The Compliance Management System (CMS) is an overarching framework that specifies the implementation of external and internal regulations. The CMS applies to those compliance issues that are subject to significant compliance risks for TU Wien, e.g. anti-corruption, compliance with structural and governance processes and the avoidance of conflicts of interest. In order to define the scope of compliance, a risk analysis is used.

Graphic depiction of the Compliance Management System.

The compliance officer often serves as the first point of contact for new issues and develops corresponding basic concepts.

In addition to the advisory function for employees, compliance communication also includes communication with the rectorate and the operational units, as well as reporting (due to the HinweisgeberInnenschutzgesetz, HSchG). As part of the communication process, the compliance officer coordinates the exchange of experts within and without TU Wien.

A compliance risk analysis identifies the risks of non-compliant behavior and recommends reactive measures to avoid longterm misconduct. It is used to determine which legal requirements are particularly relevant for the company.

Training measures are essential for creating awareness. The compliance officer is continuously expanding the range of training courses. In addition, it is the task of the compliance officer to advise TU Wien employees on compliance-relevant topics.

Processes must comply with legal and internal regulations. The Compliance Officer advises process owners on the implementation of changes in legal, organisational and practical frameworks relating to compliance issues.

Based on risk analysis, measures are recommended and developed. In the implementation of compliance measures, it is important to establish clear guidelines and to provide employees with an orientation framework. In further training courses, employees are to be sensitised to compliance-relevant topics.

Continuing education is an essential element for a functioning CMS. This includes the continuous training of the compliance officer, as well as the participation in and further development of networks. The networks include, in particular, Compliance Circle Universitäten (Austria) and the Hochschul Compliance Netzwerk (Germany).