Análisis e Interpretación de resultados de las encuestas

Risk Management System

In the beginning of 2008 a group-wide risk management system, in compliance with legal regulations, was implemented, allowing us to identify or foresee early on any relevant risks. The approach, which encompasses all important areas, and the associated reporting process

serve as central element in the risk management system and allow the Board of Directors to act quickly, effectively, and aware of risk. Risk agents, who are responsible for the im- plementation of the risk management or reporting procedures, are appointed for each of the areas of the business that are considered important. The reporting procedures require that the risks be classified by risk categories and that the reports include an assessment of a potential occurrence as well as its effects measured with regard to EBITDA.

In addition to the identification and evaluation of important developments that may have a potential impact on our business, the system is also used to prioritise and implement activi- ties for the reduction of risks, and moreover, to better utilise opportunities.

With the help of a standard risk reporting form, the designated risk agents categorically shall supply an evaluation and assessment of existing or potentially occurring risks on a quarterly basis. They will then be analysed by the appointed central risk management and summarised in a brief report. This risk report will be evaluated by the Board of Directors.

The continued systematic development of our risk management system constitutes an impor- tant contribution to more security and to the targeted development of our group-wide, uniform risk policy.

Market and Customer Risks

As an internationally operating business, CompuGROUP is doing business in the health markets of many European countries and some countries in the Middle East. On account of the worldwide uniform market being served by CompuGROUP, differences occur as a rule only as a result of political and legal regulations. CompuGROUP compensates that with detailed market information allowing the business to detect risk potentials early on.

Another important issue concerns risks generated by customer satisfaction and service quality. Simply because of the sensitivity inherent in the health market in general, CompuGROUP at all times attempts to offer the customers an optimal service. This is guaranteed through modern, updated and very safe software products and services that improve the work flow, as well as through comprehensive customer services.

Risks related to Law and Politics

Within the scope of the current precedents on patent law in the U.S. and in the European Union, software is subject to patent protection to an increasing extent. The resulting patent actions may also affect the CompuGROUP. Furthermore, there is the risk that defective products and subsequent potential liability issues may result in legal actions. CompuGROUP recognised that and obtained appropriate insurance protection.

Risks related to Technology as well as Research and Development

Innovations and material progressive developments resulting from the latest findings and new technologies have a large inherent potential. Financial performances, however, are exposed to the risk of failure. In particular, CompuGROUP is exposed to the following risk factors:

Some subsidiaries have not been able to achieve sales revenues from the marketing of prod- ucts and have reported a corresponding negative contribution since the beginning of the development. In particular, vita-X created considerable expenses for the Company for financial year 2007. To protect cost-intensive development projects, the corporation pre- pares appropriate profitability analyses reflecting future economic benefits and the year of expected break-even.

Risks of Acquisition/Procedures

Among other things, CompuGROUP broadens its international presence with targeted takeovers of businesses. The following procedures for a successful integration were set-up:

• In the pre-acquisition phase, we intensively deliberate, in advance of a takeover, whether the organisation of the business, the existing customer base, as well as the technology complement the portfolio of CompuGROUP in a profitable way. Each acquisition is preceded by a thorough analysis of the technical, economic and legal situation of the target business. Because of the continuing internationalisation of the Group, we pointedly stress the fact that the business culture and also the culture of the respective countries are compatible with our philosophy.

• During the post-acquisition phase, we employ clearly defined control mechanisms, in order to identify potential problem areas in a timely fashion. We pay attention to all important areas of the acquired business.

Moreover, risks arising in tax areas could be conceivable, particularly risks arising within the scope of internal audits. Other risks of litigation could result, for example, from labour and civil procedures. The business has provided reasonable precautions by making provisions for the latter type of risk.

Financial Risks

Based on the customer structure and the established multi-brand strategy of CompuGROUP, there are no agglomeration risks that could develop into significant risk potentials. Because of the high credit standing of the customers, the risks of bad debt losses are very low. Personnel Risks

Since we are one of the leading European eHealth providers, our employees represent a valu- able group of knowledgeable people in this area and thus are much in demand by other software companies. To avoid that our employees will be potentially enticed to leave us, we try to closely tie them to the business by offering continuing education, appropriate personnel advancement measures, and non-competitive clauses. Consequently, fluctuation in personnel is low.

Risks relating to Project Business

Due to legally established regulations in the area of project business, we often must compete with rival companies for the award of a contract. Frequently, the price determines the final

order placement. The Company uses a special handling procedure which regulates our au- thorisation processes for accepting projects and secures satisfactory profit margins for us. Overall Risk Situation of the Group

No risks endangering inventory of the Group were identified for the prior year. Nor are there any identifiable risks endangering the continued existence of the business.