diff --git a/Legal/.~age Agreement.docx b/Legal/.~age Agreement.docx
new file mode 100644
index 0000000..858712a
Binary files /dev/null and b/Legal/.~age Agreement.docx differ
diff --git a/Policies & Guidelines/Accounting/Assets.md b/Policies & Guidelines/Accounting/Assets.md
new file mode 100644
index 0000000..7e212b0
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Assets.md
@@ -0,0 +1,39 @@
+# Assets
+
+Amortization periods are based on the standard depreciation amortization periods provided by the Bundesfinanzministerium.
+
+## Tangible assets
+
+### Property, plant and equipment
+
+Property, plant and equipment are accounted at acquisition costs including incidental costs or production costs net of scheduled straight-line depreciation.
+
+Scheduled depreciation is based on the estimated useful live of the respective assets. Property, plant and equipment have estimated useful lives between three to fifteen years.
+
+Advance payments and assets under construction are capitalized at acquisition costs or construction costs.
+
+Tangible fixed assets with a value up to EUR 800 are fully written off in the year of acquisition.
+
+## Intangible assets
+
+### Internally generated
+
+Internally generated intangible assets are accounted in accordance with the relevant capitalization option pursuant to section 248 (2) HGB. Internally generated intangible assets are capitalized at production costs and, if they have a limited life, are amortized over their useful lives. Scheduled amortization is carried out on a straight-line basis over the useful life of five years. A reversal of impairment losses is recognized when there is an indication that the reasons for write-downs recognized in previous years are no longer present.
+
+### Acquired from third parties
+
+Intangible assets acquired from third-parties are recognized at acquisition costs including incidental costs and are amortized if they have a limited life. Amortization is charged using the straight-line method over an economic useful life of three to ten years.
+
+## Impairment of non-financial assets
+
+on-financial assets are tested for impairment when there are indicators that the carrying amounts may not be recoverable or when an annual impairment test is required.
+
+When value-in-use calculations are undertaken, management has to estimate the expected future cash flows from the asset or cash-generating unit and choose a suitable discount rate in order to calculate the present value of those cash flows.
+
+## Work in-progress
+
+Work in progress is measured at the production costs considering a loss-free valuation. The production costs include the minimum components as prescribed under section 255 (2) HGB and mainly relate to personnel expenses and expenses for external services.
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Policies & Guidelines/Accounting/Cash.md b/Policies & Guidelines/Accounting/Cash.md
new file mode 100644
index 0000000..639e869
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Cash.md
@@ -0,0 +1,7 @@
+# Cash
+
+Cash and cash equivalents in the statement of financial position comprise cash at banks, cash on hand and short-term deposits with an original maturity of three months or less.
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Policies & Guidelines/Accounting/Currency Translation.md b/Policies & Guidelines/Accounting/Currency Translation.md
new file mode 100644
index 0000000..556b825
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Currency Translation.md
@@ -0,0 +1,8 @@
+# Currency Translation
+
+Generally, assets and liabilities in a foreign currency are translated with the mid spot exchange rate at the balance sheet date. For items with a remaining life of more than one year, the realization principle
+according to section 252 (1) No. 4 sentence 2 HGB and the historical cost principle according to section 253 (1) sentence 1 HGB have been applied. In the profit and loss account, information regarding the foreign currency effects is presented separately in the other operating income and the other operating expenses. This contains realized and unrealized effects.
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Policies & Guidelines/Accounting/Accounting.md b/Policies & Guidelines/Accounting/General Standards.md
similarity index 56%
rename from Policies & Guidelines/Accounting/Accounting.md
rename to Policies & Guidelines/Accounting/General Standards.md
index 9711cb3..f05d6db 100644
--- a/Policies & Guidelines/Accounting/Accounting.md
+++ b/Policies & Guidelines/Accounting/General Standards.md
@@ -1,21 +1,19 @@
-# Accounting
+# General Standards
## Accounting Standards
-The German legally binding accounting regulations must be followed (i.e. Abgabenordnung AO, Umsatysteuergesetz UStG).
+The German legally binding accounting regulations must be followed (i.e. Abgabenordnung AO, Umsatysteuergesetz UStG).
-### Account System
+The financial statements are prepared in accordance with statutory accounting provisions of the German Commercial Code (HGB).
+
+The structure of the balance sheet follows the provisions of section 266 HGB. The income statement are prepared using the nature of expense method in accordance with section 275 (2) HGB.
+
+## Account System
The account system follows SKR 03 (Standardkontenrahmen).
New real accounts, cost centers and cost objects can only be created by the head of finance, head of controlling or head of accounting. Additionally, automated workflows may also generate real accounts, cost centers and cost objects. Examples for such automated workflows can be updates to the account system, creation of new departments etc.
-### Depreciation
-
-Amortization periods are based on the standard depreciation amortization periods provided by the Bundesfinanzministerium.
-
-## Reporting Standards
-
2022-01-01 - Version 1.0
diff --git a/Policies & Guidelines/Accounting/Payables.md b/Policies & Guidelines/Accounting/Payables.md
new file mode 100644
index 0000000..8e1d534
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Payables.md
@@ -0,0 +1,9 @@
+# Payables
+
+## Trade Payables
+
+Trade payables are obligations to pay for goods or services that have been acquired in the ordinary course of business from suppliers. Trade payables are classified as current liabilities if payment is due within one year or less (or in the normal operating cycle of the business if longer). If not, they are presented as non-current liabilities. Trade payables are recognized initially at fair value and subsequently measured at amortized cost using the effective interest method.
+
+
+
+2022-01-01 - Version 1.0
\ No newline at end of file
diff --git a/Policies & Guidelines/Accounting/Provisions.md b/Policies & Guidelines/Accounting/Provisions.md
new file mode 100644
index 0000000..17adb2e
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Provisions.md
@@ -0,0 +1,7 @@
+# Provisions
+
+Provisions are recognized when the Group has a present obligation (legal or constructive) resulting from a past event and it is probable that an outflow of resources embodying economic benefits will be required to settle the obligation and a reliable estimate can be made of the amount of the obligation. The expense relating to any provision is presented in the income statement, net of any reimbursement. If the effect of the time-value of money is material, provisions are discounted. Where discounting is used, the increase in the provision due to the passage of time is recognized as a finance expense.
+
+
+
+2022-01-01 - Version 1.0
\ No newline at end of file
diff --git a/Policies & Guidelines/Accounting/Receivables.md b/Policies & Guidelines/Accounting/Receivables.md
new file mode 100644
index 0000000..3e76da2
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Receivables.md
@@ -0,0 +1,13 @@
+# Receivables
+
+## Receivables and other assets
+
+Receivables and other assets are stated at their nominal value. All items subject to risk are written off in full individually.
+
+## Other long-term receivables
+
+Other long-term receivables are generally recognized at nominal value. Impairments are recorded, if write-downs are required. A reversal of impairment losses is recognized when there is an indication that the reasons for write-downs recognized in previous years are no longer present.
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Policies & Guidelines/Accounting/Reporting.md b/Policies & Guidelines/Accounting/Reporting.md
new file mode 100644
index 0000000..b978c9e
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Reporting.md
@@ -0,0 +1,65 @@
+# Reporting
+
+## Performance measures
+
+### Income statement
+
+The following performance measurements are always compared to previous year and the budget:
+
+* Sales revenue
+* Gross profit margin
+* Net income
+* EBIT margin
+* Sales revenue and net income per employee
+
+### Net cash / net debt
+
+Net debt is an indicator of the organizations ability to meet financial commitments, to pay dividends and to undertake acquisitions. The KPI is calculated by subtracting financial liabilities (excluding lease liabilities) and retirement benefit obligations from cash and cash equivalents.
+$$
+Net Cash = Cash - Current Liabilities
+$$
+
+### Free cash flow (FCF)
+
+Free cash flow represents the cash-generating capability of the organization to conduct and maintain its operations, to repay debt and to undertake acquisitions. Free cash flow equals net cash from operating activities less purchase of property, plant and equipment, less purchase of intangible assets, plus net proceeds from property, plant and equipment.
