Creating freedom and minimizing risks through the use of innovative IT systems
Contract management as standard software and part of the internal control systemMartin Schlaghecke, Managing Director at The Quality Group GmbH
Published in: DiALOG - THE MAGAZINE FOR ENTERPRISE INFORMATION MANAGEMENT | MARCH 2015
Standard software solutions that are used across departmental boundaries in the sense of a company-wide implementation are named "Enterprise Information Management Systems" (EIM). The starting point is the definition of EIM, which includes the holistic management of all information in the company regardless of location, user, author, generating system, application, format, device and time. Let's now look at the specific topics in the context of the processes surrounding a company's contracts: Contracts play a central role in every company in a wide variety of ways.
The management of these contracts is a business-critical task not only because of compliance with laws on control and transparency in the corporate sector. Improper handling of contracts can pose significant risks to the company. Contract management forms the foundation of a company's business operations and should therefore be part of a monitoring system, as required by international legislation.
The processing, administration and evaluation of contracts is a central component of business activity and thus of the risk potential, in which several departments in a company are usually involved. The main departments to be mentioned are the legal department and auditing, investment management, marketing and sales, purchasing, finance and controlling through to information technology.
The individual departments sometimes have different requirements for a contract management system. That is why a knowledge platform such as the TQG businessApp platform ® offers, in addition to the smartLCM contract management module, specialist add-on modules that ideally complement the standard system for general contract management.The usually difficult location of contracts, content risks, loss of contracts and missed deadlines are identified as the main sources of errors. In addition to these administrative tasks, it is important to identify and manage the financial risks arising from contracts in good time. Due to electronic access to all information and documents, contract management has become increasingly important for companies. However, boards, auditors and third parties, such as supervisory boards, investors and auditors, are also pushing for it as part of their risk assessment and oversight duties. The contract management system should be designed as a standard software to optimize enterprise-wide and integrated contract management with decentralized collection and management of contract-related information and centralized, integrated contract controlling. Automation of the processes of contract conclusion, contract administration, deadline and project monitoring, and sub-areas of risk management through direct access to the company's global information is required.
The contract management system can be introduced either for one department, e.g. legal department, for several departments of a company or in a group of companies nationally as well as internationally. The more employees across departments or locations benefit from this automation and standardization process, the greater the benefit of the contract management system for the company. A flexible contract evaluation can be used to create a quick overview and helps to identify and avoid risks associated with a contract. The reporting provides the necessary information for the decision makers and thus forms the necessary basis for a competence and knowledge advantage for discussions, negotiations and the audit capability.
Security in Compliance and Risk Management through Business Process Management
There are many points of contact between the internal control system, risk management and compliance as well as the environment of process management and process modeling or continuous process improvement. Even the process description as documentation of work instructions and regulations ensures a common understanding. With the process description, management ensures that the responsibility for complying with legal regulations and internal company guidelines is clear to all those affected. In management, the process models can be used for guidance and control. Employees themselves have a reliable basis for their own tasks via the process documentation. Documented processes facilitate the work of control bodies such as internal auditors or compliance officers, as they can then carry out objective auditing and consulting activities. Since 2008, the international ISO standard "ISO 31000 for risk management" has provided a set of rules on how companies actively and preventively control risks. The challenge now is to combine the process documentation in a common database with the information from the risk control matrix.Workflow and process management ensure compliance with the rules on the basis of the electronic tools: If the IT systems here are an integral part of the documented work instructions in the form of process models, a transparent and measurable implementation of specified processes can be realized. This supports not only the documentation of work processes but also the consistent implementation of rules. By linking the instructions, process documentation and validated systems, a high level of quality in the implementation of the processes can be realized here.