+49 89 45242970100 service@sp-unternehmerforum.de

Internal Audit

Internal Audit

The Three Lines of Defense model: Internal audit as an integral part of the internal control system. Risk management, compliance and internal auditing are indispensable representatives of the management. When implementing an internal audit, organizational independence must be taken into account. The new revision standards DIIR No. 3 and Germand IDW Standard 983 apply in practice for a secure internal audit organization.

The application of the DIIR and IDW standards is highly relevant for managing directors, board members and supervisory boards in the fulfillment of good corporate governance. With our seminar series Internal Audit – What is important to get the S & P Checks discharge of the management – regularity check, transparency register – Implementation of the new AMLA, minimum requirements for corporate organization rules and accounting due diligence.

Current project reports from our ongoing auditing activities can be found in the healthcare sector, risk management in companies and the compliance test for good corporate governance.



Target group: The Internal Audit – Optimizer and Safer Business Processes

  • Managing Directors, Management Board and Supervisory Board,
  • Head and employees of the internal audit, authorized signatories and executives of the company


Business Judgment Rule – What is important?

For senior management to act in an entrepreneurial decision for the benefit of society, it is essential that senior management can rely on reliable information. In doing so, Internal Audit takes over the important information as a quality assurance provider and as an information provider. A sensitive special case arises when the internal audit determines that the management body in principle under-informed or unaudited information used as a basis for decision.


Minimun Requirements for IT – New requirements for IT security management

The German Banking Authority published Minimum Requirements for for IT. This announcement is effective immediately. There are no implementation deadlines. The MR-IT includes regulations on the following topics:

  • IT strategy
  • IT Governance
  • Information Risk Management
  • Information Security Management
  • User authority management
  • IT projects, application development (including end users in the departments)
  • IT operation (including data backup)
  • Outsourcing and other outsourcing of IT services

Pin It on Pinterest