+$$
+FCF = Gross Profits - Operating Expenses - Taxes - Net Investment in Operating Capital
+$$
+alternative
+$$
+FCF = Net Income + Depreciation - Change in Workign Capital - Capital Expenditure
+$$
+
+### Net working capital (NWC)
+
+Working capital is capital invested in the organizations operating activities. It is a driver for cash flow and an indicator of operational efficiency. Net working capital combines the subtotals of current assets and current liabilities, excluding the lines cash and cash equivalents, current financial assets and current financial liabilities.
+$$
+NWC = Current Assets - Current Lieabilities
+$$
+
+### Days of sales outstanding (DSO)
+
+The days of sales outstanding indicate the average number of days the organization takes to collect its receivables.
+$$
+DSO = \frac{Current Accounts Receivables}{Total Sales Revenue}
+$$
+
+### Days of purchase outstanding (DPO)
+
+The days of purchase outstanding indicate the average number of days the organization takes to pay its payables.
+$$
+DPO = \frac{Current Accounts Payables}{COGS}
+$$
+
+### Return on assets (ROA)
+
+Return on assets expresses the earning power of the organizations assets.
+$$
+ROA = \frac{Net Income}{Total Assets}
+$$
+
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Policies & Guidelines/Accounting/Taxes.md b/Policies & Guidelines/Accounting/Taxes.md
new file mode 100644
index 0000000..fc67e27
--- /dev/null
+++ b/Policies & Guidelines/Accounting/Taxes.md
@@ -0,0 +1,22 @@
+# Taxes
+
+## Current income tax
+
+Current income tax assets and liabilities for the current and prior periods represents the best estimate of the tax amount expected to be paid or received and reflects uncertainty related to income taxes, if any. The tax rates and tax laws used to compute the amount are those that are enacted or substantively enacted by the balance sheet date. Current income tax relating to items recognized directly in equity is recognized in equity and not in the income statement.
+
+## Deferred taxes
+
+Deferred taxes are recognized for temporary or quasi-permanent differences between the carrying amounts of assets, liabilities, prepaid expenses and deferred income in the statutory accounts and their tax carrying amounts, or due to tax loss carry forwards, using the company-specific tax rates applicable at the time when such differences reverse. The amounts of any resulting tax charge or benefit are not discounted. Deferred tax assets and liabilities are offset. The option pursuant to section 274 (1) sentence 2 HGB to recognize net deferred tax assets in excess of deferred tax liabilities was not applied.
+
+## Sales taxes
+
+Revenues, expenses and assets are recognized net of the amount of sales tax, except:
+
+* where the sales tax incurred on a purchase of assets or services is not recoverable from the taxation authority, in which case the sales tax is recognized as part of the cost of acquisition of the asset or as part of the expense item
+* in the case of receivables and payables that are stated with the amount of sales tax included The net amount of sales tax recoverable from, or payable to, the taxation authority is included as part of
+ receivables or payables in the statement of financial position.
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Policies & Guidelines/Car pool.md b/Policies & Guidelines/Car pool.md
new file mode 100644
index 0000000..1cacf50
--- /dev/null
+++ b/Policies & Guidelines/Car pool.md
@@ -0,0 +1,43 @@
+# Car pool
+
+## Eligable positions
+
+| Position | Amount (gross) |
+| -------------------- | ----------------- |
+| Management | < 80,000.00 EUR |
+| Head of Department | < 65,000.00 EUR |
+| Travelling sales rep | < 50,000.00 EUR |
+
+## Other conditions
+
+* Car manufacturers: Audi, Volkswagen, Seat, Skoda
+* Base configuration: Business package (incl. navigation), summer + winter tires
+
+## Service
+
+The employee is responsible for the service of their car. This includes but is not limited to:
+
+* Maintenance
+* Tire changing
+* TÜV
+* Emission test (AU)
+
+### Cleaning
+
+Cleaning is paid by the company with up to 30 EUR per month.
+
+## Fuel
+
+Every company car has its own card for refueling. Employees must only use this card only for refuling this company car.
+
+## Drivers
+
+Only employees or the spouse of an employee is allowed to drive the company car. The driver of a company car must have a valid drivers license. This drivers license must be shown to the fleet management once a year. If a driver loses the driver license the car must be returned to the fleet manager.
+
+## Traffic violations
+
+All drivers are responsible for their traffic violations. This includes also being held responsible for all traffic fees, criminal charges etc. committed by the driver and the company car.
+
+## Return
+
+The car must be returned in good condition by the end of the lease term or if the employement at the organization ends. Gross negligence including repairs for unreported damages must be paid by the employee.
diff --git a/Policies & Guidelines/Documentation Overview.md b/Policies & Guidelines/Documentation Overview.md
new file mode 100644
index 0000000..ec49368
--- /dev/null
+++ b/Policies & Guidelines/Documentation Overview.md
@@ -0,0 +1,25 @@
+# Documentation Overview
+
+* Process:
+ * Describes what needs to be done
+ * Describes who needs to do it
+ * Describes how it needs to be done
+ * Describes why it needs to be done / which risks exist / how does it affect the risk
+ * Describes the overall goal
+ * Defines goals / KPIs
+
+* Process-Flowchart
+ * Describes visually the order of actions in a process
+
+* Process-Risk-Control-Matrix (RCM)
+ * Describs risks from a process
+ * Describes controls/measures for risks
+
+* Tutorials
+ * Describes in detail/step-by-step how actions **can** be performed
+
+* Policies & Guidelines
+ * Describes rules and responsibilities
+
+* Forms
+ * Forms to be used for certain organization activities
diff --git a/Policies & Guidelines/Investment Form.md b/Policies & Guidelines/Fleet.md
similarity index 100%
rename from Policies & Guidelines/Investment Form.md
rename to Policies & Guidelines/Fleet.md
diff --git a/Policies & Guidelines/IT & Equipment.md b/Policies & Guidelines/IT & Equipment.md
new file mode 100644
index 0000000..e69de29
diff --git a/Policies & Guidelines/IT/Backup and Datarecovery.md b/Policies & Guidelines/IT/Backup and Datarecovery.md
new file mode 100644
index 0000000..e2de7cb
--- /dev/null
+++ b/Policies & Guidelines/IT/Backup and Datarecovery.md
@@ -0,0 +1,53 @@
+# Backup and Datarecovery
+
+The loss of data can have detrimental effects on the activities of the organization. Additionally, there are mandatory rules and regulations regarding data storage, which must be upheld. There are many possible reasons for data loss. Some could be:
+
+* Faulty data storage device
+* Accedential deletion or modification of files/data
+* Malicious deletion or modification of files/data
+* Force majeure
+* Malware
+
+## Goal
+
+A complete mitigation of the risks is almost impossible. However, measures must be implemented which mitigate the risks as low as reasonably possible. Data backup should allow the organization to resume its activities as quickly as possible (ideally within 1-2 hours) without substential loss of data.
+
+## Implementation
+
+The organization performs 3 types of backups:
+
+* Backup to external data storage (NAS RAID 5 System): Daily
+* Backup to an external service provider: Daily
+* Manual backup (cloning): Quarterly
+
+In addition to the above mentioned backup methods the server file system also uses RAID 5 providing additional redundancy in case of data storage failure. With raid 5 it's possible for 1 drive to fail without interupting the file storage.
+
+Another data redundancy is implemented for the most valuable aspect of the organization, the source code. All source code is additionally stored at github.com which can be accessed globally and organization members may continue to work on the source code by pulling the latest version of the source code from this service provider.
+
+### External data storage
+
+A backup of the entire data is done to external data carriers (NAS RAID 5 System) in the server room. The backup software used is Borg. The software allows among other to encrypt the backup data and upload it to a remote server. The backup runs fully automated and time-controlled through cron jobs. This type of backup is conducted outside of the hours with the highest activity (2:00 am). The data recovery is possible at any time.
