FAM Magdeburger Förderanlagen und Baumaschinen GmbH is a medium-sized company in the mechanical and industrial engineering sector. With its more than 1,000 employees it is one of the largest employers in the federal state of Saxony-Anhalt. The company is internationally positioned and has branches in Bulgaria, Canada, China, Chile, Hungary, Poland, Russia and Singapore. More than 50% of the employees work in engineering. Typical for the industry, the company operates very long-term projects.
Design and implementation of a process-oriented, easily applicable and globally accessible risk management system.
The early identification, systematisation and simple reporting of risks, the systematic monitoring and control of risk prevention measures to avoid errors, damage and costs resulting from inherent risks in the corporate sector and business activities.
In order to make a systematic contribution to risk minimization or avoidance and to exclude the possibility of its own organizational fault in the event of a loss, the FAM has decided to establish a risk management system that records and evaluates risks by means of a suitable system and tracks and evaluates organizational preventive measures accordingly. The system should also serve as an information medium on corporate risks and therefore be available to all employees.
Due to its international orientation and long-running projects, the FAM is exposed to a variety of risks. If these risks are only discovered, communicated and tracked at a late stage, this harbors a considerable risk potential and usually leads to high costs.
Since 2002 the FAM has been using the Quam of LINTRA, now Microsoft SharePoint based, for the documentation of its organization. The processes and structures of the risk management system should now also be documented via this.
For risk analysis and risk recording, FAM had initially planned to introduce risk management system software offered to it by a third-party provider in order to communicate known risks in a targeted and transparent manner and to be able to report and track identified risks workflow-supported and unbureaucratically. This would, however, separate the documentation of the RMS and the handling of risks into two systems. After the presentation of the risk management module within the Quam of LINTRA, the company decided against this separation, which was considered inappropriate. Quam not only documents the risk management system in the usual way, but also meets the requirements of the FAM defined beyond that.
In the course of the project, the various risk management roles in the FAM were first defined and the desired control loop for handling identified risks was developed. Risks known in the company and classified as relevant in their potential impact were transferred into a jointly developed risk structure based on the processes and structures of the company, the risk atlas of the FAM. This facilitates the systematization and analysis of defined risks.
For all risks, indicators with corresponding threshold values have been introduced which, if exceeded or undercut in the operating business, lead to a warning message from the system to the risk management officers. The documented risks have been linked to the operational processes of the FAM, so that employees are sensitized accordingly in the described process organization.
SharePoint-based electronic forms were designed for reporting and tracking risks, which trigger workflow-supported follow-up activities according to the defined control cycle of the risk tracking system of the FAM.
The risk management system is based on the existing SharePoint infrastructure of the FAM and can be extended in a variety of modules. Additional regulations and management manuals can be linked to the existing process model with little effort and without technical know-how.
Concrete, previously unrecorded risks can simply be entered into the risk atlas via workflow, categorized and assigned to corresponding severity levels and provided with threshold values and standardized measures in an audit-proof manner. All employees have the opportunity to report risks. These are forwarded via the system to the appropriate person in charge and processed and monitored in accordance with the risk control cycle.
Business partners, such as banks and auditors, can use an "external risk management system view" to access specially defined areas without gaining insight into sensitive data sets.
Transparency and efficiency can be significantly increased through consistent operating procedures and the coordination of risk measure tracking based on these procedures. This leads to savings of up to 70% in risk costs and to organizational security in dealing with risks.
Unsere Quam Case Study zu Oerlikon erhalten Sie jetzt auch als PDF auf zwei praktischen DIN A4 Seiten.