Aktuelle Version vom 6. August 2024, 13:35 Uhr

Treatment R&O

The menu item Treatment R&O (risks & opportunities) offers three views that help get an overview of risks and opportunities and see how they are handled.

To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the image.

In each one of the views you can choose whether you want to see all risks and opportunities or only those of the current management system.

Measures

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control-Matrix", all measures available in the current management system for treatment are listed with their assigned risks and opportunities.

Click on an arrow next to a measure and see what risks and opportunities it is assigned to. Click the measure itself to be taken to it and see its progress, if you are an Expert or Professional for the administration of measures and controls.

Measures - Risks & opportunities - Resources

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all measures that serve to treat risks and opportunities in the current management system are listed with all linked risks/opportunities and resources.

This overview helps to identify which measure is responsible for the elimination or reduction of one or more risks or the exploitation of one or more opportunities. It also shows which resources are threatened by the risks or empowered by the opportunities.

Risk-Control-Matrix

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all risks from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk are also displayed for the risks. Opportunities are also shown in this overview, however its focus is on the risk.

The risk-control-matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.

Double-click on an entry to open the respective risk or opportunity.

To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see image below).

Using the option "Display measures" (checkbox at the top left), in addition to the controls the measures assigned to the risks can be displayed in the risk-control-matrix. They are shown in the respective control columns; see more about the mapping here.

Columns

The following section describes what content can be found in each column.

Entity: Entities associated with the risk are displayed here.

Column	Description
Type	The type (data category, process, OrgEh, resource) of the entity.
Name	The name of the entity in question.
Description	Description of the respective resource.

Risk: The header data of the risk is displayed here.

Column	Description
Code	The abbreviation of the risk.
Name	The name of the risk.
Description	A detailed description of the risk.
Status	Is the risk active, has it been suspended or closed?
Assessment gross risk/current risk	Gross risk - The initial risk, before any measures or controls were implemented for its treatment. Current risk - This is the assessment of the risk after taking all implemented treatment measures and controls into consideration How was the risk assessed? - Probability of occurrence: How likely is it that the risk will occur? - Extent of damage: If it occurs, what is the amount of damage done? - RR/Score: The risk score that results from combining the probability of occurrence and the extent of damage.

Control: The relevant header data of the controls assigned to the risk. If the option "Display measures" is active, the information of the measures is also shown in these columns.

Column	Description
Code	Control code. Measure code.
Control objective	The purpose of the control (name of the control). The name of the measure.
Description	Description of what will be implemented during the control (control measure). Description of what will be implemented by the measure (measure description).
Frequency	How often the control is repeated. The value for measures is "Once".
State	Is the control active, has it been suspended or deactivated? (control state) Is the measure open, completed, planned, suspended, or canceled? (measure state)
Preventive/Corrective	Is it a preventive or corrective control? For measures, "preventive" is shown for improvement measures and/or "corrective" for corrective measures.
Evidence	Documentation of the control execution for controls. The report of the latest accepted progress report or the text "no progress report available" for measures.
Responsibility/carried out by	Person responsible for carrying out the control (implementer). Person responsible for the measure.
Done on	Date of control execution. Date of the measure completion.
Type	This column can be used to distinguish controls and measures, and to filter them.

