Risk Advisory Services (RAS)

Transcription

1 Risk Advisory Services

2 Internal Audit With increasing legal requirements and growing importance of effective corporate governance in businesses and organizations internal audit plays an increasingly greater role in the monitoring process. Internal auditors are assuming a more strategic role that is linked to the overall assessment of risks. provides internal audit services of the highest quality to meet the economic requirements of businesses and their stakeholders worldwide. Your business benefits from experienced, independent and professional evaluations on the quality and efficiency of your control environment. member firms work together with businesses to identify areas for potential improvement and explore ways to meet objectives more efficiently. Businesses can choose between fully outsourced solutions (outsourcing), working in partnership with in-house internal audit teams (co-sourcing / partnering) and / or the supply of projectrelated specialist services (e.g. project work). All three models offer the advantage of flexibility and scalability, what is beneficial with regards to the current economic situation and the requirements of the capital market. Core to the risk-based audit methodology is an understanding of the risk profile of your organization and assessing where internal audit work can add the most value. This approach enables us to: Focus our internal audit services on areas critical to the success of a business Compliance with all national and international standards (e.g. DIIR and IIA) and requirements (e.g. COSO and ISO) Provide stakeholders and managers with assurance that their key systems and controls are in place and working effectively With this approach we provide you the following advantages: More efficient use of your internal resources Availability of independent, engaged and specialized internal audit professionals without the day-to-day managerial requirements Ability to monitor key areas of your organization Access to experts on various subjects and questions Statement of clear findings linked back to the risk profile Our internal audit & related services include: Comprehensive delivery of all internal audit services (outsourcing) Co-sourcing / partnering with existing internal audit Concept, design and implementation of an internal audit function Risk-oriented audit planning Independent quality assessment (QA) / validation by accredited and registered assessors in accordance with national and international standards (DIIR/IIA) Compliance and corporate governance consulting Training and coaching of staff at all corporate levels RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

3 Internal Control System (ICS) Lacking controls, inadequate risk management, economic crime and corruption are subject of intense public controversy and seem to occur daily. Whereas the requirement to implement and document an Internal Control System (ICS) as responsibility of the management can be derived from German legislation for a long time. Two legislative milestones on the way to a worldwide new control culture are the law on control and transparency in business (KonTraG) on a national basis as well as the Sarbanes-Oxley Act (SOX) on an international basis. The German accounting law modernization act (BilMoG) to transform the 8th EU directive into national law intensified this trend. BilMoG amongst others emphasized the requirement of the supervisory board to evaluate the effectiveness of the ICS, the internal audit function as well as the risk management system. A sound understanding of internal control and its potential value contribution are essential for every business. An operative risk management and an effective ICS form the basis to exploit the full potential of your business. For instance, an effective ICS facilitates external financing by banks for organizations. In a globalized economy, also medium-sized companies have business partners who require their suppliers and service providers to fulfill their internal guidelines (e.g. existence of specific internal controls) or to comply with the requirements of section 404 and 302 of SOX. This usually is disproportionately time-consuming and associated with commitment of resources. uses multi-level procedures to facilitate the development, implementation, optimization and monitoring of an effective ICS. Thereby your IT is not left out of consideration. Our experienced and qualified IT-auditors are consequently integrated in our projects, even if the main focus is outside the IT. Our approach is based on the internationally recognized and worldwide existent framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Moreover, the national (DIIR) and international (IIA) standards of internal audit are components of our approach. We support you in identifying chances for your organization and meeting your objectives more focused. That way you can add sustainable value. Our internal control & related services include: Concept, design and implementation of Internal Control Systems (ICS) in accordance with national and international standards (e.g. KonTraG, BilMoG, and COSO) Testing of design and operating effectiveness of Internal Control Systems (ICS) Continuous monitoring and optimization of Internal Control Systems (ICS) Quick-check, review and assessment of Internal Control Systems (ICS) Sarbanes-Oxley Act (SOX) consulting Compliance and corporate governance consulting Training and coaching of staff at all corporate levels RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

