Business owners will also be familiar with other control systems that they may have already established within their operations or are considering doing so. These include, for example, the risk management system (RMS). You could assume that an RMS and an ICS would be identical, since both systems are concerned with the monitoring of a company and managing risks, but they relate to completely different procedures, even if overlaps exist.
Risk management revolves around complex corporate governance strategies and the dangers that can arise from related decisions. The internal control system focuses more on the actual work of employees and managing directors. Here, it is constantly checked whether everyone is complying with the guidelines - and these guidelines are also pursued by a RMS. First of all, this means that risk management systems and internal control systems go hand in hand, and secondly, that it makes sense to install both systems in parallel within a company.
Also a compliance management system (CMS) does not cover the same areas as the other two systems. A CMS should very specifically preventunlawful actionsor practices. These are clearly risks, but not the only ones. You can also conduct yourself in accordance with the law and still endanger the company through certain actions.
Internal Audit – another term that is regularly used in the context of monitoring a company - can, in turn, be seen as an ICS measure. This is an inferior category, whereas ICS, RMS and CMS operate equally on one level.
Click here for important legal disclaimers.