Substantial changes to valuation and accounting regulations have been introduced by the German Accounting Law Modernization Act (Bilanzrechtsmodernisierungsgesetz-BilMoG), which applies to all accounting years starting after December 31, 2009. The Act aims to align German accounting law with the international IFRS (International Financial Reporting Standards) standards. Annual financial statements as required under German commercial law will thus increase in importance and be more internationally comparable. Corporate governance rules are also covered, with the focus being on monitoring the Internal Control System (ICS) and risk management. The main features of internal control and risk management must be described. Establishment of these systems is determined by individual requirements and necessities.
What is the main driver behind this requirement? In addition to documenting internal controls and risk management, the main goal should be to ensure the effectiveness of the new system. When it comes to assessing the effectiveness of an internal control system, a "standardized" level of maturity needs to be achieved in terms of the maturity model. This level encompasses standardized controls and regular control tests involving control design and execution. Only tests performed on a periodic basis are able to ensure the required effectiveness of implemented controls.
ARIS Solution for Governance, Risk & Compliance Management (ARIS GRC) supports these tasks by offering a workflow that assigns control tests to employees for execution and tasks to other users for analysis of specific results. Further findings/issues can be managed and stored in an audit-proof manner along with all other data. Supported by mapped processes that include risks and controls, ARIS GRC ensures the effectiveness of the implemented Internal Control System.
Additional links:
- all articles of the #LoungeTalk series
- www.grc-lounge.com
- GRC discussion group at ARIS Community
- Governance, Risk, and Compliance category