Internal control systems within the framework of the 8th EU directive

Table of Contents

1. Introduction

1.1. Background

1.2. Analytical Procedure

2. Literature Review

2.1. Regulatory Environment

2.2. Fundamental Elements of the ICS

2.2.1. Basic Idea and Definition of an ICS

2.2.2. Principles of the ICS

2.2.3. Objectives of the ICS

2.2.4. Critical Assessment

2.3. Control Models of the ICS

2.3.1. COSO

2.3.1.1. Background

2.3.1.2. Internal Control - Integrated Framework

2.3.2. COBIT

2.3.2.1. Background

2.3.2.2. Framework

2.3.3. Critical Appreciation and Interaction of the Models

3. Research Design and Methodology

3.1. Research Philosophy

3.2. Research Approach and Method

3.3. Research Strategy

3.4. Research Time Horizon and Data Collection

3.5. Access to Data and Resources

3.6. Ethical Issues

4. Analysis, Discussion and Interpretation

4.1. Presenting the Data: Relevance of the ICS for a Company

4.1.1. Benefits of the ICS

4.1.2. Drawbacks of the ICS

4.1.3. Restriction of the ICS

4.1.4. Implementation Problems of the ICS

4.1.5. Areas for the ICS

4.1.6. Drivers and Prospective Usage of the ICS

4.2. Interpretation: Design in Companies

4.2.1. Determination of the Actual State of an ICS

4.2.1.1. Self-Assessment

4.2.1.2. Identifying Risk Areas and Processes

4.2.1.3. Roles and Responsibilities

4.2.2. Determination of the Target State of an ICS

4.2.2.1. Roles, Responsibilities and the Analysis Process

4.2.2.2. Control Activities

4.2.2.3. Realisation, Monitoring and Documentation

4.2.2.4. Challenges in IT

4.2.2.5. Design of Processes

5. Conclusions

6. Recommendations

Objectives and Research Focus

The primary objective of this dissertation is to investigate the significance and implementation of Internal Control Systems (ICS) within the regulatory framework of the 8th EU Directive. The work aims to identify the key challenges, risks, and implementation barriers faced by companies and to provide practical guidelines and frameworks for establishing an effective ICS.

• Analysis of the regulatory environment and the impact of the 8th EU Directive on public interest companies.
• Evaluation of standardized control frameworks, specifically COSO and COBIT, for internal control implementation.
• Assessment of current practices and implementation challenges through an empirical survey with industry experts.
• Development of a structured, practical approach for determining the actual and target state of an ICS within a company.
• Provision of implementation guidelines, including self-assessment tools, risk matrices, and IT process controls.

Excerpt from the Book

Summary of Chapters

1. Introduction: Outlines the background of market globalization and the resulting demand for corporate governance and transparent Internal Control Systems in light of recent financial scandals.

2. Literature Review: Provides a theoretical foundation by discussing the regulatory environment, fundamental elements, and existing control frameworks like COSO and COBIT.

3. Research Design and Methodology: Details the research philosophy, strategy, and data collection methods, including a survey of 27 experts to gather qualitative insights.

4. Analysis, Discussion and Interpretation: Analyzes the survey data to identify benefits, drawbacks, and implementation problems of an ICS and suggests a structured design process for companies.

5. Conclusions: Synthesizes the findings, confirming that while an ICS is not a trivial task, its implementation is a crucial step for business sustainability, risk management, and regulatory compliance.

6. Recommendations: Offers a strategic implementation guide for businesses, emphasizing the need for a phased, long-term approach supported by established frameworks and consistent management commitment.

Keywords

Internal Control Systems, ICS, 8th EU Directive, COSO Framework, COBIT Framework, Corporate Governance, Risk Management, Regulatory Compliance, Internal Audit, IT Governance, Implementation Strategy, Business Process, Financial Reporting, Internal Control, Organizational Transparency

Frequently Asked Questions

What is the core focus of this research?

The dissertation examines the necessity and implementation of Internal Control Systems (ICS) for companies of public interest under the requirements of the 8th EU Directive.

What are the primary thematic areas covered?

The study covers the regulatory background, the theoretical components of internal control, the application of frameworks like COSO and COBIT, and practical methods for designing and monitoring an ICS.

What is the primary objective of this work?

The goal is to identify common implementation challenges and to provide companies with practical tools, such as checklists and guidelines, to develop an effective and compliant ICS.

Which scientific methodology is utilized?

The research adopts a qualitative, inductive approach, combining a comprehensive literature review with a survey conducted among 27 internal control specialists, auditors, and consultants.

What is addressed in the main body of the work?

The main body evaluates the actual and target states of an ICS, discusses IT-related risks and controls, and suggests frameworks to structure the implementation process within the company’s existing value chain.

Which key terms characterize the work?

Key terms include ICS, 8th EU Directive, COSO, COBIT, Corporate Governance, Risk Management, and Internal Audit.

How does the author recommend integrating IT into an ICS?

The author emphasizes that IT is no longer a peripheral support function but part of the core business; therefore, IT governance must be integrated using the COBIT framework, separating general controls from specific application controls.

Why is the 8th EU Directive central to this study?

The Directive acts as the legal catalyst for this research, mandating that companies of public interest must maintain effective internal controls, thereby creating the immediate need for the guidelines proposed in this thesis.

What is the role of the "self-assessment" tool proposed by the author?

The self-assessment tool serves as a diagnostic instrument, derived from COSO and COBIT, allowing organizations to evaluate their current ICS maturity level across strategy, risks, and IT, and to identify areas for improvement.