According to the ISO 31000 standard, risk management is a management task. Within the scope of this task, the risks of an organization must be identified, analyzed and evaluated. To this end, the overarching objectives, strategies and policies for the risk management organization must be defined. Specifically, this concerns the definition of criteria according to which the risks are classified and assessed, the methods of risk determination, the responsibilities for risk decisions, the provision of resources for risk prevention, internal and external communication on the identified risks (reporting) as well as the qualification of staff for risk management. Risk management (early risk detection system), especially for stock corporations, is based on the requirements of the German Control and Transparency Act (Kontroll- und Transparenzgesetz, KonTraG) and the Institute of German Public Auditors’ (IdW) auditing standard PS 340 based on it. The aim is to identify risks threatening the going concern of the company at an early stage and to monitor them in a comprehensible manner.
Areas of Application for a Risk Management System
Our services in the area of risk management systems are particularly relevant for you in the following situations:
- Establishment of a new company or the spin-off of a company and the need to fundamentally establish a risk management system
- Rapid corporate growth and the associated increasing possibility that risks are being neglected due to the dynamics of the company
- Change in the legal form, e.g. into a joint stock corporation (Aktiengesellschaft, AG), or the shareholder structure (joining of private equity investors, IPO)
- Risks are identified too late and lead to damage in the company
Support in the Implementation of a Risk Management System
Our services in the area of risk management systems include in particular:
- Structured identification of risks for your company on the basis of proven techniques
- Analysis of the identified risks with regard to their probability of occurrence and possible effects
- Risk assessment by comparison with risk acceptance criteria to be defined in advance (e.g. from standards and norms)
- Design and implementation of risk management/risk control measures that reduce hazards and/or probabilities of occurrence or make the consequences controllable
- Design and implementation of risk monitoring measures by using parameters that provide information on current risks (risk indicators)
- Risk records for the documentation of all processes that take place in connection with risk analysis and assessment
If you are interested or have any questions, please contact us.