Aktuelle Version vom 6. August 2024, 13:35 Uhr

Treatment R&O

The menu item Treatment R&O (risks & opportunities) offers three views that help get an overview of risks and opportunities and see how they are handled.

To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the image.

In each one of the views you can choose whether you want to see all risks and opportunities or only those of the current management system.

Measures

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control-Matrix", all measures available in the current management system for treatment are listed with their assigned risks and opportunities.

Click on an arrow next to a measure and see what risks and opportunities it is assigned to. Click the measure itself to be taken to it and see its progress, if you are an Expert or Professional for the administration of measures and controls.

Measures - Risks & opportunities - Resources

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all measures that serve to treat risks and opportunities in the current management system are listed with all linked risks/opportunities and resources.

This overview helps to identify which measure is responsible for the elimination or reduction of one or more risks or the exploitation of one or more opportunities. It also shows which resources are threatened by the risks or empowered by the opportunities.

Risk-Control-Matrix

Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | Risk-Control Matrix", all risks from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk are also displayed for the risks. Opportunities are also shown in this overview, however its focus is on the risk.

The risk-control-matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.

Double-click on an entry to open the respective risk or opportunity.

To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see image below).

Using the option "Display measures" (checkbox at the top left), in addition to the controls the measures assigned to the risks can be displayed in the risk-control-matrix. They are shown in the respective control columns; see more about the mapping here.

Columns

The following section describes what content can be found in each column.

Entity: Entities associated with the risk are displayed here.

Column	Description
Type	The type (data category, process, OrgEh, resource) of the entity.
Name	The name of the entity in question.
Description	Description of the respective resource.

Risk: The header data of the risk is displayed here.

Column	Description
Code	The abbreviation of the risk.
Name	The name of the risk.
Description	A detailed description of the risk.
Status	Is the risk active, has it been suspended or closed?
Assessment gross risk/current risk	Gross risk - The initial risk, before any measures or controls were implemented for its treatment. Current risk - This is the assessment of the risk after taking all implemented treatment measures and controls into consideration How was the risk assessed? - Probability of occurrence: How likely is it that the risk will occur? - Extent of damage: If it occurs, what is the amount of damage done? - RR/Score: The risk score that results from combining the probability of occurrence and the extent of damage.

Control: The relevant header data of the controls assigned to the risk. If the option "Display measures" is active, the information of the measures is also shown in these columns.

Column	Description
Code	Control code. Measure code.
Control objective	The purpose of the control (name of the control). The name of the measure.
Description	Description of what will be implemented during the control (control measure). Description of what will be implemented by the measure (measure description).
Frequency	How often the control is repeated. The value for measures is "Once".
State	Is the control active, has it been suspended or deactivated? (control state) Is the measure open, completed, planned, suspended, or canceled? (measure state)
Preventive/Corrective	Is it a preventive or corrective control? For measures, "preventive" is shown for improvement measures and/or "corrective" for corrective measures.
Evidence	Documentation of the control execution for controls. The report of the latest accepted progress report or the text "no progress report available" for measures.
Responsibility/carried out by	Person responsible for carrying out the control (implementer). Person responsible for the measure.
Done on	Date of control execution. Date of the measure completion.
Type	This column can be used to distinguish controls and measures, and to filter them.