@@ Zeile 1: / Zeile 1: @@
+=Treatment R&O=
+The menu item Treatment R&O (risks & opportunities) offers three views that help get an overview of risks and opportunities and see how they are handled.
+To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the image.
-The menu item Risk Handling provides three views that help to get an overview of hazard situations and to see how they are handled.
+In each one of the views you can choose whether you want to see all risks and opportunities or only those of the current management system.
-To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the figure.
+[[Datei:Risikobehandlung Navigation.png|left|thumb|900px|Treatment R&O navigation]]
-[[Datei:Risikobehandlung Navigation.png|left|thumb|900px|Risk treatment navigation]]
 <br clear=all>
+<span id="Maßnahmen"></span>
 == Measures ==
-Under "Risk Management → Risk Treatment → <u>Measures</u> | Measures-Risks-Resources | Risk-Control Matrix", all measures available in the current management system for risk treatment are listed with their assigned risks.
+Under "Risk Management → Treatment R&O → <u>Measures</u> | Measures - Risks & opportunities - Resources | Risk-Control-Matrix", all measures available in the current management system for treatment are listed with their assigned risks and opportunities.
-Click on the arrow of a measure and you will see to which risks it is assigned. Click on the measure itself and, if you are a professional in the measure or control management, you will be redirected to it and you will be able to view the progress of the measure.
-<!--Click on an assigned risk, you will be redirected to it and can edit or view it.-->
+Click on an arrow next to a measure and see what risks and opportunities it is assigned to. Click the measure itself to be taken to it and see its progress, if you are an Expert or Professional for the administration of measures and controls.
-[[Datei:Risikobehandlung Maßnahmen.png|left|thumb|901px|Measures]]
+[[Datei:Risikobehandlung Maßnahmen.png|left|thumb|900px|Measures]]
 <br clear=all>
-== Measures-Risks-Resources==
+<span id="Maßnahmen_-_Risiken_&amp;_Chancen_-_Ressourcen"></span>
+== Measures - Risks & opportunities - Resources==
-Under "Risk Management → Risk Treatment → Measures | <u>Measures-Risks-Resources</u> | Risk-Control Matrix", all measures that serve to treat risks in the current management system are listed with all linked risks and resources.
+Under "Risk Management → Treatment R&O → Measures | <u>Measures - Risks & opportunities - Resources</u> | Risk-Control Matrix", all measures that serve to treat risks and opportunities in the current management system are listed with all linked risks/opportunities and resources.
-Diese Übersicht hilft zu erkennen welche Maßnahme für die Behebung oder Verminderung einer oder mehrerer Risiken zuständig ist. Weiters ist ersichtlich welche Ressource durch das Risiko bedroht ist.
+This overview helps to identify which measure is responsible for the elimination or reduction of one or more risks or the exploitation of one or more opportunities. It also shows which resources are threatened by the risks or empowered by the opportunities.
+[[Datei:Maßnahmen GFL Ressourcen.png|left|thumb|900px|Measures - Risks & opportunities - Resources]]
+<br clear=all>
-[[Datei:Maßnahmen Risiken Ressourcen.png|left|thumb|901px|Measures-Risks-Resources]]
+<span id="Risiko-Kontroll-Matrix"></span>
-<br clear=all>
+== <span id="riskControlMatrix"></span> Risk-Control-Matrix ==
-== <span id="riskControlMatrix"></span> Risk Control Matrix ==
+Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | <u>Risk-Control Matrix</u>", all risks from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk are also displayed for the risks. Opportunities are also shown in this overview, however its focus is on the risk.
-Under "Risk Management → Risk Treatment → Measures | Measures-Risks-Resources | <u>Risk-Control Matrix</u>", all hazard situations from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk situation are also displayed for the risk situations.
+The risk-control-matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.
-The risk control matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.
+Double-click on an entry to open the respective risk or opportunity.
-Double-click on an entry to open the respective hazard situation.
+To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see image below).
-To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see figure below).
+Using the option "Display measures" (checkbox at the top left), in addition to the controls the measures assigned to the risks can be displayed in the risk-control-matrix. They are shown in the respective control columns; see more about the mapping [[#control_columns| here]].
-[[Datei:Risiko Kontroll Matrix.png|left|thumb|903px|Risk Control Matrix]]
+[[Datei:Risiko Kontroll Matrix.png|left|thumb|903px|Risk-Control-Matrix]]
 <br clear=all>
+<span id="Spalten"></span>
 === Columns ===
