The auditing activities of DEG's Internal Audit department are generally internalised. Exceptions are examinations in the IT environment as well as examinations in which special know-how or support is required for capacity reasons. The resources required for this are to be provided by external service providers.
Lot 1 Audit support in all areas of DEGIn Lot 1, the external service provider is required to carry out audits in all areas of DEG without information technology / information security, e.g.
-Processes
- Internal control system
- Accounting and taxes incl.
- Reporting packages
- Treasury
- Compliance incl. money laundering prevention
- Projektmanagementprozessen
- Customer and financing processes
- Risk management (quantitative and qualitative)
- Modellvalidierungen, Stresstests und Risikoberichtswesen (all Risikoarten)
used. Exams are conducted in both the 1st and 2nd lines of defense.
In the award procedure, up to three framework contract partners are to be selected.
Lot 2 Information TechnologyIn Lot 2, the external service provider is used for audits in all areas of information technology, such as:
-Processes
- Internal control system
- IT strategy and control
- IT operations
- IT development
- IT infrastructure
- Information security and IT risk management.
Checks are carried out in both the 1st and 2nd lines of defense.
A framework agreement is to be concluded with a framework contract partner.