of Corporate Governance by the OECD [9] describe all their responsibilities. The most important are summarized below:

1.
To ensure that board members are informed and act ethically and in good faith, with due diligence and care, in the best interest of the company and the shareholders.

2.
To review and guide corporate strategy, objective setting, major plans of action, risk policy, capital plans, and annual budgets.

3.
To ensure the integrity of the accounting and financial reporting systems of the corporations, including their independent audit. 4.
To ensure that the board members are nominated and elected through a formal and transparent process. 5.
To select, compensate, monitor, and replace key executives and oversee succession planning. 6.
To ensure the set-up of an appropriate internal control system. 7.
To oversee disclosure and communications processes.
Public companies and their related parties are managed under the supervision of the board of directors and the top management [13], which ensure that operations related to a corporate purpose are carried out [17]. The board of directors acts through the committee of best corporate practices and the audit committee. Together, not only do they approve the engagement letters regarding audit services and the financial statements but they also present the financial statements and the auditor's opinion to the general shareholders' meeting.

Audit Committee
In 1992, the final report of the Cardbury Committee issued the Code of Best Corporate Practices that recommends the audit committee include at least three non-executive members, independent from the board, the Chief Financial Officer (CFO), and the external auditors. Since the board of directors is responsible for governing the organization [18], the audit committee performs the oversight functions. This committee supports the board of directors to ensure that the registrations are performed in accordance with accounting principles and criteria. It also evaluates the external auditors' performance and independence, discusses the audited financial statements, and reports the strengths and weaknesses in regard to the internal control system and the audit department of the company to the board of directors.
Its principal duties and responsibilities include overseeing the hiring, performance, and independence of the external auditor and the financial reporting and disclosure process as well as monitoring the selection of accounting principles and the internal control policies and procedures. It oversees the regulatory compliance, ethics, and if necessary, report malpractice, unlawful or unethical behavior within the workplace.
In addition, the audit committee ensures that the processed information is relevant and reliable for internal and external users. The Committee on Corporate Governance (1998) establishes that the audit committee is the safeguard of investments and protects the assets of the organization. Nicolȃescu [19] states that the quality of corporate governance influences the perception that investors have of the quality of financial information and the auditors' reputation. Then, Johnstone, Li, and Rupley [20] confirm that there is a positive association between corporate governance, the audit committee, and the top management.

Best Corporate Practices
The performance of the board of directors is evaluated through a tool called best corporate practices. Mexico was one of the first countries in Latin America to raise the issue of governance [8]. Calderón states [21] that the Code of Best Practice of Corporate Governance was issued at the same time as the principles of the OECD, before the Sarbanex-Oxley Act and the Spanish Aldama report [22].
The importance of these practices is that they are binding for public companies [23]. It is suggested to [24] adopt this code because it contains recommendations that companies must consider to infer good corporate governance. Best practices are useful for any company seeking to improve the proper functioning of the board of directors. Several authors suggest following principles and practices, such as the daily reporting of the agenda of the shareholders' meeting and the communication between them, along with their functions, integration, structure, operation, and responsibility. In addition, it is advised to consider the function of audit, the selection of the auditors and the financial information, the management system of internal control, and risk management. The code contains the guidelines to manage the compliance of the accounting standards and prepare the financial information.

Internal Control Policies and Procedures
Internal control policies and procedures are a management system that defines the structure of organizations to ensure the integrity of the financial information, promote accountability, and prevent fraud. On the other hand, they are defined as a set of rules or guidelines created by any organization to achieve a long-term set of goals. They are designed to influence and determine decisions and actions and take place within the boundaries set by them. Their main purpose is to protect assets and ensure that all the transactions are registered in the accounting system. An internal control system is designed, implemented, and maintained by those in charge of corporate governance or administrative management. They provide reasonable assurance that the objectives of the entity are achieved in terms of financial information, effectiveness and efficiency of operations, and compliance with laws and regulations ( [4], p. 25).
The clarity of the organization structure is another component that shows internal control works properly. The Report of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) emphasizes the importance of operational manuals, processes, organization, and procedures that provide a reasonable degree of security to conduct business [25]. Management control is fundamental to obtain reliable financial information.
The audit committee together with the board of directors and the committee of best corporate practices selects the independent auditor. The auditor is responsible for planning and performing the audit to obtain reasonable assurance that the financial statements are free of material misstatements due to error or fraud [3].