+
+This type of backup is done incrementally, meaning only changes are stored.
+
+### External service provider
+
+In addition to the local backup a remote backup protects against local disasters such as a fire which could also destroy the local backup systems. The backup software used is Borg. The backup runs fully automated and time-controlled through cron jobs. This type of backup is conducted outside of the hours with the highest activity (2:00 am). The data recovery is possible at any time with some added delay due to download latency from the remote server.
+
+This type of backup is done incrementally, meaning only changes are stored.
+
+### Manual backup
+
+Once a quarter a full data backup (clone) is created and stored on an external hard drive. The purpose of these backups are to provide long term backups which are not replaced/overwritten. Additionally, these backups provide some fall back solution for sleeper malware or malware which encrypts backup files. Only 4 quarters at a maximum are allowed to be stored on the same hard drive. The backup is stored in a separate building than the main backup or in a bank vault.
+
+## Responsibility
+
+The responsibility for the data backup lies with the head of IT. Other IT employees may only take over these tasks if the head of IT consideres these employees sufficiently trained in this area. The responsible employees must control the data integrity of the backups once a quarter.
+
+## Data storage
+
+The data should be stored in such a way that only authorized personnel has access to the backup files. Authorized in this case means IT department and management. The data backups should be marked or labelled so that it is easily possible to identify the contents of the backup (i.e. Backup 2022-01.01 2:00:01).
+
+## Reconstruction
+
+The data reconstruction is documented in a reconstruction tutorial in the IT processes. During the reconstruction it may be necessary to put a higher priority on files and data which are more important for the ongoing organization activities (e.g. customer data, source code data).
diff --git a/Policies & Guidelines/IT/IT Equipment & Software.md b/Policies & Guidelines/IT/IT Equipment & Software.md
new file mode 100644
index 0000000..e51e94c
--- /dev/null
+++ b/Policies & Guidelines/IT/IT Equipment & Software.md
@@ -0,0 +1,30 @@
+# IT Equipment & Software
+
+## Equipment
+
+| Type | Employee | Head of department | Management |
+| ----------------------------------- | ----------------------------------------------- | -------------------- | -------------- |
+| Smartphone | Iphone 13 (only sales reps) | Iphone 13 | Iphone 13 |
+| Laptop (incl. docking station) | < 2,000 EUR | < 2,500 EUR | < 2,500 EUR |
+| PC | < 2,000 EUR (if no laptop) | < 2,500 EUR | < 2,500 EUR |
+| Monitor(s) | < 500 EUR per Monitor (if < 2 monitors at desk) | < 1,500 EUR | < 1,500 EUR |
+| IT equipment (e.g. mouse, keyboard) | < 300 EUR | < 500 EUR | < 500 EUR |
+| Printer & Scanner | < 500 EUR (only sekretariat) | < 500 EUR | < 500 EUR |
+
+## Software
+
+| Position | Office / Adobe PDF / Outlook / Typora / WinRar | Teams / Skype / Team Viewer | Firefox / Edge / Chrome / Opera | Sublime Text / Visual Studio Code / CMake / g++ / composer / npm / git / php | Borg | Datev / Crefo / Coface | Adobe Illustrator / Adobe Photoshop | Sanction Monitor |
+| ----------------- | ------ | - | ------------------------------- | - | - | - | - | - |
+| Management | x | x | x | x | | | | |
+| CTO | x | x | x | x | | | | |
+| CSO | x | x | x | x | | | | |
+| CFO | x | x | x | x | | | | |
+| Support & Service | x | x | x | x | | | | |
+| Developer | x | x | x | x | | | | |
+| Purchasing | x | x | x | | | | | x |
+| Sales | x | x | x | | | | | x |
+| IT | x | x | x | x | x | | | x |
+| Finance | x | x | x | | | x | | x |
+| HR | x | x | x | | | x | | x |
+| Marketing | x | x | x | | | | x | |
+| Sekretariat | x | x | x | | | | | x |
diff --git a/Policies & Guidelines/Sales/Export Control.md b/Policies & Guidelines/Sales/Export Control.md
new file mode 100644
index 0000000..e69de29
diff --git a/Policies & Guidelines/Travel & business expenses.md b/Policies & Guidelines/Travel & business expenses.md
new file mode 100644
index 0000000..c0c298a
--- /dev/null
+++ b/Policies & Guidelines/Travel & business expenses.md
@@ -0,0 +1,63 @@
+# Travel & business expenses
+
+## Booking
+
+Every employee except the head of a department or the management is responsible for booking their own travels. Head of departments and management may deligate the booking to the secretariat.
+
+## Costs
+
+Costs must be below the cost break down below. If costs are more expensive for example due to:
+
+* Trade fairs
+* Events which require to stay in the same hotel as customers
+* More expensive travel destinations (e.g. more expensive cities)
+
+The following costs are only general guidelines and maximum amounts. Please note that even costs below this limits can be challenged if they are deemed inappropriate by the finance department.
+
+## Hotels
+
+| Type | Employee | Head of department | Management |
+| ------------------ | ----------------- | -------------------- | --------------- |
+| Germany | < 100 EUR | < 250 EUR | < 350 EUR |
+| International | < 120 EUR | < 300 EUR | < 450 EUR |
+
+## Travelling
+
+| Type | Employee | Head of department | Management |
+| ------------------ | ----------------- | -------------------- | ---------------- |
+| Flight < 300 km | not allowed | Economy | Premium Economy |
+| Flight >= 300 km | Economy | Premium Economy | Business |
+| Flight >= 3.000 km | Premium Economy | Business | Business |
+| Train | 2nd class | 1st class | 1st class |
+| Private car | not allowed | 0.30 EUR per km | 0.30 EUR per km |
+| Company car | approved by HOD | allowed | allowed |
+| Taxi | only within city | only within city | only within city |
+
+## Per diems
+
+The per diems are paid according to the German regulation regarding per diems (Verpflegungsmehraufwendungen).
+
+For Germany they are:
+
+| Type | Employee | Head of department | Management |
+| ----------------- | ----------- | -------------------- | ----------- |
+| > 8 and < 24 h | 14.00 EUR | 14.00 EUR | 14.00 EUR |
+| 24 h (full day) | 28.00 EUR | 28.00 EUR | 28.00 EUR |
+
+The German [Bundesfinanyministerium](https://www.bundesfinanzministerium.de/Content/DE/Downloads/BMF_Schreiben/Steuerarten/Lohnsteuer/2021-09-27-steuerliche-behandlung-reisekosten-reisekostenverguetungen-2022.pdf?__blob=publicationFile&v=2) provides a list with per diems per country.
+
+## Presents
+
+| Type | Employee | Head of department | Management |
+| ---------------------| --------------- | -------------------- | ----------- |
+| No special occasion | not allowed | not allowed | not allowed |
+| Special occasion | approval by HOD | 35.00 w/o approval > 35.00 approval by management | <= 1,000.00 EUR |
+
+## Entertainment
+
+Entertainment expenses are calculated per day and are only paid if they are realized together with customers or other business partners.
