The auditing standard IDW PS 980 mentions "compliance monitoring and compliance improvement" as a necessary element of an adequate compliance management system. A compliance management system should be dynamic and must not be static, because otherwise it would only be a snapshot without a dynamic process.
Appropriate monitoring of a CMS takes place in two ways: firstly, through process-integrated controls and secondly, through system audits.
The CMS audit team of FS-PP Berlin is qualified: Dr Rainer Frank and Dr Leonie Lo Re are specialist lawyers for criminal law, certified and re-certified Compliance Auditors (TÜV) and Compliance Officers (Steinbeis). Fabian Breuer is a lawyer and Compliance Officer (Steinbeis).
Since 2018, CMS audits have been regularly conducted in medium-sized and smaller companies. The clients typically pursue one of four purposes:
- Recording existing compliance elements in order to build a compliance management system.
System audit in the compliance monitoring and compliance improvement function.
Preparation of a CMS certification audit
Compliance reporting to management, supervisory body and shareholders
Audits are carried out on the basis of transparent project plans agreed with the client. The audit tools are document analysis and interviews. Reporting is done through interim reports and a final report.
Reference audits can be named.