Risk Strategy and Analytics

Risk management involves the systematic identification, assessment and control of all internal and external developments and events that may have a negative impact on a company's objectives. 

Effective risk management is necessary to proactively manage risks in order to achieve business objectives and meet external stakeholder requirements.

The term risk aggregation refers to the systematic combination of individual risks into an overall risk position.

Monte Carlo simulation is a simulation method that calculates the distribution of possible outcomes of the total risk exposure. It performs multiple iterations in which, for each iteration, the specific characteristics of each risk are randomly determined with respect to the underlying risk assessment parameters (probability of occurrence and impact). The Monte Carlo simulation performs several thousand runs and presents the results as a distribution of the possible outcomes of the total risk exposure by relative frequency. It represents a sound simulation technique for determining the overall risk position.

The IDW AsS 340 specifies the audit of the early risk detection system (RFS) for listed stock corporations and describes its essential elements. It applies to all companies for which auditors are required, in accordance with Section 317 (4) of the German Commercial Code (HGB) for listed stock corporations (Section 3 (2) of the German Stock Corporation Act (AktG)), to assess in the course of the audit of the annual financial statements whether the Management Board has taken the measures incumbent upon it pursuant to Section 91 (4) of the German Stock Corporation Act (AktG) ("early risk detection system") in a suitable form and whether the monitoring system to be set up in accordance therewith can fulfill its tasks.

The voluntary audit of corporate governance systems, such as the audit of the compliance management system in accordance with IDW PS 980, the risk management system in accordance with IDW PS 981, the internal control system of internal and external reporting in accordance with IDW PS 982, and the internal audit system in accordance with IDW PS 983, must be distinguished from this.