+
+| Type | Employee | Head of department | Management |
+| ---------------------------- | ----------- | -------------------- | ----------- |
+| per business partner per day | 50.00 EUR | 120.00 EUR | 200.00 EUR |
+
diff --git a/Processes/01_Development_Risk Control Matrix.md b/Processes/01_Development_Risk Control Matrix.md
index 248630b..118a948 100644
--- a/Processes/01_Development_Risk Control Matrix.md
+++ b/Processes/01_Development_Risk Control Matrix.md
@@ -7,3 +7,6 @@
| 3 | CTO/Code reviewer | Operational Risk (Development) | Inconsistent code styles (which increases frictions between developers) | 5 | 1 | Many times a day | Preventing (System & Manual) | Code styles are automatically tested with code style checkers. | 2 | 1 | | Not all code style options can be reasonably checked and defined. In some cases it's also possible to have false positive code style violations for edge cases. Manual checks during the code review by the responsible person may lead to additional code style changes or ignoring some code style "violations" if deemed reasonable. | yes | yes |
| 4 | CTO/Code reviewer | Operational Risk (Development) | Faulty code due to code changes, additions, removal. | 5 | 4 | Many times a day | Preventing (System & Manual) | Static code analysis tools and written tests for automatic tests. Additionally, manual tests can be performed in a demo environment with self generated dummy data. | 2 | 1 | | | | |
+
+
+2022-01-01 - Version 1.0
diff --git a/Processes/02_Purchase.md b/Processes/02_Purchase.md
index f23c8a9..841e592 100644
--- a/Processes/02_Purchase.md
+++ b/Processes/02_Purchase.md
@@ -2,7 +2,7 @@
## Inquiry / Offer
-Before purchasing employees must perform some research depending on the type and purchase amount. Generally, employees should always compare prices and also different vendors. For purchases above 1,000 EUR for single unit prices or above 50,000 EUR for total invoice expenses employees must always compare prices, argue why they choose a certain product and vendor and provide evidences of such research. Sometimes it can be applicable to not only compare different vendors but also different product types. This research may require to already request offers from potential suppliers and perform negotiations. Please use the **Vendor Comparison Form**. (R1)
+Before purchasing employees must perform some research depending on the type and purchase amount. Generally, employees should always compare prices and also different vendors. For purchases above 1,000 EUR for single unit prices or above 50,000 EUR for total invoice expenses employees must always compare prices, argue why they choose a certain product and vendor and provide evidences of such research. Sometimes it can be applicable to not only compare different vendors but also different product types. This research may require to already request offers from potential suppliers and perform negotiations. Please use the **Investment Form**. (R1)
## Offer approval
@@ -53,4 +53,4 @@ The IT system generates a monthly booking list with all invoices and their booki
### Payment
-The accountant starts the payment process by telling the IT system to genrate a list of all payment suggestions according to the invoice payment terms. The system automatically calculates cash back and forex differences. The accountant may add or remove invoices from the suggestion. Both the accountant and the head of finance sign off on the payments in the IT system.
+The accountant starts the payment process by telling the IT system to generate a list of all payment suggestions according to the invoice payment terms. The system automatically calculates cash back and forex differences. The accountant may add or remove invoices from the suggestion. Both the accountant and the head of finance sign off on the payments in the IT system.
diff --git a/Processes/02_Purchase_Risk Control Matrix.md b/Processes/02_Purchase_Risk Control Matrix.md
index 27dca21..e0131ba 100644
--- a/Processes/02_Purchase_Risk Control Matrix.md
+++ b/Processes/02_Purchase_Risk Control Matrix.md
@@ -6,3 +6,6 @@
| 2 | See purchase approval table | Operational Risk (Purchase) | Unauthorized purchase (budget risks, fraud, compliance, ...) | 1 | 1 | Many times a day | Preventing (Manual) | Authorize purchases according to the purchase approval table. This functions as control and separation of responsibilities. | 1 | 1 | | | yes | yes |
| 3 | Purchase + Employee | Operational Risk (Purchase) | Invalid invoice contents (formal or other mistakes) | 1 | 1 | Many times a day | Preventing (Manual & System) | Automatic system checks and manual checks. | 1 | 1 | | | yes | yes |
+
+
+2022-01-01 - Version 1.0
diff --git a/Processes/03_Sales.md b/Processes/03_Sales.md
index 4bd93b5..de8774a 100644
--- a/Processes/03_Sales.md
+++ b/Processes/03_Sales.md
@@ -2,7 +2,7 @@
# Sales
-The organization has approx. XXX customers with X% located in Germany, Y% in other European countries and Z% in other countries. The customer acquisition is mostly done through online and print marketing. Online marketing consists of the own website and advertisement through various online services such as google, faceboox, linkedin, etc. Print marketing consists of occasional advertisemens in print media such as ????.
+The organization has approx. XXX customers with X% located in Germany, Y% in other European countries and Z% in other countries. The customer acquisition is mostly done through online and print marketing. Online marketing consists of the own website and advertisement through various online services such as google, faceboox, linkedin, etc. Print marketing consists of occasional advertisements in print media such as ????.
## Offer for customer
@@ -33,7 +33,7 @@ Prices and discounts must follow the pricing policy. Deviations from this pricin
## Payment collection
-## Acquesition
+## Acquisition
### Prospect Initiated
@@ -41,32 +41,12 @@ Prices and discounts must follow the pricing policy. Deviations from this pricin
## Offer
-| No. | R | Category | Risk Event | L | C | O | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
-| -------- | ---- | ---------------- | ------------------------------------------------------------ | ---- | ---- | ---- | ------------------------------------------------------------ | ---- | ---- | ------- | ------------------------------------------------------------ | ---- | ---- |
-| 1 | Head of Sales / Head of Finance | Operational Risk (Sales) | Prices too low / discounts too large | 1 | 5 | Many times a day | Avoiding: Default prices and standard discounts are stored in the IT system responsible for the offer generation. Deviations require additional electronical approval in the system by the head of sales or head of finance. Without this electronic approval the offer cannot get created. | | | | | yes | yes |
-
-| No. | Risks/Things to consider | Mitigation Strategy | R | O |
-| ---- | ------------------------------------ | ---------------------- | ---- | ---- |
-| C3 | Prices too low / discounts too large | Default prices and standard discounts are stored in the IT system responsible for the offer generation. Deviations require additional electronical approval in the system by the head of sales or head of finance. Without this electronic approval the offer cannot get created. | Head of Sales / Head of Finance | Weekly |
-| C4 | Default prices are too low / default discounts are too large | Changes to default prices and default discounts can only be entered into the IT system by the head of sales or head of finance. | Head of Sales / Head of Finance | Annualy |
-| C5 | Other aspects of the offer are invalid (i.e. wrong customer, bad credit score of customer, ...) | The offer is none-binding and only becomes binding with the order confirmation where additional checks are performed. | Automatic | Many times a day |
-
## Contracts
-| No. | Risks/Things to consider | Mitigation Strategy | R | O |
-| ---- | ------------------------ | ---------------------- | ---- | ---- |
-| C6 | Old contract version is used | | | |
-| C7 | Contract changes are invalid | | | |
-
## Order Confirmation
### Credit Check
-| No. | Type | Risks/Things to consider | Mitigation Strategy | R | O |
-| ---- | ---- | ------------------------ | ---------------------- | ---- | ---- |
-| C1 | Preventing | Invalid customer data | Customer data gets compared with the information provided from credit rating agencies, company registration forms etc. | System | Many times a day |
-| C2 | Preventing | Customer default | Only customers with a credit score of XXXX-Crefo / XXXX-Coface / XXXX-Schufa get approved during the order confirmation. | System | Many times a day |
-
## Delivery Note
## Invoice
@@ -75,15 +55,5 @@ Prices and discounts must follow the pricing policy. Deviations from this pricin
## Accounts Receivables
-| No. | Risks/Things to consider | Mitigation Strategy | R | O |
-| ---- | ------------------------ | ---------------------- | ---- | ---- |
-| | | | | |
-| | | | | |
-| | | | | |
-Abbreviations:
-
-* R: Responsible
-* O: Occurrence
-* T: Type
diff --git a/Processes/03_Sales_Risk Control Matrix.md b/Processes/03_Sales_Risk Control Matrix.md
index e69de29..ab8ac93 100644
--- a/Processes/03_Sales_Risk Control Matrix.md
+++ b/Processes/03_Sales_Risk Control Matrix.md
@@ -0,0 +1,13 @@
+# Sales Risk Control Matrix
+
+| No. | R | Category | Risk Event | L | C | O | Mitigation Type | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
+| ---- | ------------------------------- | ------------------------ | ------------------------------------------------------------ | ---- | ---- | ---------------- | ---------------------------- | ------------------------------------------------------------ | ---- | ---- | ------- | -------- | ---- | ---- |
+| 1 | Head of Sales / Head of Finance | Operational Risk (Sales) | Prices too low / discounts too large | 1 | 5 | Many times a day | Preventing (System & Manual) | Default prices and standard discounts are stored in the IT system responsible for the offer generation. Deviations require additional electronical approval in the system by the head of sales or head of finance. Without this electronic approval the offer cannot get created. | 1 | 1 | | | yes | yes |
+| 2 | Head of Sales | Operational Risk (Sales) | Default prices are too low / default discounts are too large | 1 | 5 | Many times a day | Preventing (System & Manual) | Changes to default prices and default discounts can only be entered into the IT system by the head of sales or head of finance. | 1 | 1 | | | yes | yes |
+| 3 | Head of Sales | Operational Risk (Sales) | Other aspects of the offer are invalid (i.e. wrong customer, bad credit score of customer, ...) | 1 | 5 | Many times a day | Preventing (System) | The offer is none-binding and only becomes binding with the order confirmation where additional checks are performed. | 1 | 1 | | | yes | yes |
+| 4 | Head of Sales | Operational Risk (Sales) | Invalid customer data | 1 | 5 | | Preventing (System) | Customer data gets compared with the information provided from credit rating agencies, company registration forms etc. | 1 | 1 | | | yes | yes |
+| 5 | Head of Sales | Operational Risk (Sales) | Customer default | 1 | 5 | | Preventing (System) | Only customers with a credit score of XXXX-Crefo / XXXX-Coface / XXXX-Schufa get approved during the order confirmation. | 1 | 1 | | | yes | yes |
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Processes/06_Finance.md b/Processes/06_Finance.md
index afbe8d9..98dc3cc 100644
--- a/Processes/06_Finance.md
+++ b/Processes/06_Finance.md
@@ -1,8 +1,95 @@
# Finance
-## Inventory
+## Budgeting
-### Assets
+The budgeting for the organization is done once a year and involves the cooperation of various departments to create a comprehensive budget with a solid basis for the included assumptions.
