Creating freedom and minimising risks through the use of innovative IT systems
Contract management as standard software and part of the internal control system
Martin Schlaghecke, Managing Director at The Quality Group GmbH
Published in: DiALOG - THE MAGAZINE FOR ENTERPRISE INFORMATION MANAGEMENT | MARCH 2015
Standard software solutions that are used across departmental boundaries in the sense of a company-wide implementation are known as "Enterprise Information Management Systems" (EIM). The starting point is the definition of EIM, which includes the holistic management of all information in the company regardless of location, user, author, generating system, application, format, device and time. Let us now take a look at the specific topics in connection with the processes surrounding a company's contracts: contracts play a central role in a wide variety of ways in every company. The management of these contracts is a mission-critical task, not only because of compliance with laws on control and transparency in the corporate sector. The improper handling of contracts can harbour considerable risks for the company. Contract management forms the foundation for a company's business activities and should therefore be part of a monitoring system, as required by international legislation.
The processing, administration and evaluation of contracts is a central component of business activities and thus of the risk potential, in which several departments in a company are usually involved. The main departments to be mentioned are the legal department and auditing, investment management, marketing and sales, purchasing, finance and controlling through to information technology.
The individual departments sometimes have different requirements for a contract management system. This is why a knowledge platform such as the TQG businessApp cloud platform offers not only the smartLCM contract management module but also specialised add-on modules that ideally complement the standard system for general contract management.
The main sources of error identified are the difficulty in finding contracts, the risks associated with their content, the loss of contracts and missed deadlines. In addition to these administrative tasks, it is important to recognise and manage the financial risks arising from contracts in good time. Due to electronic access to all information and documents, contract management has become increasingly important for companies. But boards, auditors and third parties, such as supervisory boards, investors and auditors, are also pushing for this as part of their risk assessment and supervisory duties. The contract management system should be equipped as standard software to optimise company-wide and integrated contract management with decentralised recording and administration of contract-relevant information and central, integrated contract controlling. Automation of the processes of contract conclusion, contract management, deadline and project monitoring and parts of risk management through direct access to the company's global information is required.
The contract management system can be introduced either for one department, e.g. the legal department, for several departments of a company or within a group of companies, both nationally and internationally. The more employees benefit from this automation and standardisation process across departments and locations, the greater the benefits of the contract management system for the company.
Flexible contract evaluation provides a quick overview and helps to recognise and avoid the risks associated with a contract. The reporting provides the necessary information for the decision-makers and thus forms the necessary basis for a competence and knowledge advantage for discussions, negotiations and audit capability.
Security in compliance and risk management through business process management
There are many points of contact between the internal control system, risk management and compliance as well as the areas of process management and process modelling or continuous process improvement. Even the process description as documentation of work instructions and regulations ensures a common understanding. With the process description, the company management ensures that the responsibility for complying with legal regulations and internal company guidelines is clear to all those affected. In management, the process models can be used for management and control. The process documentation provides employees with a reliable basis for their own tasks. Documented processes make the work of control bodies such as internal audit or compliance officers easier, as this allows objective auditing and consulting activities to be realised. Since 2008, the international ISO standard "ISO 31000 for Risk Management" has provided a set of rules on how companies can actively and preventively control risks. The challenge now is to combine the process documentation in a common database with the information from the risk control matrix. A complete solution that integrates both the GRC functionalities and the process models in one application has a considerable advantage, as this results in significant savings potential for the planning and monitoring of risks and controls.Workflow and process management ensure compliance with the rules on the basis of electronic tools: if the IT systems are an integral part of the documented work instructions in the form of process models, a transparent and measurable implementation of specified processes can be realised. In addition to the documentation of workflows, this also supports the consistent implementation of rules. By linking the instructions, process documentation and validated systems, a high level of quality can be realised in the implementation of the processes.
Interested in more articles from the DiALOG magazine? Continue reading.