Together with an external management consultant and expert in information security and risk management, a Project-Charter specifically tailored to the needs of BOKU was developed.

The aim of the Project-Charter is to implement a defined CMS at BOKU and to create the basis for the longer-term operation of a transparent, efficient and effective CMS and to draw up a compliance-manual.

The concept developed is based on generally accepted auditing standards and norms, in particular IDW PS 980 and ISO 19600.

According to this, a CMS consists of several elements/building blocks, i.e. regulations, awareness-raising measures and processes that maintain the operation of such a system.

The Project-Charter is implemented by means of several pilot activities/sub-projects, which are or have already been identified on the basis of a risk analysis. The sub-projects go through two project phases (pilot phase and roll-out phase) according to the PDCA cycle (Plan, Do, Check, Act), which in turn are subdivided into several project steps.

Next steps towards the implementation of compliance at BOKU

The existing BOKU Compliance-Guideline and Anti-Corruption-Guideline will be revised, i.e. updated and expanded as needed.

A Code of Conduct (CoC) will be created as a formal regulatory framework, which defines the basic principles for behaviour within BOKU and towards external partners/stakeholders. This is intended to set out BOKU's position on corporate ethics and integrity and to raise awareness among BOKU-members accordingly.

Subsequently, a compliance-manual will be prepared, which presents our CMS with its individual components including communication, awareness-raising and training measures.

In parallel, the HSchG is implemented by setting up and operating an internal reporting-system.