-### Merchandise
+### Approval
+#### Deadline
+
+The deadline for the handover of the budget by the finance department to the management is December 15th.
+
+#### Responsibilities
+
+The approval of the budget is handled by the management and should be done until the start of the next fiscal year.
+
+If amendments need to be made the management may approve a preliminary budget until the actual budget is finalized and approved. Examples for a preliminary budget could be the approval to work according to the budget for the first month but adjust the budget for the remaining 11 months. Another solution could be to work according to the budget of the previous year until the new budget got adjusted. The decision how the interim period until the budget is corrected and approved should be handled based on the decision of the management.
+
+### Forecast
+
+The basis of many figures and KPIs for the budgeted periods is the current fiscal year. For this reason the current fiscal year must be forecasted during the budgeting process. Information regarding the forecast should be collected in a similar way as for the budget figures.
+
+### Contents
+
+The budget must be created on a monthly basis. During the budgeting process it may be helpful to only budget the full fiscal year and then split the total budget up into 12 months. While doing so variations in different months should be considered (e.g. audit fees in specific months, seasonal sales distribution, ...).
+
+#### Sales
+
+Sales must contain the following information:
+
+* Sales per product group
+* Sales per country
+* Sales per sales rep
+
+##### Gross profit margins
+
+For the budget the gross profit margins per product group must be used. A total average gross profit margin is not allowed.
+
+#### OPEX
+
+Responsible: Finance + Management
+
+Operating expenses must contain the following information:
+
+* Costs per account
+* Costs per cost center
+* In some cases costs per cost object
+
+##### Information requested from all departments
+
+The following budget positions must be budgeted from the respective head of the department:
+
+* Employee trainings
+* Investments
+* Employee changes (e.g. new position, ...)
+
+##### HR
+
+Responsible: HR + Finance + Management
+
+The HR budget must contain the budget for every employee and all replacements as well as new budgeted positions. The HR budget should also be done per salary type. This also allows to accumulate the HR budget per department/cost center and compare changes with previous years.
+
+Planned salary increases should be already included in the budget (e.g. individual salary increases, general inflation increases, performance related increases, ...).
+
+The following general adjustments should be included in the total budget:
+
+* Staff turnover and delay for filling vacant positions
+* Unplanned salary adjustments (e.g. work time reduction, overtime, wage compensation i.e. from insurances, ...)
+
+##### Marketing
+
+Responsible: Marketing + Finance + Management
+
+The marketing budget must contain the budget for the different marketing types:
+
+* Print media
+* Online media
+* Trade fairs
+* Social media
+
+#### Investments
+
+Responsible: Finance + Management
+
+##### Depreciations
+
+Depreciations are calculated based on the existing assets and their depreciation amounts/lifetime as well as the depreciation amounts and lifetime of new investments. Small new investments don't have to be calculated individually but can be calculated in a compounded position if they have the same lifetime (i.e. all PCs, laptops, printer, ... together).
+
+#### Cash
+
+#### Interests
+
+#### Taxes
+
+The taxes should be estimated based on the EBIT and the local tax rate. Corrections regarding deductible and non-deductible expenses should be included as well.
diff --git a/Processes/COSO/CLC.md b/Processes/COSO/CLC.md
index 8c45eaa..96adb56 100644
--- a/Processes/COSO/CLC.md
+++ b/Processes/COSO/CLC.md
@@ -4,8 +4,8 @@
| ---- | ----------------------------- | ------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ |
| | Control Environment | Principle of financial reporting | Do you have basic financial reporting policies? | Yes, the organization follows the German law regarding financial reporting | Financial laws (i.e. HGB, AO, Ustg, ...) |
| | Control Environment | Understanding accounting policies | Are the selected accounting principles approved? | Yes, employees are required to act according to the the German law | Financial laws (i.e. HGB, AO, Ustg, ...) |
-| | Control Environment | Management philosophy and application | Does management determine the management philosophy, operating style and code of ethics and manifest them to employees? | Yes, all are described in the organization guidelines | Code of Conduct
Organization Guidelines
Conflict of Interest Policy
Confidentiality Policy |
-| | Control Environment | Management philosophy and application | Do you have any procedures or processes to remediate detected behaviors deviating from the management philosophy, operating style and code of ethics | Yes, public email to submit deviating behavior, public discussion and issue tracker to bring forward deviating behavior | Code of Conduct
[Discussions](https://github.com/orgs/Karaka-Management/discussions)
[Issues](https://github.com/Karaka-Management/Karaka/issues) |
+| | Control Environment | Management philosophy and application | Does management determine the management philosophy, operating style and code of ethics and manifest them to employees? | Yes, all are described in the organization guidelines | [Code of Conduct](../../Policies%20%26%20Guidelines/Code%20of%20Conduct.md)
Organization Guidelines
Conflict of Interest Policy
Confidentiality Policy |
+| | Control Environment | Management philosophy and application | Do you have any procedures or processes to remediate detected behaviors deviating from the management philosophy, operating style and code of ethics | Yes, public email to submit deviating behavior, public discussion and issue tracker to bring forward deviating behavior | [Code of Conduct](../../Policies%20%26%20Guidelines/Code%20of%20Conduct.md)
[Discussions](https://github.com/orgs/Karaka-Management/discussions)
[Issues](https://github.com/Karaka-Management/Karaka/issues) |
| | Control Environment | Management philosophy and application | In case you find deviations from the principles, do you deal with them according to the predetermined procedures or processes? | Yes, so far no such case ocured | Code of Conduct
Organization Guidelines
Conflict of Interest Policy
Confidentiality Policy |
| | Control Environment | Director | Do you have any company rules to clearly specify that the board of directors or a director in charge have responsibilities for appropriately supervising and monitoring the management in regard to the financial reporting and relevant internal controls? | No, apart from the legal obligations | |
| | Control Environment | Director | Does the board of directors or corporate auditors supervise the performance of management regard the financial reporting and relevant internal controls? | Yes, financial controls are audited by independent auditors | Annual year end audit |
diff --git a/Processes/COSO/Risk Management/Risk Management Review Template.md b/Processes/COSO/Risk Management/Risk Management Review Template.md
index 9b8ef26..9abbcf3 100644
--- a/Processes/COSO/Risk Management/Risk Management Review Template.md
+++ b/Processes/COSO/Risk Management/Risk Management Review Template.md
@@ -4,9 +4,9 @@
### New risks
-| Risk No. | R | Category | Risk Event | L | C | O | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
-| -------- | ---- | -------- | ---------- | ---- | ---- | ---- | ------------------- | ---- | ---- | ------- | -------- | ---- | ---- |
-| | | | | | | | | | | | | | |
+| Risk No. | R | Category | Risk Event | L | C | O | Mitigation Type | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
+| -------- | ---- | -------- | ---------- | ---- | ---- | ---- | --------------- | ------------------- | ---- | ---- | ------- | -------- | ---- | ---- |
+| | | | | | | | | | | | | | | |
Abbreviations:
diff --git a/Processes/COSO/Risk Management/Risk Register.md b/Processes/COSO/Risk Management/Risk Register.md
index 6e8ef1a..8ce5a7b 100644
--- a/Processes/COSO/Risk Management/Risk Register.md
+++ b/Processes/COSO/Risk Management/Risk Register.md
@@ -2,14 +2,14 @@
The risk register is a central repository to describe and track risks as well as record actions. It includes information for each risk such as risk category, likelihood, consequence, mitigation measures, risk owner and documentation of changes.