Test of Compliance in the Independent Auditor's Examination
The audit committee together with the board of directors and the committee of best corporate practices selects the independent auditor. The auditor is responsible for planning and performing the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement caused by error or fraud ( [4], NIA 700).
Before issuing an opinion on the financial statements of the company, the auditor should design internal control tests to obtain reasonable assurance from the material weaknesses and their effectiveness. Similarly, the internal control management system should be able to prevent, detect, and correct potential misstatements that would cause the financial statements to become material errors ([5], B3050, paragraph 36). Internal control testing must be useful to obtain appropriate evidence that supports the financial reporting as of year-end and the auditor's responsibility on identifying its reliability. Probably there are internal control policies and procedures, but it does not necessarily mean that they are efficiently operating the management system ([5], B3050, paragraph 51). In some cases, the auditor may conclude that there is no confidence in the internal control, eliminating the compliance tests and determining new substantive ones. To perform this evaluation, the auditor conducts a statistical or non-statistical sampling. This decision requires professional judgment, skepticism, and experience, trying in all cases to gather sufficient and competent evidence. The auditor will seek to detect and correct possible deviations in the management system and determine an appropriate scope in the revision.
When the auditor uses statistical sampling, they rely on the guides focused on determining the size and set up the level of confidence regarding the universe. Statistical sampling aims to estimate the frequency of certain characteristics that appear in the universe and is represented as a percentage ([5], Guide 6060).
When the auditor uses non-statistical sampling, they inevitably draw on their professional judgment, skepticism, and experience to set up their own parameters. They consider their knowledge regarding the principal economic environment factors in which an economic entity operates. Among those factors are organizational culture, size, structure, internal control conditions, income level, number of transactions, invoicing, number of workers, industry leadership, market conditions, infrastructure, inflation, and government regulation [26].
During the audit, the auditor establishes communication with corporate governance ([4], NIA 260) and informs them of situations of strangeness, unavoidable risk, and errors or irregularities that may remain undiscovered and cause some distortion. The auditor provides information on the efficiency of the internal control management system ( [4], NIA 265), and the detection or the possibility of fraud, relevant risks, deviations from the rules expected by the stock market, and limitations found during their revision ( [4], NIA 260, paragraph 16 e), always delivering written notification to the management (paragraph 11 b). Because of the revision, the auditor has to issue a report including their opinion and must state that the audit was carried out with standards that comply with ethical requirements ( [4], NIA 260; Sections 21, 22 and 23). They must also describe the responsibility of the management on the preparation and fair presentation of the financial statements.

Corporate Governance as a Management System
Transnational companies and their related parties converge in the stock market. These companies buy and sell financial assets, stocks, bonds, and long-term debt securities. Therefore, they are under strict regulations and required to provide their financial statements issued by an external auditor in an annual report. This report must include the corporate governance questionnaire and an assessment of the compliance level, including the relevant principles and the code [27] of best practices of corporate governance.
Garcia's assertion is taken to characterize corporate governance as a dynamic management system because the functions of its agents (the shareholders' meeting, the board of directors, the committee of best corporate practices, and the audit committee) are interdependent, yet coherently linked and organized at the same time ( [28], p. 117). They agree on Mekler's opinion ( [29], pp. 4-5) which emphasizes that a management system shares attributes that interact between their components, giving rise to phenomena with both collective and cooperative behaviors.
Corporate governance, as a management system, works together with the external auditor who, through the study and evaluation of internal controls, determines the scope of their revision. It is a management dynamic and multidimensional system because its agents contain qualitative attributes that define modalities of governance functions, which are linked at different hierarchical levels of management (Figure 1).

