The interest on internal control (IC) is increasing in the last years, namely in the public administration, including the hospitals. It is an instrument of management, administration, and control for assuring the organization's objectives in reliable financial reporting, operational effectiveness and efficiency, and compliance of laws, regulations, and policies, involving the controls risks. Better IC should yield more reliable on internal data, which lead to better internal decision-making. It then mitigates the risk of fraud. This study analyzes existing procedures and controls in the expenditure department of a public hospital, considering the human, material, and technical resources available to the systematization of effective control practices and the identification of key IC vulnerabilities. Thus, the authors use interviews and documentary analysis between December 2014 and 2015, proposing actions to mitigate the procedures vulnerabilities and a structure for an IC manual as a tool to promote the legality and efficiency of the management of public funds, as well as to prevent fraud.