-| No. | R | Category | Risk Event | L | C | O | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
-| -------- | ---- | ---------------- | ------------------------------------------------------------ | ---- | ---- | ---- | ------------------------------------------------------------ | ---- | ---- | ------- | ------------------------------------------------------------ | ---- | ---- |
-| 1 | DE | Operational Risk | Loss of source code | 1 | 5 | | Avoiding: Store source code in cloud (github). At least one local developer PC and project server. | | | | | yes | yes |
-| 2 | DE | Operational Risk | Source code leak | 5 | 1 | | Controlling: The programming language is compiled at runtime. The value of the software lies in the updates, support and licenses. | | | | Many companies transferred the revenue model to subscriptions (e.g. Adobe, Microsoft) in order to avoid similar problems. | yes | yes |
-| 3 | DE | Operational Risk | User acquires additional permissions without authorization (every software which uses permissions) | 2 | 5 | | Avoiding: Permissions can only be granted by users which have received the permissions to do so. Users which can change permissions may also only have the permission to change specific users/permissions (single application elements, not the whole application.). We provide a documentation on who to manage permissions incl. best practices. Customers with a maintenance contract also receive additional advice based on their account permission handling. We also check regularly if features can be used by default without the necessary permissions. | | | | The consequences or severities depend on the permissions which can be acquired. | yes | yes |
-| 4 | DE | Operational Risk | User code execution (every software which allows data upload/input) | 3 | 5 | | Avoiding: User provided code is a critical part of some modules (e.g. Helper, Job). These modules provided by OMS execute code user code in iframes. We provide guidelines regarding this sensitive topic which explains that only developers in a company should have access to such functionalities. | | | | | yes | yes |
-| 5 | DE | Operational Risk | Data leak (e.g. database data, file uploads) (every software which stores data) | 2 | 5 | | Avoiding: We regularly check if users have access to data without the necessary permissions. Our modules may use encryption for extremely sensitive data. Media files are only accessible through the media module which allows to check the necessary reading permissions. We also provide a general policy for customers who to secure and maintain their servers. | | | | This is a big problem for almost every company working with data. The biggest known leaks happened among others to Adobe, ebay, Equifax, LinkedIn, Yahoo, ... | yes | yes |
-| 6 | DE | Operational Risk | Corrupt/malicious data injection (every software which accepts data input) | 3 | 3 | | Avoiding: Data is validated client side (minimal protection) and server side. Generally, user input is only accepted if it matches the specified allowed format. Data is usually not sanitized to avoid mistakes during the sanitizing process. Database query statements are prepared and encoded. | | | | | yes | yes |
+| No. | R | Category | Risk Event | L | C | O | Mitigation Type | Mitigation Strategy | L* | C* | Changes | Comments | ES | EY |
+| -------- | ---- | ---------------- | ------------------------------------------------------------ | ---- | ---- | ---- | ------------------------------------------------------------ | ---- | ---- | ------- | ------------------------------------------------------------ | ---- | ---- | ---- |
+| 1 | DE | Operational Risk | Loss of source code | 1 | 5 | | | Avoiding: Store source code in cloud (github). At least one local developer PC and project server. | | | | | yes | yes |
+| 2 | DE | Operational Risk | Source code leak | 5 | 1 | | | Controlling: The programming language is compiled at runtime. The value of the software lies in the updates, support and licenses. | | | | Many companies transferred the revenue model to subscriptions (e.g. Adobe, Microsoft) in order to avoid similar problems. | yes | yes |
+| 3 | DE | Operational Risk | User acquires additional permissions without authorization (every software which uses permissions) | 2 | 5 | | | Avoiding: Permissions can only be granted by users which have received the permissions to do so. Users which can change permissions may also only have the permission to change specific users/permissions (single application elements, not the whole application.). We provide a documentation on who to manage permissions incl. best practices. Customers with a maintenance contract also receive additional advice based on their account permission handling. We also check regularly if features can be used by default without the necessary permissions. | | | | The consequences or severities depend on the permissions which can be acquired. | yes | yes |
+| 4 | DE | Operational Risk | User code execution (every software which allows data upload/input) | 3 | 5 | | | Avoiding: User provided code is a critical part of some modules (e.g. Helper, Job). These modules provided by OMS execute code user code in iframes. We provide guidelines regarding this sensitive topic which explains that only developers in a company should have access to such functionalities. | | | | | yes | yes |
+| 5 | DE | Operational Risk | Data leak (e.g. database data, file uploads) (every software which stores data) | 2 | 5 | | | Avoiding: We regularly check if users have access to data without the necessary permissions. Our modules may use encryption for extremely sensitive data. Media files are only accessible through the media module which allows to check the necessary reading permissions. We also provide a general policy for customers who to secure and maintain their servers. | | | | This is a big problem for almost every company working with data. The biggest known leaks happened among others to Adobe, ebay, Equifax, LinkedIn, Yahoo, ... | yes | yes |
+| 6 | DE | Operational Risk | Corrupt/malicious data injection (every software which accepts data input) | 3 | 3 | | | Avoiding: Data is validated client side (minimal protection) and server side. Generally, user input is only accepted if it matches the specified allowed format. Data is usually not sanitized to avoid mistakes during the sanitizing process. Database query statements are prepared and encoded. | | | | | yes | yes |
## Abbreviations
diff --git a/Processes/Development/Tutorials/Git Change.md b/Processes/Development/Tutorials/Git Change.md
new file mode 100644
index 0000000..5be148d
--- /dev/null
+++ b/Processes/Development/Tutorials/Git Change.md
@@ -0,0 +1,69 @@
+# Git Change
+
+## Basis
+
+* Git is installed
+* The user has access to the code base
+* The tutorial uses the `Karaka.git` repository URL. You may want to replace this with a different repository.
+
+## Tutorial
+
+Create a new clone if you have not done so already in a previous tutorial.
+
+```sh
+git clone --recursive -j8 https://github.com/Karaka-Management/Karaka.git
+```
+
+You may be required to enter your username and password/authentication key from github.
+
+If you already cloned the repository in the past you don't need to clone it again but "update" it with a pull.
+
+```sh
+git pull --recurse-submodules
+```
+
+Now you need to create a new branch for the changes you would like to do. Please follow the branch guidelines.
+
+```sh
+git checkout -b NEW_BRANCH_NAME
+```
+
+Sometimes you would like to work on multiple unrelated changes. In such a situation you should have created different branches for these changes. You can switch between branches with a checkout.
+
+```sh
+git checkout EXISTING_BRANCH_NAME
+```
+
+> It is recommended to run the above mentioned git pull command after switching a branch to get the newest version of the branch.
