Bitte beachten Sie: Aufgrund der Auswirkungen des IT-Sicherheitsvorfalls vom 06.07.2024 sind alle auf endenden E-Mail-Adressen temporär nicht erreichbar.
Hier gelangen Sie zu den Notfall-Kontaktmöglichkeiten.

Please note: Due to the recent IT security incident on July 6, 2024, all email addresses ending in are temporarily unavailable.
Click here to see the current emergency contact options.


Dr. Ulrich Hahn CISA, CIA, Dipl. Industr. Eng. (TU)

Adjunct lecturer for Risk and Crisis Management; Exercises in Controlling; Corporate Governance, Internal Revision

Office hours

Lecture period: 
by appointment via email

Non-lecture period:
by appointment via email


First course in the WS 2017 am October 23 at 4:00 pm in Room 4.411, each double block with exercises.
Please pay attention to the information here and on the bulletin board of Faculty 3.

  • Corporate governance and compliance
  • Risk management and internal control
  • Internal revision

Basic literature:
DCGK, OECD Principles of Corporate Governance, COSO Internal Control - Integrated framework, IIA professional principles: Standards for the professional practice of Internal Revision (IPPF), IDW PS, MaRisk (BA), and literature list in e-Learning.

All other information and materials in e-Learning.

Block course in WS 2017 on  January 13 and 27 and February3, 2018 all-day events.
Please pay attention to the information here and on the bulletin board of Faculty3.

Please register for e-Learning! 

  • Principles of risk management
    • Concepts, problem formulation, and activities
    • Legal standards
    • ISO standards, COSO ERM, and other models
  • The risk management components
    • Context and target specification
    • Event identification and risk assessment
    • Risk management and control activities
    • Information and communication, monitoring
  • Functional work areas
    • IT risk management
    • Aviation risk management
    • Risk management in financial services
    • Crisis management

Basic literature:

COSO Enterprise Risk Management - Integrated Framework (COSO ERM) (German) 2004 and 2017, E-DIN/ISO 31000 Risk management, KonTraG with reasoning, MaRisk (BA), and literature list in e-Learning.

  • Definition, responsibility, and classification
    • Governance, risk, and compliance
  • Management models
    • COBIT and ITIL
    • ISO Standards
    • Other good practice models (MoR, PRINCE2, PMBoK)
  • Structures, processes, and methods
    • IT governance
    • Business focus, strategy, and service planning
    • IT risk management
    • Configuration, change, and problem management
    • IT security and contingency/continuity planning
    • IT controlling
    • IT projects
    • IT compliance

Basic literature:

  • Role of Internal Revision in the organization
    • Management and monitoring, risk and internal control
    • Professional principles of Internal Revision
    • Structure, revision process, interfaces
  • Implementation of assignment
    • Audit preparation
    • Audit implementation
    • Reporting
    • Monitoring of measures
  • Work techniques
    • Problem solution techniques
    • Process analysis
    • Indicators
    • Samples
  • Special auditing areas
    • Accounting
    • Information technology
    • Financial services
    • Public sector

Basic literature:
Standards for the professional practice of Internal Revision (IPPF), MaRisk (BA)

Latecomers from previous semesters can find more information in the e-Learning of the university.

Dr. Ulrich HahnID: 5963