Compliance Management System (CMS)
Compliance underpins every aspect of GIZ's work. All our efforts ultimately depend on the trust awarded to the company by its clients, partners and the public at large. This trust is the product of our reliability, legal conformity and commitment to adhere to rules – which we guarantee through our Compliance Management System (CMS).
GIZ as a whole and all its staff work in accordance with the applicable laws, handle the resources entrusted to them correctly and act with integrity. To ensure this, GIZ based its CMS on Standard 980 issued by the German Institute of Public Auditors (IDW PS 980) and the international management standard ISO 37301. On this basis, GIZ’s CMS can achieve enduring efficacy.
At GIZ compliance is embedded in corporate management, which means our compliance objectives are derived from our corporate objectives:
- GIZ is a reliable company that operates in accordance with applicable laws and regulations and is also perceived as such by outsiders
- Internal regulations and processes are continuously reviewed and improved
- Reputational, liability and financial risks are minimised or avoided
These objectives are based on a compliance culture which GIZ continuously nurtures and strengthens.
The CMS forms part of GIZ's extensive internal control system. Its purpose is to identify and avoid risks (prevention), to identify problematic issues at an early stage (detection) and to respond to breaches or unavoidable risks in an appropriate manner (response). We practise compliance management at all our offices around the globe.
We also continuously monitor our internal systems, regulations and processes with a view to improving them where required. In addition to the internal control system, GIZ is subject to a great many external auditing processes that regularly oblige us to provide evidence on the proper use of the resources entrusted to us.