 The following section describes what content can be found in each column.
-[[Datei:Risiki Kontroll Matrix Headers 1.PNG|left|thumb|900px|Risk Control Matrix Column Title (1/2)]]
+[[Datei:Risiki Kontroll Matrix Headers 1.PNG|left|thumb|900px|Risk-Control-Matrix column title (1/2)]]
 <br clear=all>
-<b>Entity:</b>
+<b>Entity:</b> Entities associated with the risk are displayed here.
-:Entities associated with the hazard location are displayed here.
-:* Type:
+{| class="wikitable"
-::: The type (data category, process, OrgEh, resource) of the entity.
+!Column
-:* Designation:
+!Description
-::: The name of the entity in question.
+|-
-:* Description:
+!Type
-::: Description of the respective resource.
+|The type (data category, process, OrgEh, resource) of the entity.
-<b>Hazard Location:</b>.
+|-
-: The header data of the hazard layer is displayed here.
+!Name
-:* Abbreviation:
+|The name of the entity in question.
-:: abbreviation of the hazard layer.
+|-
-:* Designation:
+!Description
-::: Designation of the hazard layer.
+|Description of the respective resource.
-:* Description:
+|}
-::: A verbal description of the hazard situation.
-:* Status:
+<b>Risk:</b> The header data of the risk is displayed here.
-::: Is the hazard layer active, has it been suspended or closed?
-:* <u>Assessment:</u>
+{| class="wikitable"
-::: How was the hazard situation assessed?
+!Column
-:::- Probability of occurrence:
+!Description
-:::: How likely is it that the hazard situation will occur?
+|-
-:::- Extent of damage:
+!Code
-:::: If it occurs, what is the amount of damage done?
+|The abbreviation of the risk.
-:::- Score:
+|-
-:::: The risk score that results from combining the probability of occurrence and the extent of damage.
+!Name
+|The name of the risk.
+|-
+!Description
+|A detailed description of the risk.
+|-
+!Status
+|Is the risk active, has it been suspended or closed?
+|-
+!Assessment gross risk/current risk
+|Gross risk - The initial risk, before any measures or controls were implemented for its treatment.<br>Current risk - This is the assessment of the risk after taking all implemented treatment measures and controls into consideration<br><br>How was the risk assessed?<br>- Probability of occurrence: How likely is it that the risk will occur?<br>- Extent of damage: If it occurs, what is the amount of damage done?<br>- RR/Score: The risk score that results from combining the probability of occurrence and the extent of damage.
+|}
+[[Datei:Risiki Kontroll Matrix Headers 2.PNG|left|thumb|900px|Risk-Control-Matrix column title  (2/2)]]<br clear=all>
+<b>Control:</b> The relevant header data of the controls assigned to the risk. If the option "Display measures" is active, the information of the measures is also shown in these columns.
-[[Datei:Risiki Kontroll Matrix Headers 2.PNG|left|thumb|900px|Risk Control Matrix Column Title  (2/2)]]<br clear=all>
+{| class="wikitable"
-<b>Control:</b>
+!Column
-: The relevant header data of the control assigned to the hazard situation.
+!Description
-:* Abbreviation:
+|-
-:: control abbreviation.
+!Code
-:* Control objective:
+|Control code.<br>Measure code.
-::: The purpose to be served by the control (name of the control).
+|-
-:* Description:
+!Control objective
-::: Description of what will be implemented during the control (control measure).
+|The purpose of the control (name of the control).<br>The name of the measure.
-:* Frequency:
+|-
-::: How often the control is repeated.
+!Description
-:* Status:
+|Description of what will be implemented during the control (control measure).<br>Description of what will be implemented by the measure (measure description).
-::: Is the control active, has it been suspended or deactivated?
+|-
-:* Control scope:
+!Frequency
-::: Is it a full control, sampling or is this not specified?
+|How often the control is repeated.<br>The value for measures is "Once".
-:* Preventive / Corrective:
+|-
-::: Is it a preventive or corrective controls?
+!State
-:* Evidence:
+|Is the control active, has it been suspended or deactivated? (control state)<br>Is the measure open, completed, planned, suspended, or canceled? (measure state)
-::: Documentation of the control execution
+|-
-:* Responsibility / carried out by:
+!Preventive/Corrective
-::: Person responsible for carrying out the control (implementer).
+|Is it a preventive or corrective control?<br>For measures, "preventive" is shown for improvement measures and/or "corrective" for corrective measures.
-:* Completed on:
+|-
-::: Date of control implementation.
+!Evidence
+|Documentation of the control execution for controls.<br>The report of the latest accepted progress report or the text "no progress report available" for measures.
+|-
+!Responsibility/carried out by
+|Person responsible for carrying out the control (implementer).<br>Person responsible for the measure.
+|-
+!Done on
+|Date of control execution.<br>Date of the measure completion.
+|-
+!Type
+|This column can be used to distinguish controls and measures, and to filter them.
+|}