Are you fit & proper as an IT compliance manager? With the course IT-Compliance Manager: Monitoring + Control + Reporting the participants learn the following professional skills:

  • Implement IT compliance securely
  • IT governance: risk analysis to determine IT protection needs
  • Obligations in data protection: actively controlling interfaces between compliance, information security, money laundering prevention and data protection

Book the course IT-Compliance Manager: Monitoring + Control + Reporting; Convenient and easy with the course registration form online and product no. A16.

 

Price for the Course IT-Compliance Manager: Monitoring + Control + Reporting

Price: 690,– £ excl. 19% VAT.

Included in the price:
Participants documents as PDF,  3-course meal, coffee, tea, soft drinks and snacks in the breaks

Book online with the product no. A16. Convenient and easy with the course registration form online.

 

 

IT-Compliance Manager: Monitoring + Control + Reporting

Target group

  • Board members and managing directors of banks, financial service providers, investment and fund management companies, leasing and factoring companies
  • Executives and specialists from the fields of information security management, outsourcing controlling, risk controlling, compliance, data protection and internal audit

 

Your lead with the course IT-Compliance Manager: Monitoring + Control + Reporting

Each participant receives the following S+P products with the course:

+ Organizational Manual for the Information Security Guideline (size approx. 30 pages)

+ S+P Tool Risk Assessment: Identify IT protection needs

+ S+P Check: User Authorization Management

+ S+P Organizational Manual Data Protection Management (Extent approx. 40 pages)

+ S+P Check: Privacy, IT Security and Cyber ​​Risks

 

Program for the course IT-Compliance Manager: Monitoring + Control + Reporting

Implement IT compliance securely

  • You must be familiar with these “red lines”: Implement minimum requirements from BAIT, VAIT, DIN EN ISO 2700x and BSI basic protection in a test-proof manner
  • Which risks are “essential”? Definition of terms to § 25b KWG; § 26 ZAG and § 32VAG
  • Outsourcing or external procurement? Proper evaluation of software and IT services
  • Overview of IT compliance: integration of IT strategy, IT governance, information security and information risk management
  • AT 7: Focus on IT Compliance: IT strategy, IT environment and IT organization in the focus of the new MaRisk, MaGO, KAMaRisk and BCBS 239

 

The participants will receive the S+P Tool Box with the course IT-Compliance Manager: Monitoring + Control + Reporting:

+ S+P test: Is the IT system compliant?

+ Organizational Guide to the Information Security Guideline (about 30 pages)

+ S+P Check: system check on the IT system

 

IT governance: risk analysis to determine IT protection needs

  • Risk analysis in information management
  • Implementation of qualitatively tightened IT risk analysis on the basis of uniform scoring criteria
  • Assessment of the need for protection with regard to integrity, availability, confidentiality and authenticity
  • New BaFin requirements for cloud computing: strategy, risk analysis and materiality assessment
  • Information Security Management: Creation of the target measures catalog and derivation of the risk-reducing measures

 

The participants will receive the S+P Tool Box:

+ S+P Tool Risk Assessment: IT protection needs with scoring and risk-oriented derivation of the target measures catalog

 

Obligations in data protection: actively controlling interfaces between compliance, information security, money laundering prevention and data protection

  • Modules of an Effective Data Protection System: Interface Management to
    • Processing Inventory Art. 30 EU-GDPR
    • Data protection impact assessment Art. 35 EU-GDPR
    • Deletion Concept Art. 17 EU-DSGVO and DIN Standard 66398
  • Secure handling of self-developed IT applications, access rights, IT approvals and changes in the IT system
  • Efficient communication with outsourced, privacy, money laundering and information security officers
  • Control Plan Compliance – The most important monitoring and control actions
  • Compliance requirements for control and reporting obligations in the IT area

Each participant receives the S+P Tool Box:

+ Checklist: Data Protection for Practitioners acc. new GDPR

+ Checklist: Monitoring and documentation of control actions

+ Job description for Information Security Officer