@@ Zeile 1: / Zeile 1: @@
+=Treatment R&O=
+The menu item Treatment R&O (risks & opportunities) offers three views that help get an overview of risks and opportunities and see how they are handled.
+To navigate to the individual views, it is necessary to click on the respective item in the menu shown in the image.
-Der Menüpunkt Risikobehandlung stellt drei Ansichten zur Verfügung, die dabei helfen einen Überblick über Gefährdungslagen zu erhalten und zu sehen wie mit diesen umgegangen wird.
+In each one of the views you can choose whether you want to see all risks and opportunities or only those of the current management system.
-Um zu den einzelnen Ansichten zu navigieren, muss im Menü, das in der Abbildung gezeigt wird, auf den jeweiligen Punkt geklickt werden.
+[[Datei:Risikobehandlung Navigation.png|left|thumb|900px|Treatment R&O navigation]]
-[[Datei:Risikobehandlung Navigation.png|left|thumb|900px|Risikobehandlung Navigation]]
 <br clear=all>
-== Maßnahmen ==
+<span id="Maßnahmen"></span>
+== Measures ==
-Unter "Risikomanagement → Risikobehandlung → <u>Maßnahmen</u> | Maßnahmen-Risiken-Ressourcen | Risiko-Kontroll-Matrix" werden alle Maßnahmen, die im aktuellen Managementsystem zur Risikobehandlung zur Verfügung stehen, mit ihren zugeteilten Risiken angeführt.
-Klicken Sie auf den Pfeil einer Maßnahme und es wird Ihnen angezeigt zu welchen Risiken diese zugeteilt ist. Klicken Sie auf die Maßnahme selbst dann werden Sie, wenn Sie in der Maßnahmen- bzw. der Kontrollverwaltung ein Professional sind, zu dieser weitergeleitet und können den Fortschritt der Maßnahme begutachten.
+Under "Risk Management → Treatment R&O → <u>Measures</u> | Measures - Risks & opportunities - Resources | Risk-Control-Matrix", all measures available in the current management system for treatment are listed with their assigned risks and opportunities.
-<!--Klicken Sie auf ein zugeteiltes Risiko, werden Sie dazu weitergeleitet und können es bearbeiten oder betrachten.-->
+Click on an arrow next to a measure and see what risks and opportunities it is assigned to. Click the measure itself to be taken to it and see its progress, if you are an Expert or Professional for the administration of measures and controls.
-[[Datei:Risikobehandlung Maßnahmen.png|left|thumb|901px|Maßnahmen]]
+[[Datei:Risikobehandlung Maßnahmen.png|left|thumb|900px|Measures]]
 <br clear=all>
-== Maßnahmen-Risiken-Ressourcen==
+<span id="Maßnahmen_-_Risiken_&amp;_Chancen_-_Ressourcen"></span>
+== Measures - Risks & opportunities - Resources==
-Unter "Risikomanagement → Risikobehandlung → Maßnahmen | <u>Maßnahmen-Risiken-Ressourcen</u> | Risiko-Kontroll-Matrix" werden alle Maßnahmen, die im aktuellen Managementsystem zur Risikobehandlung dienen, mit allen verknüpften Risiken und Ressourcen angeführt.
+Under "Risk Management → Treatment R&O → Measures | <u>Measures - Risks & opportunities - Resources</u> | Risk-Control Matrix", all measures that serve to treat risks and opportunities in the current management system are listed with all linked risks/opportunities and resources.
-Diese Übersicht hilft zu erkennen welche Maßnahme für die Behebung oder Verminderung einer oder mehrerer Risiken zuständig ist. Weiters ist ersichtlich welche Ressource durch das Risiko bedroht ist.
+This overview helps to identify which measure is responsible for the elimination or reduction of one or more risks or the exploitation of one or more opportunities. It also shows which resources are threatened by the risks or empowered by the opportunities.
+[[Datei:Maßnahmen GFL Ressourcen.png|left|thumb|900px|Measures - Risks & opportunities - Resources]]
+<br clear=all>
-[[Datei:Maßnahmen Risiken Ressourcen.png|left|thumb|901px|Maßnahmen-Risiken-Ressourcen]]