+
+After making your changes you can save them with a comment/message which describes your changes.
+
+```sh
+git commit -m "YOUR MESSAGE"
+```
+
+or with
+
+```sh
+git commit
+```
+
+This opens a window where you can write a longer text message.
+
+Often it is recommended to do commits whenever you made a change which accomplishes one sub task. This way you can break down your changes in smaller changes which makes it easier for people to check and understand the code changes.
+
+After everything is done you push the changes online for review.
+
+```sh
+git push --recurse-submodules
+```
+
+You may be required to once again enter your username and password/authentication key from github.
+
+This creates a pull request which is a request to put your code changes into the online code base and eventually merge it with the main version of the code.
+
+Please note that your code changes may not get accepted if they don't uphold the coding standards mentioned in the developer guide or if the code changes don't fit the goal of the code base.
+
+
+
+2021-01-01 - Version 1.0
\ No newline at end of file
diff --git a/Processes/Development/Tutorials/New Change.md b/Processes/Development/Tutorials/New Change.md
deleted file mode 100644
index 8b13789..0000000
--- a/Processes/Development/Tutorials/New Change.md
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/Processes/Finance/Budgeting Templates/Department Budget Template.md b/Processes/Finance/Budgeting Templates/Department Budget Template.md
new file mode 100644
index 0000000..98755f4
--- /dev/null
+++ b/Processes/Finance/Budgeting Templates/Department Budget Template.md
@@ -0,0 +1,37 @@
+# Department Budget Template
+
+Department: DEPARTMENT_NAME
+
+## HR
+
+| Type (Hire/Terminate/Change/Salary) | Name (if available) & Position | New total gross salary | Date | Explanation |
+| ----------------------------------- | ------------------------------ | ---------------------- | ---- | ----------- |
+| | | | | |
+| | | | | |
+| | | | | |
+
+## Training
+
+| Type / title of the training | Name (if available) & Position | Total Costs | Date | Explanation |
+| ---------------------------- | ------------------------------ | ----------- | ---- | ----------- |
+| | | | | |
+| | | | | |
+| | | | | |
+
+## Investments
+
+| Type / description | Quantity | Total Costs | Date | Explanation |
+| ------------------ | -------- | ----------- | ---- | ----------- |
+| | | | | |
+| | | | | |
+| | | | | |
+
+Date: YYYY-MM-DD
+
+Name:
+
+Signature:
+
+
+
+2022-01-01 - Version 1.0
\ No newline at end of file
diff --git a/Processes/Finance/Reporting Templates/Financial Reporting.ods b/Processes/Finance/Reporting Templates/Financial Reporting.ods
new file mode 100644
index 0000000..ee05380
Binary files /dev/null and b/Processes/Finance/Reporting Templates/Financial Reporting.ods differ
diff --git a/Processes/HR/Colleague Evaluation Form.md b/Processes/HR/Colleague Evaluation Form.md
index 506994b..496793d 100644
--- a/Processes/HR/Colleague Evaluation Form.md
+++ b/Processes/HR/Colleague Evaluation Form.md
@@ -1,17 +1,21 @@
# Colleague Evaluation Form
-| No. | Colleague Evaluation | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
+| No. | Topic | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
| ---- | ----------------------------- | ---------------| ---------------- | ------------------ | -------------------- | ----- |
-| 2 | My colleagues a broad and deep knowledge overy my work field. | [ ] | [ ] | [ ] | [ ] | |
-| 3 | My colleagues also considering my job/department when doing their work. | [ ] | [ ] | [ ] | [ ] | |
-| 4 | My colleagues are flexible. | [ ] | [ ] | [ ] | [ ] | |
-| 5 | My colleagues are motivated. | [ ] | [ ] | [ ] | [ ] | |
-| 6 | My colleagues are good at communication. | [ ] | [ ] | [ ] | [ ] | |
-| 7 | My colleagues share information with me accordingly. | [ ] | [ ] | [ ] | [ ] | |
-| 8 | My colleagues are team players. | [ ] | [ ] | [ ] | [ ] | |
-| 10 | My colleagues complete assigned work effectively and on time. | [ ] | [ ] | [ ] | [ ] | |
-| 12 | My colleagues are resilient. | [ ] | [ ] | [ ] | [ ] | |
-| 13 | My colleagues show initiative. | [ ] | [ ] | [ ] | [ ] | |
-| 14 | My colleagues work autonomously. | [ ] | [ ] | [ ] | [ ] | |
+| 1 | My colleagues have a broad and deep knowledge overy my work field. | [ ] | [ ] | [ ] | [ ] | |
+| 2 | My colleagues also considering my job/department when doing their work. | [ ] | [ ] | [ ] | [ ] | |
+| 3 | My colleagues are flexible. | [ ] | [ ] | [ ] | [ ] | |
+| 4 | My colleagues are motivated. | [ ] | [ ] | [ ] | [ ] | |
+| 5 | My colleagues are good at communication. | [ ] | [ ] | [ ] | [ ] | |
+| 6 | My colleagues share information with me accordingly. | [ ] | [ ] | [ ] | [ ] | |
+| 7 | My colleagues are team players. | [ ] | [ ] | [ ] | [ ] | |
+| 8 | My colleagues complete assigned work effectively and on time. | [ ] | [ ] | [ ] | [ ] | |
+| 9 | My colleagues are resilient. | [ ] | [ ] | [ ] | [ ] | |
+| 10 | My colleagues show initiative. | [ ] | [ ] | [ ] | [ ] | |
+| 11 | My colleagues work autonomously. | [ ] | [ ] | [ ] | [ ] | |
+
+
+
+2022-01-01 - Version 1.0
diff --git a/Processes/HR/Company Evaluation Form.md b/Processes/HR/Company Evaluation Form.md
index 96caaac..4486e61 100644
--- a/Processes/HR/Company Evaluation Form.md
+++ b/Processes/HR/Company Evaluation Form.md
@@ -1,2 +1,13 @@
# Company Evaluation Form
+| No. | Topic | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
+| ---- | -------------------------------------- | -------------- | ---------------- | ------------------ | -------------------- | ----- |
+| 1 | The company atmosphere is welcoming. | [ ] | [ ] | [ ] | [ ] | |
+| 2 | The company atmosphere is competetive. | [ ] | [ ] | [ ] | [ ] | |
+| 3 | The company appreciates my work. | [ ] | [ ] | [ ] | [ ] | |
+| 4 | The company is sucessfull. | [ ] | [ ] | [ ] | [ ] | |
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/HR/Employee Evaluation Form.md b/Processes/HR/Employee Evaluation Form.md
index 3641416..7cb22df 100644
--- a/Processes/HR/Employee Evaluation Form.md
+++ b/Processes/HR/Employee Evaluation Form.md
@@ -1 +1,26 @@
-# Employee Evaluation Form
\ No newline at end of file
+# Employee Evaluation Form
+
+Name:
+
+| No. | Topic | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
+| ---- | ------------------------------------------------------------ | -------------- | ---------------- | ------------------ | -------------------- | ----- |
+| 1 | The employee has a broad and deep knowledge overy his work field. | [ ] | [ ] | [ ] | [ ] | |
+| 2 | The employee is also considering other people and departments when doing his work. | [ ] | [ ] | [ ] | [ ] | |
+| 3 | The employee is flexible. | [ ] | [ ] | [ ] | [ ] | |
+| 4 | The employee is motivated. | [ ] | [ ] | [ ] | [ ] | |
+| 5 | The employee is good at communicating. | [ ] | [ ] | [ ] | [ ] | |
+| 6 | The employee shares information with his colleques and supvervisors accordingly. | [ ] | [ ] | [ ] | [ ] | |
+| 7 | The employee is a team player. | [ ] | [ ] | [ ] | [ ] | |
+| 8 | The employee has a confident presence in his field of work. | [ ] | [ ] | [ ] | [ ] | |