Fuzzy Logic
In 1965, the Iranian-American mathematician, electrical engineer, computer scientist, and artificial intelligence researcher Lotfi Asker Zadeh published an article called Fuzzy Sets [30]. In it, he introduced the theory of fuzzy sets that are sets whose elements have degrees of membership. In 1973, he published an article called "Outline of a New Approach to the Analysis of Complex Systems and Decision Processes" [7]. The article points out that conventional quantitative techniques are inadequate to treat social systems.
Fuzzy logic emerges as the ideal tool for modeling complex situations since it allows for making decisions considering qualitative attributes of a dynamic complex system. It is an excellent alternative for the study of governance due to its complexity and non-linear behavior based on subjective estimates of available information and the expertise and experience of those who manage it. In addition, it provides a simple conclusion attributed to ambiguous, inaccurate, or incomplete information. Its main advantage is that it uses linguistic variables, not necessarily numerical, as human thinking. Unlike other statistical methods, fuzzy logic eliminates complex contents of mathematics and offers easy solutions to problems combining linguistic expressions with numerical data. On the other hand, it is worth highlighting that fuzzy logic models are based on mathematical ones. The latter allow labeling intermediate values to define estimates between true and false, black and white, hot and cold, little and much, small and large, short and tall, and close and far, among others.
Lozano and Fuentes [31] confirm that fuzzy logic is suitable for procedures based on intuitive rules that are hard to express in mathematical terms and its great potential comes from the probability of expressing operations and controlling rules in everyday language. Fuzzy logic was first applied in engineering and, although it is commonly handled by expert systems of artificial intelligence, there exist applications to several fields of science. For example, fuzzy logic was used to evaluate the sensitivity of the hydroelectric system, taking the human failure into consideration using the fuzzy analytic hierarchy process (AHP) approach [32]. On the other hand, [33] propose the first multicriteria model in a fuzzy environment to assist in decision making related to the renewal of healthcare equipment, this model tries to objectively analyze the different factors that must be taken into account in decision-making to renew healthcare technologies. Besides, we can find the application of fuzzy logic on financial risk indicators [34] and on accounting [31,35]. Research by Ji, Yu and Fu [36] proposes an assessment of personal default risk in peer to peer online lending platform, which reduces uncertainty while taking into account the psychological characteristics of lenders to avoid risk.
Most of the research is performed with statistical tools; however, sometimes there are no accurate data and the forecasts of statistical methods are far away from reality. Martínez [37] cited in Cruz [38] states that fuzzy logic is one of the mathematical disciplines that nowadays has the most followers. This is not only because of its easy understanding and flexibility but also because it is tolerant to inaccurate data and allows for conclusions based on uncertain assumptions.
In the following paragraphs, basic concepts regarding fuzzy logic are defined and fuzzy sets are explained. A fundamental concept for understanding classical and fuzzy logic theory is the membership function.
Bojadziev and Bojadziev [39] state that the fundamental notion in fuzzy sets is the one of membership. The concept of membership is the relationship that links each element with a set.
Let X ⊂ R a universal set and A ⊂ X. The membership function µ A : X → [0, 1] denotes the membership grade of an element x to the set A, i.e., if r is the degree to which x belongs to A.