+<span id="Risiko-Kontroll-Matrix"></span>
-<br clear=all>
+== <span id="riskControlMatrix"></span> Risk-Control-Matrix ==
-== Risiko-Kontroll-Matrix ==
+Under "Risk Management → Treatment R&O → Measures | Measures - Risks & opportunities - Resources | <u>Risk-Control Matrix</u>", all risks from all management systems (which are not set to private) are displayed. The respective controls that are linked to the risk are also displayed for the risks. Opportunities are also shown in this overview, however its focus is on the risk.
-Unter "Risikomanagement → Risikobehandlung → Maßnahmen | Maßnahmen-Risiken-Ressourcen | <u>Risiko-Kontroll-Matrix</u>" werden alle Gefährdungslagen aus allen Managementsystemen (die nicht auf privat gestellt sind) angezeigt. Zu den Gefährdungslagen werden auch die jeweiligen Kontrollen, die mit der Gefährdungslage verknüpft sind, angezeigt.
+The risk-control-matrix complies with the minimum requirements of Section 11 (1) (5) SKS-PV and thus meets essential requirements of tax control systems used by tax advisors and auditors.
-Die Risiko-Kontroll-Matrix entspricht den Mindestanforderungen des § 11 Abs. 1 Z 5 SKS-PV und erfüllt somit wesentliche Anforderungen von Steuerkontrollsystemen, die von Steuerberatern und Wirtschaftsprüfern verwendet werden.
+Double-click on an entry to open the respective risk or opportunity.
-Durch Doppelklick auf einen Eintrag öffnet sich die jeweilige Gefährdungslage.
+To view all columns, the scrollbar at the bottom of the table can be used. Furthermore, the table can also be exported to Excel (see image below).
-Um alle Spalten einzusehen, kann die Scrollbar unten in der Tabelle verwendet werden. Weiters kann die Tabelle auch in Excel exportiert werden (siehe Abbildung unten).
+Using the option "Display measures" (checkbox at the top left), in addition to the controls the measures assigned to the risks can be displayed in the risk-control-matrix. They are shown in the respective control columns; see more about the mapping [[#control_columns| here]].
-[[Datei:Risiko Kontroll Matrix.png|left|thumb|902px|Risiko-Kontroll-Matrix]]
+[[Datei:Risiko Kontroll Matrix.png|left|thumb|903px|Risk-Control-Matrix]]
 <br clear=all>
-=== Spalten ===
+<span id="Spalten"></span>
+=== Columns ===
-Im folgenden Abschnitt wird beschrieben welcher Inhalt in den einzelnen Spalten zu finden ist.
+The following section describes what content can be found in each column.
-[[Datei:Risiki Kontroll Matrix Headers 1.PNG|left|thumb|900px|Risiko-Kontroll-Matrix Spaltentitel (1/2)]]
+[[Datei:Risiki Kontroll Matrix Headers 1.PNG|left|thumb|900px|Risk-Control-Matrix column title (1/2)]]
 <br clear=all>
-<b>Entität: </b>
+<b>Entity:</b> Entities associated with the risk are displayed here.
-:Hier werden Entitäten, die mit der Gefährdungslage verknüpft sind, angezeigt.
-:* Typ:
+{| class="wikitable"
-::: Der Typ (Datenkategorie, Prozess, OrgEh, Ressource) der Entität.
+!Column
-:* Bezeichnung:
+!Description
-::: Die Bezeichnung der jeweiligen Entität.
+|-
-:* Beschreibung:
+!Type
-::: Beschreibung der jeweiligen Ressource.
+|The type (data category, process, OrgEh, resource) of the entity.
-<b>Gefährdungslage:</b>
+|-
-: Hier werden die Kopfdaten der Gefährdungslage angezeigt.
+!Name
-:* Kürzel:
+|The name of the entity in question.
-::: Kürzel der Gefährdungslage.
+|-
-:* Bezeichnung:
+!Description
-::: Bezeichnung der Gefährdungslage.
+|Description of the respective resource.
-:* Beschreibung:
+|}
-::: Eine verbale Beschreibung der Gefährdungslage.
-:* Status:
+<b>Risk:</b> The header data of the risk is displayed here.
-::: Ist die Gefährdungslage aktiv, wurde ausgesetzt oder geschlossen?
-:* <u>Bewertung:</u>
+{| class="wikitable"
-::: Wie wurde die Gefährdungslage bewertet?