+| 9 | The employee completes assigned work effectively and on time. | [ ] | [ ] | [ ] | [ ] | |
+| 10 | The employee is fully occupied with his work. | [ ] | [ ] | [ ] | [ ] | |
+| 11 | The employee is resilient. | [ ] | [ ] | [ ] | [ ] | |
+| 12 | The employee shows initiative. | [ ] | [ ] | [ ] | [ ] | |
+| 13 | The employee can work autonomusly. | [ ] | [ ] | [ ] | [ ] | |
+| 14 | The employee is good at negotiating. | [ ] | [ ] | [ ] | [ ] | |
+| 15 | The employee is good at leading his subordinate. | [ ] | [ ] | [ ] | [ ] | |
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/HR/Self-Evaluation Form.md b/Processes/HR/Self-Evaluation Form.md
index 656594a..36254c6 100644
--- a/Processes/HR/Self-Evaluation Form.md
+++ b/Processes/HR/Self-Evaluation Form.md
@@ -2,7 +2,7 @@
Name:
-| No. | Self-Evaluation | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
+| No. | Topic | Very Confident | Fairly Confident | Not Very Confident | Not At All Confident | Notes |
| ---- | ----------------------------- | ---------------| ---------------- | ------------------ | -------------------- | ----- |
| 1 | I possess sufficient resources for me to achieve my tasks. | [ ] | [ ] | [ ] | [ ] | |
| 2 | I have a broad and deep knowledge overy my work field. | [ ] | [ ] | [ ] | [ ] | |
@@ -20,3 +20,8 @@ Name:
| 14 | I can work autonomusly. | [ ] | [ ] | [ ] | [ ] | |
| 15 | I am good at negotiating. | [ ] | [ ] | [ ] | [ ] | |
| 16 | I am good at leading my subordinate. | [ ] | [ ] | [ ] | [ ] | |
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Onboarding Cheat-Sheet.md b/Processes/Onboarding/Developer Onboarding Cheat-Sheet.md
similarity index 94%
rename from Processes/Onboarding/Onboarding Cheat-Sheet.md
rename to Processes/Onboarding/Developer Onboarding Cheat-Sheet.md
index a25f2bb..4c6a742 100644
--- a/Processes/Onboarding/Onboarding Cheat-Sheet.md
+++ b/Processes/Onboarding/Developer Onboarding Cheat-Sheet.md
@@ -1,4 +1,4 @@
-# Onboarding: Cheat-Sheet
+# Developer Onboarding: Cheat-Sheet
**How to initially setup the codebase?**
@@ -32,3 +32,7 @@ js: Jasmine
* run phpcs: `php vendor/bin/phpcs ./ --standard="Build/Config/phpcs.xml" -s --report-junit=Build/test/junit_phpcs.xml`
* run eslint: `npx eslint jsOMS/ -c Build/Config/.eslintrc.json`
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Onboarding Q&A.md b/Processes/Onboarding/Developer Onboarding Q&A.md
similarity index 98%
rename from Processes/Onboarding/Onboarding Q&A.md
rename to Processes/Onboarding/Developer Onboarding Q&A.md
index 710b7c7..752a874 100644
--- a/Processes/Onboarding/Onboarding Q&A.md
+++ b/Processes/Onboarding/Developer Onboarding Q&A.md
@@ -60,3 +60,8 @@ Yes, although only very few libraries. They can be found in Resources/ and Libra
* phpstan: Build repository
* eslint: Build repository
* PHPUnit: respective repository
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Hiring Checklist.md b/Processes/Onboarding/Hiring Checklist.md
new file mode 100644
index 0000000..07216fb
--- /dev/null
+++ b/Processes/Onboarding/Hiring Checklist.md
@@ -0,0 +1,21 @@
+# Hiring Checklist
+
+| Topic | Date | By | Done |
+| -------------------------------- | ---- | ------------- | ---- |
+| Application contains a CV | | Head of HR | |
+| Application contains credentials | | Head of HR | |
+| Credentials are verified | | Head of HR | |
+| Contract approved by head of HR | | Head of HR | |
+| Contract is signed | | Head of HR | |
+| NDA is signed | | Head of HR | |
+| CLA is signed | | Head of HR | |
+| Privicy policy is signed | | Head of HR | |
+| Equipment is taken care of | | Head of IT | |
+| Credentials are taken care of | | Head of IT | |
+| Car is taken care of | | Fleet manager | |
+| Training plan is taken care of | | Head of HR | |
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Onboarding Checklist.md b/Processes/Onboarding/Onboarding Checklist.md
new file mode 100644
index 0000000..9f61ffa
--- /dev/null
+++ b/Processes/Onboarding/Onboarding Checklist.md
@@ -0,0 +1,28 @@
+# Onboarding Checklist
+
+## General
+
+| Topic | Date | By | Done |
+| ----------------------- | ------------------ | ---- | ---- |
+| Welcome meeting | HR | | |
+| Explain DO'S and DON'TS | HR | | |
+| Introduction to team | Head of department | | |
+
+
+## Development sepecifc
+
+| Topic | Date | By | Done |
+| ------------------------------------------------------------ | ------------------ | ---- | ---- |
+| Handover credentials (e.g. repository) | Head of department | | |
+| Setup of dev environment | Department | | |
+| Git & repositories | Department | | |
+| Dev tools for unit testing, code quality, debugging, ... | Department | | |
+| Setup application demo for local tests | Department | | |
+| Overview of documents and code base (docs, build scripts, framework, application structure) | Department | | |
+| Q&A about the code base, application design, etc. | Department | | |
+| Handover of some basic issues/tasks/todos | Department | | |
+
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Onboarding DOS and DONTS.md b/Processes/Onboarding/Onboarding DOS and DONTS.md
index f6ab439..22a44f9 100644
--- a/Processes/Onboarding/Onboarding DOS and DONTS.md
+++ b/Processes/Onboarding/Onboarding DOS and DONTS.md
@@ -2,7 +2,7 @@
## DO'S
-1. Read the documentation
+1. Read the relevant documentation (guidelines, policies, processes, developer documentation)
2. Ask questions
3. If you see a bug, missing, incomplete or wrong documentation, fix it
4. If you have ideas for features, additional functionality etc. bring them forward for discussion
@@ -15,3 +15,7 @@
1. Don't be late to appointments. It can happen but it shouldn't be a normal occurrence
2. Don't represent the project and organization in a bad light
+
+
+2022-01-01 - Version 1.0
+
diff --git a/Processes/Onboarding/Onboarding.md b/Processes/Onboarding/Onboarding.md
deleted file mode 100644
index 15ecc12..0000000
--- a/Processes/Onboarding/Onboarding.md
+++ /dev/null
@@ -1,18 +0,0 @@
-# Onboarding
-
-- [ ] Welcome meeting
-- [ ] DO'S and DON'TS
-- [ ] Introduction to team
-- [ ] Handover credentials (e.g. repository)
-- [ ] Setup of dev environment
- - [ ] Git & repositories
- - [ ] Dev tools for unit testing, code quality, debugging, ...
-- [ ] Setup application demo for local tests
-- [ ] Overview of documents and code base
- - [ ] Docs
- - [ ] Build scripts
- - [ ] Framework
- - [ ] Application structure
-- [ ] Q&A about the code base, application design, etc.
-- [ ] Handover of some basic issues/tasks/todos
-
diff --git a/Processes/Purchase/Vendor Comparison Form.md b/Processes/Purchase/Investment Form.md
similarity index 90%
rename from Processes/Purchase/Vendor Comparison Form.md
rename to Processes/Purchase/Investment Form.md
index c3c643e..2b107d0 100644
--- a/Processes/Purchase/Vendor Comparison Form.md
+++ b/Processes/Purchase/Investment Form.md
@@ -1,4 +1,4 @@
-# Vendor Comparison Form
+# Investment Form
| Type | Vendor 1 | Vendor 2 | Vendor 3 |
| ------------------- | -------- | -------- | -------- |
@@ -10,7 +10,7 @@
Date: YYYY-MM-DD
-Employee: {YOUR_NAME}
+Employee: YOUR_NAME
Signature: