What are internal control systems?
Annual planning process as a key element of the ICS
The controlling activities include an annual planning process that is based on an integrated bottom-up planning approach. The process includes budgeting of the income statement figures, the balance sheet and the cash flows of the following business year and medium-term planning for a horizon of four years. The monthly comparison of actual results with the forecasts for the respective period is an essential element of the internal control and risk management system. In addition, all subsidiaries prepare updated forecasts of the expected annual results three times a year. The ERP Audit Cockpit was introduced as yet another control instrument. This is a software tool integrated throughout the Group to support the local management in the implementation, documentation and monitoring of controlling measures. In cooperation with external auditors, the ERP authorization regime was revised and authorization conflicts were identified and eliminated. Control reports were developed as integral parts of the Audit Cockpit and serve to minimize risks through a clear definition of tasks and responsibilities within the ERP control environment.
For the purposes of risk assessment and in preparation for the annual internal audit activities, a risk-based audit plan is drawn up annually in coordination with the Managing Board and the Supervisory Board. Following the schedule laid down in the audit plan, Internal Audit audits all Group companies at regular intervals of at least three years for compliance with the ICS. Moreover, operational processes are reviewed for their risk potential and possible improvements of efficiency. Acting as the central monitoring body for the internal control system, internal Audit also verifies compliance with legal provisions and internal guidelines. Furthermore, Internal Audit performs ad-hoc audits when so requested by the management.