+!Column
-:::- Eintrittswahrscheinlichkeit:
+!Description
-:::: Wie wahrscheinlich ist es, dass die Gefährdungslage eintritt?
+|-
-:::- Schadensausmaß:
+!Code
-:::: Wenn sie eintritt, wie hoch ist der angerichtete Schaden?
+|The abbreviation of the risk.
-:::- Score:
+|-
-:::: Die Risikokennzahl die sich aus Kombination von Eintrittswahrscheinlichkeit und Schadensausmaß ergibt.
+!Name
+|The name of the risk.
+|-
+!Description
+|A detailed description of the risk.
+|-
+!Status
+|Is the risk active, has it been suspended or closed?
+|-
+!Assessment gross risk/current risk
+|Gross risk - The initial risk, before any measures or controls were implemented for its treatment.<br>Current risk - This is the assessment of the risk after taking all implemented treatment measures and controls into consideration<br><br>How was the risk assessed?<br>- Probability of occurrence: How likely is it that the risk will occur?<br>- Extent of damage: If it occurs, what is the amount of damage done?<br>- RR/Score: The risk score that results from combining the probability of occurrence and the extent of damage.
+|}
+[[Datei:Risiki Kontroll Matrix Headers 2.PNG|left|thumb|900px|Risk-Control-Matrix column title  (2/2)]]<br clear=all>
+<b>Control:</b> The relevant header data of the controls assigned to the risk. If the option "Display measures" is active, the information of the measures is also shown in these columns.
-[[Datei:Risiki Kontroll Matrix Headers 2.PNG|left|thumb|900px|Risiko-Kontroll-Matrix Spaltentitel (2/2)]]<br clear=all>
+{| class="wikitable"
-<b>Kontrolle:</b>
+!Column
-: Die relevanten Kopfdaten der zur Gefährdungslage zugeteilten Kontrolle.
+!Description
-:* Kürzel:
+|-
-::: Abkürzung der Kontrolle.
+!Code
-:* Kontrollziel:
+|Control code.<br>Measure code.
-::: Den Zweck, den die Kontrolle erfüllen soll (Bezeichnung der Kontrolle).
+|-
-:* Beschreibung:
+!Control objective
-::: Beschreibung was im Zuge der Kontrolle umgesetzt wird (Kontrollmaßnahme).
+|The purpose of the control (name of the control).<br>The name of the measure.
-:* Frequenz:
+|-
-::: Wie oft wiederholt sich die Kontrolle?
+!Description
-:* Status:
+|Description of what will be implemented during the control (control measure).<br>Description of what will be implemented by the measure (measure description).
-::: Ist die Kontrolle aktiv, wurde ausgesetzt oder deaktiviert?
+|-
-:* Kontrollumfang:
+!Frequency
-::: Handelt es sich um eine vollständige Kontrolle, Stichproben oder ist dies nicht festgelegt?
+|How often the control is repeated.<br>The value for measures is "Once".
-:* Präventiv / Korrektiv:
+|-
-::: Handelt es sich um eine Kontrollen zur Vorbeugung oder Korrektur?
+!State
-:* Nachweis:
+|Is the control active, has it been suspended or deactivated? (control state)<br>Is the measure open, completed, planned, suspended, or canceled? (measure state)
-::: Dokumentation der Kontrolldurchführung
+|-
-:* Verantwortung / durchgeführt von:
+!Preventive/Corrective
-::: Verantwortlicher für die Durchführung der Kontrolle (Umsetzer).
+|Is it a preventive or corrective control?<br>For measures, "preventive" is shown for improvement measures and/or "corrective" for corrective measures.
-:* Erledigt am:
+|-
-::: Datum der Kontrolldurchführung.
+!Evidence
+|Documentation of the control execution for controls.<br>The report of the latest accepted progress report or the text "no progress report available" for measures.
+|-
+!Responsibility/carried out by
+|Person responsible for carrying out the control (implementer).<br>Person responsible for the measure.
+|-
+!Done on
+|Date of control execution.<br>Date of the measure completion.
+|-
+!Type
+|This column can be used to distinguish controls and measures, and to filter them.
+|}