4 Risk Management In a continuously changing economic landscape businesses face an increasing number of uncertainties. Major potential sources of risks jeopardizing businesses` ability to achieve corporate objectives are material loss as well as lost opportunities. Thus it is of highest priority to identify the key risks and manage these risks on an on-going basis. supports businesses of different size and branches in identifying and managing risks to ensure that besides the fulfillment of legal requirements also sustainable value is added by effective and efficient handling of risks. We perceive the establishment of a dynamic risk management system meeting the economic requirements of your business and ensuring future success as our challenge. Our approach is based e.g. on the internationally recognized Enterprise Risk Management (ERM) framework of the Committee of Sponsoring Organization of the Treadway Commission (COSO II). We will design with you an enterprise-wide risk management system that integrates with existing business processes and management systems. Such a risk management system serves as a central monitoring tool as basis for strategic and operative corporate management and leads to an increased efficiency of the internal audit function. Our approach includes the following components: Risk culture and internal environment Objective setting and event identification Risk assessment and risk response Information and communication Risk reporting Control activities and monitoring For an ERM system to be truly successful, organizations must embed their risk culture throughout all levels of the business. Senior management and staff must all understand and internalize an organization s specific risk management approach. As risk management responsibility is spread across the whole organization it is essential to success that all staff members involved are fully trained and coached. Our risk management & related services include: Concept, design and implementation of risk management systems in accordance with national and international standards (e.g. KonTraG, BilMoG, COSO and ISO) Co-sourcing / partnering with the present risk management function Integration of risk management, internal audit and internal control systems Quick check, review and evaluation of risk management systems and functions Business risk assessment and control self-assessment (CSA) Compliance and corporate governance consulting Training and coaching of staff at all corporate levels RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

5 Compliance Management Relating to increasing losses through acts of fraud as well as growing liability risks for corporate management, compliance is increasingly gaining importance. Moreover, in view of data protection considerations, compliance management has become subject of public interest in recent years. In this context, organizations face not least besides civil and criminal liability also reputational damage and/or loss of image. Consequently, members of management and supervisory bodies have to take a critical look at how compliance with laws, contractual commitments and internal regulations as well as guidelines can be assured efficiently. Compliance management systems (CMS) are increasingly used to account for the required measures and form them transparent, manageable and controllable. At this CMS are especially relevant in the context of risk management, internal control systems and internal audit of an organization. The principle expert committee of the German Institute of Public Auditors has released the Auditing Standard AuS 980 Basic principles of proper auditing of compliance management systems on March 11, 2011 amongst others in order to verify the functionality and design of a CMS by an independent institution. According to standards a CMS includes the following basic elements: Compliance culture Compliance objectives Compliance risks Compliance program Compliance organization Compliance communication Compliance monitoring and improvement uses multi-level procedures to facilitate the development, implementation, optimization and monitoring of an effective CMS. Our experienced and qualified compliance specialists support you in operating an active compliance management creating prevention and transparency, meeting your organization s requirements and reducing or evading follow-up costs through compliance violations. Our compliance management & related services include: Concept, design and implementation of compliance management systems (CMS) in accordance with national and international standards (e.g. IDW AuS 980 and COSO) Continuous monitoring and optimization of compliance management systems Quick-check, review and assessment of existing compliance structures Certification of compliance management systems Integration of compliance management, risk management, internal audit and internal control systems Compliance and corporate governance consulting Training and coaching of staff at all corporate levels RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

6 Fraud Investigation Services In the context of increasing occurrence of criminal acts (e.g. cunning, deception, embezzlement or corruption), fraud has become more and more ubiquitous within organizations daily business. Harm resulting from such criminal acts can be material, and at worst, may jeopardize the existence of an organization as a going concern. In addition organizations may suffer from reputation and image losses. We at understand the issues affecting globally active organizations and help our clients being equipped for potential fraud challenges. Organizations need to establish anti-fraud mechanisms, e.g. a holistic approach of organizational and technical measures to prevent, detect and investigate fraud in order to keep the organizations assets secure, compliant and protected against financial misstatement, property damage, corruption issues and other compliance violations. Such a fraud management system (FMS) should not act as an isolated subsystem. It must be integrated into the organizations existing Internal Control, Audit and Risk Management Systems to work efficiently. We at take an integrated approach to facilitate the development, implementation, optimization and monitoring of an effective FMS. Our experienced and qualified fraud professionals will utilize their accounting, auditing and investigation skills to deliver an independent opinion in clear terms. By the use of accurate software support (e.g. winidea) they are able to analyze huge amounts of data in a timely manner, increasing the ability that unusual activity will be detected quickly. We assist you in conducting an active fraud management that creates prevention and transparency, satisfies the needs and good practices of your organization and avoids, respectively reduces potential losses resulting from fraud incidents. Fraud Investigation Services include: Implementation and optimization of a fraud prevention and detection system Fraud identification and investigation Fraud risk assessment and Control Self-Assessment (CSA) workshops Data screening (e.g. HR master data vs. supplier master data Documentation / Review / Improvement of processes Compliance and Corporate Governance Assessments Fraud prevention and assessment of the internal control system Training and coaching of employees on all levels RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

