Through upscale market demands in the form of increased competition situations, higher expectations of the shareholders and complex business models, it is becoming increasingly difficult for companies to achieve and safeguard plan goals. Consciously taking risks and avoiding errors in this context are important factors for the achievement of objectives. Therefore, a structured risk management is an indispensable instrument to achieve growth and business objectives. With the extended approach of Enterprise Risk Management (ERM), the integrated corporate control is performed. The Internal Control System (ICS) as a part of the ERM is recognized to manage risk through controls. Internal controls are reactions to an identified and assessed risk. Effective corporate governance can only be perceived through the integration of ICS and ERM. In the literature and in many companies, risk management and ICS are considered as isolated systems. The effects are separated units in the organizational structure, isolated business processes and artefacts and different systems for the implementation of risk management and ICS. To achieve the integration of the two systems, a generally applicable model for integration of risk management and ICS is created with the present work. Another essential aspect of the work is the creation of a process model to implement the integration. The methodological basis for the modelling is the Semantic Object Model (SOM). The models themselves are created with the Unified Modelling Language (UML) as a semantic class diagram.
Archived Files and Locations
|application/pdf 6.6 MB ||
access all versions, variants, and formats of this works (eg, pre-prints)