4. Risk management
According to the ISO 31000 standard, risk management is a management task in which the risks of an organization are identified, analyzed and evaluated. A risk management system is an instrument for the early identification of risks with a significant influence on the company's net assets, financial position and results of operations with the aim of enabling suitable countermeasures to be taken in good time by informing the decision-makers.
The purpose of this Directive is to systematise internal controls within the framework of a risk management system.
This Directive applies to all sectors and disciplines.
As an integral part of the planning and controlling process, the risk management system (RMS) is assigned to the management.
As the central steering body of the RMS, a working group is to be set up in which the most important corporate divisions are represented.
Risks threatening the continued existence of the company
|Immediate information of
||Regular reporting to shareholders|
|Immediate information of the upper management||Monitoring by the upper management|
|Detailed risks||Regular information of the management||Monitoring by the responsible division managers|