1, if x ∈ A.
Note that the range of the membership function is the interval [0, 1]. A fuzzy set has the following representation If X is a discrete universal set, i.e., X = {x 1 , x 2 . . . , x n }, we have that: The choice of the membership function depends on multiple parameters, such as context and application. Triangular functions, trapezoidal functions, and normal distribution functions, among others, are examples of membership functions. Still, simple functions, as the triangular ones, are usually chosen as a membership function (see Figure 2). The operations between fuzzy sets are union, intersection, and idempotent. Let A and B be two fuzzy sets; then, the membership function of the union A ∪ B is represented by: The intersection A ∩ B has membership function given by: A fuzzy number is an example of a fuzzy set. A triangular fuzzy number is determined by three parameters (a 1 , a 2 , a 3 ), where a 1 < a 2 < a 3 and x = a 2 is the peak of the triangle. See Figure 2.
When the range of the membership function µ A is determined by experts, the membership function can be generalized by an interval valued function [40]. Thus, consider the set L([0, 1]) consisting of the whole closed subintervals in [0, 1]. The ϕ fuzzy set, which is denoted by A ϕ , is the set with elements (x, µ ϕ (x)), where µ ϕ : X → L([0, 1]) has the form µ ϕ (x) = [a 1 x , a 2 x ] and x ∈ X. A fuzzy triangular number (a 1 , a 2 , a 3 ) can be written as follows: where the functions µ A , ν A X → [0, 1] are given by the following formulas: The binary operations on a fuzzy triangular number are usually defined as follows. If A = (a 1 , a 2 , a 3 ) and B = (b 1 , b 2 , b 3 ) are two fuzzy triangular numbers and k is a real number, then Decision making is key to an organization and its corporate governance. The management evaluates potential alternatives considering different tools to construct business objectives properly and timely before making a decision. For this reason, Mullor, Sansalvador, and Trigueros [41] state that fuzzy logic is the ideal tool to manage economic and administrative-accounting issues, such as personnel recruitment, supplier selection and evaluation, actuarial analysis, stock market prediction, inventory management, and stock level control.
Reducing the uncertainty and predicting the reality with inaccurate data is one of the greatest challenges for companies. Therefore, fuzzy sets constitute a novel tool that offers a strategic measurement. In this context, the use of fuzzy sets given in Equation (1) to back up information related to companies, people or processes allows to contrast and evaluate objects of the same nature. Fuzzy logic will be used to assess the degree of governance of corporate governance agents as a dynamic complex system. For each agent, a fuzzy set will be built along with the ideal agent, according to the professional judgment and experience of the independent auditor.
The similarity between agents will be measured using an addition competency index, which will indicate a higher level in compliance within internal controls. Consequently, there will be greater corporate governance when the intersection between the evaluated agents and the ideal is closer. The index between fuzzy sets where µ . Figure 3 illustrates the addition competency index. This graph orders the subjects and allows choosing those that have a higher adequacy index. Figure 3. Similarity between agents.

Linguistic Variables
A linguistic variable is composed of words structured in an artificial language [30]. It has the form (T, Ω, G, M), where T is the linguistic variable, ω is the universe set, G represents the values of T and M is a map of T to fuzzy subsets of X.
In this work, T is the name of the linguistic variable while the characteristics of the enterprise are given by the set G = {Very Good, Good, Regular, Bad, Very Bad} and the numerical values allocated to each linguistic label are within the interval [0, 100]. Then, the universe set is Ω = [0, 100] and M is the set consisting of whole the membership functions. See Figure 2.
Subsequently, each attribute will be qualified using the labels shown in the first column of Table 1. Afterwards, a fuzzy triangular set will be constructed with the gathered information as shown below: The chart on each membership function of the fuzzy triangular set is given by Figure 4.

A Governance Fuzzy Model
As previously stated, the auditor should design an internal control testing to obtain reasonable assurance of the material weaknesses and effectiveness. This decision requires professional judgment, skepticism, and experience. The model proposed below is made of fuzzy sets and allows the auditor to perform their revision using both statistical and non-statistical sampling.
It will be considered a set of R categories evaluated to determine company size, income level, number of transactions, number of workers, industry leadership, and macroeconomic context, among others. These categories will be shown by the following set: In addition, the external auditor will evaluate n agents: Each of these agents must comply with a number of internal control policies and procedures. It can be understood that a model based on fuzzy logic is useful to assess the level of compliance in the application and supervision of policies and internal control procedures emerging as a need for improving corporate governance. The ideal agent I is that which best meets each category and is built according to the auditor's professional judgment and experience. Therefore, the fuzzy set is: Table 1. Then, to determine the similarity between the agents in evaluation and the ideal, the categories of each one will be measured in relation to the ideal, using the addition competency index (Equation (2)). Some important remarks are listed below:

1.
Some qualitative categories only allow for binary evaluations and other attributes, so the linguistic labels in Table 1 will be used for the analysis.

2.
Categories such as company leadership can consider the use of information from some reputational evaluation instrument.

3.
It is suggested to take the highest value obtained in categories corresponding to numbers of board members, reports of external auditors, and periodicity, among others.

4.
Financial categories should be given greater attention since they deal with indicators of the economic position of the company; for example, profitability, liquidity, and leverage, among others. In order to evaluate each financial aspect, the highest value among all the obtained data is proposed.

5.
Categories such as audit functions, conflict of interest, and code of ethics, among others, are dichotomous values; therefore, only Very good and Very bad will be considered in the evaluation.

6.
This tool has the following advantages: (a) Economic: This is the greatest advantage since its low cost allows for its application in different contexts and situations and leads to low-cost audits.
Meticulous: It is a tool based on the auditor's professional judgment and experience to select non-random samples and reduce the number of categories to obtain meticulous information with satisfactory results.
The structure of the proposed model is shown in Figure 5.

Application
Most of the companies plan production at the lowest cost and offer products of the highest quality to the market. In this example, the Fuzzy Model for Governance presented seeks to meet three categories: X = {Cost of raw material, quality and delivery time}.
Following the notation of Equation (3) we have a set of R = 3 categories that will be evaluated in its processes X = {x 1 , x 2 , x 3 }.
The company has a purchasing policy for the acquisition of raw material that establishes purchase quotations with five suppliers. They correspond to agents A 1 , A 2 , A 3 , A 4 and A 5 . These five suppliers define the universe as follows: According to the experience and the expertise of the acquisition, logistic, and quality areas, the three attributes are evaluated according to Table 1. The evaluations are shown in Table 2. Following the proposed model ( Figure 5) and considering Table 1, fuzzy sets with interval-valued membership functions for each agent are built (see Table 3). Table 3. Fuzzy sets for suppliers (agents).
It must be considered that the ideal agent is built according to the independent auditor's professional judgement, skepticism, and experience. It complies with each category in the best way; therefore, the ideal agent (provider) complies with the attributes in Table 4, according to the acquisitions, quality, and logistics areas. To do so, the ideal provider must have a price degree not higher than 83% and a quality of at least 49.8%. It must also meet the delivery time at least 49.8% of the times. Then, we use the addition competency index, Equation (2), between fuzzy sets A  Table 3 and Equation (2). Then, = 0. Figure 6 illustrates the intersection and union of sets for membership functions µ The model seeks to apply an addition competency index to measure the similarity of the agents under evaluation. Thus, In an analogous way, the adequacy index for the rest of the agents is calculated. The results are summarized in Table 5.
Clearly, agents A 2 and A 5 show a higher adequacy index and, in consequence, they (providers) comply with the internal control process for raw material in the best way, according to the acquisitions policies of the company. That is, both agents exert a good control environment, a governance aligned with the study, and an evaluation of internal control by the independent auditor.
Adequate segregation of the functions regarding purchase authorization and price quote when acquiring goods is key to evaluate internal control compliance. Then, product requirements must be followed according to the stock level indicated by the management. In addition, product reception at the warehouse must be observed.
The area manager must check that the process complies with the product quality attributes (weight, shape, smell, color, and packing, among others) for storage at the warehouse. The agent desirably implements an efficient control of the purchase orders and the pre-numbered reception notes related to every acquisition. They should also take frequent physical inventory counts. Both processes include the verification of legal-fiscal documentation, invoice review, prices and calculations, and a review against internal documents before accounting record and the creation of a liability (payment). Then, the manager's authorization degree and hierarchical level to contract and guarantee liabilities are reviewed.
Finally, logistic internal controls are fundamental to performing transactions, product sales by areas or online or any others determined by the management. In the end, the product is delivered to its destination efficiently. The authorization and sales documentation, along with lists of clients, prices, discounts, returns, and bonuses are also necessary to the right logistics.
To comply with the processes, the staff member in charge must authorize the appropriate segregation of clients' orders, payments (cash or credit), shipment, invoicing, credit notes, delivery dates and routes, physical custody, insurance, finance systems, and collaterals or pledges. Then the records are entered in the accounts.
The auditor evaluates the policies and internal control processes of the entity based on their professional assessment and experience, skepticism, and fuzzy governance model.

Discussion
The internal control system and the application of policies and procedures have long been studied by external auditors since they are enforceable in the professional-legal practice [21] within the framework of international audit standards [4]. Furthermore, the presentation of a financial notice is preceded by the study and evaluation of internal control [5]. This obligation is supported by the legislation [11] of international governments aiming at protecting investors and reducing financial disasters [1,2]. After the compliance with the code of best corporate practices [8], the governance system evaluates [9,22] its internal control system involved in accounting laws and standards [11] only from a qualitative perspective. The evaluation lacks mathematical analyses [39] without having a scientific confront.
The authors discuss the relevance of internal control as a cornerstone of governance [16], and good corporate practices [23] without alluding to a mathematical model. In our analysis, we state that mathematical models are binding to social sciences. It is, therefore, a novel way to relate laws [13,14] and audit (accounting) standards with fuzzy sets (fuzzy logic). Results show that control policies and procedures for the acquisition of products (pricing, quality, and delivery time ) indicate a good governance management [12] since the company guarantees product supply to its clients. In addition, the fact of comparing a group of providers opens the door to different possibilities to acquire the product; that is, under better economic, resource, and speed conditions. These attributes promote the decision making of the management [25], in turn considering the rest of the providers as second or third sources of raw material.
Fuzzy logic as an agent of the governance system promotes decision making for product acquisition, leading to constant inventory rotation. The latter, in turn, facilitates corporate finances by opening market opportunities and thus charging clients due to sales increase. Liquidity increases and liabilities decrease, so investing in other assets, as financial instruments or companies, is possible. This is one of the benefits of fuzzy logic as a governance system.
The limitation of this study is its focus on the warehouse and purchasing areas of the corporation. Although we know that it is substantive, inventory control should be studied from a corporate system standpoint to relate it with internal control policies and procedures linked to other areas as sales and finance. This would complete the operation flow and allow a thorough understanding as to how supervising the application of policies and processes, or the lack thereof, increases corporate risk [38]. These research lines remain open for an integral study.
The fuzzy logic method is used since it is adequate for the study of attributes that can hardly be mathematically expressed. Its great potential lies in the possibility to express operations through everyday-use words. It is a tool used in administrative areas, as accounting and finance, of companies [7,38]. The fuzzy governance model is presented [30] as a management system for internal control policies and procedures, focusing on a legal framework to fulfill economic activities, necessary for decision making in corporate governance.

Conclusions
This work shows the inductive-deductive interaction between the implementation of fuzzy models and the qualitative attributes defined in the internal law of organizations. This document proposes a tool to evaluate the governance degree of agents belonging to corporate governance as a dynamic complex system.
Processes, including those non-written, are frequently absent and there is no documentary information to carry out the study and compliance evaluation of policies and internal control procedures within organizations. Fuzzy logic is a novel and efficient tool to study the compliance level of processes, especially that of those non-written.
The auditor observes process compliance and thus moves forward in the analysis of the study and evaluation of the internal control. All of this is based on the auditor's professional experience in the stock market, technical control, professional judgement, discretion, and skepticism exhibited during the examination of the financial information. The auditor uses a fuzzy model to identify the abilities and skills of other professionals, and materializes the technical control, professional judgement, skepticism, and professional experience. These qualities are hardly quantifiable using the known techniques.
Statutory commercial and securities law of accounting and auditing standards and agents of corporate governance concatenate into a complex system. Then, governance is exerted through inter-and transdisciplinary interactions involved in an established dynamic between areas and hierarchical levels of the organization.