Dr. Ulrich Hahn CISA, CIA, Dipl. Industr. Eng. (TU)

Adjunct lecturer for Risk and Crisis Management; Exercises in Controlling; Corporate Governance, Internal Revision

Office hours

Lecture period: 
by appointment via email

Non-lecture period:
by appointment via email


First course in the WS 2017 am October 23 at 4:00 pm in Room 4.411, each double block with exercises.
Please pay attention to the information here and on the bulletin board of Faculty 3.

  • Corporate governance and compliance
  • Risk management and internal control
  • Internal revision

Basic literature:
DCGK, OECD Principles of Corporate Governance, COSO Internal Control - Integrated framework, IIA professional principles: Standards for the professional practice of Internal Revision (IPPF), IDW PS, MaRisk (BA), and literature list in e-Learning.

All other information and materials in e-Learning.

Block course in WS 2017 on  January 13 and 27 and February3, 2018 all-day events.
Please pay attention to the information here and on the bulletin board of Faculty3.

Please register for e-Learning! 

  • Principles of risk management
    • Concepts, problem formulation, and activities
    • Legal standards
    • ISO standards, COSO ERM, and other models
  • The risk management components
    • Context and target specification
    • Event identification and risk assessment
    • Risk management and control activities
    • Information and communication, monitoring
  • Functional work areas
    • IT risk management
    • Aviation risk management
    • Risk management in financial services
    • Crisis management

Basic literature:

COSO Enterprise Risk Management - Integrated Framework (COSO ERM) (German) 2004 and 2017, E-DIN/ISO 31000 Risk management, KonTraG with reasoning, MaRisk (BA), and literature list in e-Learning.

  • Definition, responsibility, and classification
    • Governance, risk, and compliance
  • Management models
    • COBIT and ITIL
    • ISO Standards
    • Other good practice models (MoR, PRINCE2, PMBoK)
  • Structures, processes, and methods
    • IT governance
    • Business focus, strategy, and service planning
    • IT risk management
    • Configuration, change, and problem management
    • IT security and contingency/continuity planning
    • IT controlling
    • IT projects
    • IT compliance

Basic literature:

  • Role of Internal Revision in the organization
    • Management and monitoring, risk and internal control
    • Professional principles of Internal Revision
    • Structure, revision process, interfaces
  • Implementation of assignment
    • Audit preparation
    • Audit implementation
    • Reporting
    • Monitoring of measures
  • Work techniques
    • Problem solution techniques
    • Process analysis
    • Indicators
    • Samples
  • Special auditing areas
    • Accounting
    • Information technology
    • Financial services
    • Public sector

Basic literature:
Standards for the professional practice of Internal Revision (IPPF), MaRisk (BA)

Latecomers from previous semesters can find more information in the e-Learning of the university.

Dr. Ulrich HahnID: 5963