4. Risk management
-
- Last edited 4 years ago by Christopher Osborne
-
-
- This page is approved
According to the ISO 31000 standard, risk management is a management task in which the risks of an organization are identified, analyzed and evaluated. A risk management system is an instrument for the early identification of risks with a significant influence on the company's net assets, financial position and results of operations with the aim of enabling suitable countermeasures to be taken in good time by informing the decision-makers.
Objectives
The purpose of this Directive is to systematise internal controls within the framework of a risk management system.
This Directive applies to all sectors and disciplines.
Responsibilities
As an integral part of the planning and controlling process, the risk management system (RMS) is assigned to the management.
As the central steering body of the RMS, a working group is to be set up in which the most important corporate divisions are represented.
Risk categories
| Category | Information obligation | Supervision |
| Strategic risks
Risks threatening the continued existence of the company |
Immediate information of
|
Regular reporting to shareholders |
| Operating risks
Major risks |
Immediate information of the upper management | Monitoring by the upper management |
| Detailed risks | Regular information of the management | Monitoring by the responsible division managers |