7 Professional Consulting and Training By three methods we may learn wisdom: first, by reflection, which is noblest; second, by imitation, which is easiest; and third, by experience, which is the most bitter. (Confuzius BC) In an ever-changing commercial landscape, all businesses face an increasing number of uncertainties. These can significantly challenge even the best organisations, jeopardising their ability to achieve objectives through material loss or lost opportunity. We at understand the issues affecting growing active organisations and help our clients being equipped for potential risk challenges and in seizing opportunities in a timely manner. Professional training and consulting at are closely linked to each other. While latest achievements in theories based on facts are used in day-to-day consulting business our practical experience from projects are continuously integrated into our training and coaching methods in order to provide a holistic understanding for our clients. Our range of professional consulting services and training / coaching programs include amongst others: Professional Consulting Professional Training Design, implementation and optimization of Internal Audit Functions Business risk assessment and Control Self-Assessment (CSA) workshops Scoping and risk-based audit planning Conducting audit and Reporting Follow-up and special audits Quality Assessment (QA) of the Internal Audit Function Design, implementation and testing of Internal Control Systems (ICS) Design, implementation and testing of Risk Management Systems (RMS) Integration of Internal Control, Audit and Risk Management Systems Compliance and Corporate Governance Assessments Audit referencing and documentation Professional framework of the Internal Audit Function Quality Management and Assessment for the Internal Audit Function Control Self-Assessment (CSA) Methodologies Control Objectives for Information and related Technology (CobiT) System and Process Audit Methodologies Recent Developments concerning the Internal Audit function (e.g. German Accounting Law Modernization Act (BilMoG) / 8th EU Directive) Internal Control Systems (ICS) according to COSO I Risk Management Systems (RMS) according to COSO II (ERM) Compliance Management Systems (CMS), e.g. according to the recommendations of the Institute of German Certified Public Accountants (IDW EPS 980) Corporate Governance principles and frameworks RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.

8 Certified Internal Auditor (CIA) Certified Information Systems Auditor (CISA) Certified Fraud Examiner (CFE) Certified Government Auditing Professional (CGAP) Certified Information Security Manager (CISM) Certification in Control Self-Assessment (CCSA) Accreditation in Quality Assessment / Validation Risk Advisory Services RSM Altavis GmbH Hamburg Phone: +49 (0) Professional Experience Languages: German, English, French Experience: 12 Years : Technical University of Munich (TUM) : RSM Haarmann Hemmelrath, Munich : RSM Hemmelrath, Munich : Mazars Hemmelrath, Munich Since 2009: RSM Altavis, Hamburg Head of Risk Advisory Services Germany Member of the European Center of Excellence Risk Management Key Activities Areas: Risk Management Internal Audit Internal Control Systems Forensic Services Corporate Governance / Compliance Training / Coaching / Publications Sectors: Private Sector: Machinery and Plant Engineering (Food & Bever ages), Manufacturing, Healthcare, Transport / Logistic, Energy &Utilities, Software Public Sector / Non-profit Organizations RSM Altavis GmbH ist unabhängiges Mitglied von RSM International, einem Zusammenschluss unabhängiger Wirtschaftsprüfungs- und Steuerberatungsgesellschaften. RSM International ist der Name eines Netzwerks unabhängiger Wirtschaftsprüfungs- und Steuerberatungsgesellschaften, in dem jede einzelne Gesellschaft als eigenständige unternehmerische Einheit operiert. ist der Name für den deutschen Teil dieses Netzwerks. RSM International und stellen weder unter nationaler noch nach internationaler Gesetzgebung eigene juristische Personen dar.

9 For further information please contact: Jungfernstieg 30, D Hamburg T F RSM Altavis GmbH RSM Altavis GmbH is an independent member firm of RSM International, an affiliation of independent accounting and consulting firms. RSM International is the name given to a network of independent accounting and consulting firms each of which practices in its own right. ist the name given to the German representative of RSM International. RSM International and do not exist in any jurisdiction as separate legal entities.