Are you fit & proper as an IT compliance manager? With the course IT-Compliance Manager: Monitoring + Control + Reporting the participants learn the following professional skills:
- Implement IT compliance securely
- IT governance: risk analysis to determine IT protection needs
- Obligations in data protection: actively controlling interfaces between compliance, information security, money laundering prevention and data protection
Book the course IT-Compliance Manager: Monitoring + Control + Reporting; Convenient and easy with the course registration form online and product no. A16.
Price for the Course IT-Compliance Manager: Monitoring + Control + Reporting
Price: 690,– £ excl. 19% VAT.
Included in the price:
Participants documents as PDF, 3-course meal, coffee, tea, soft drinks and snacks in the breaks
Book online with the product no. A16. Convenient and easy with the course registration form online.
Target group
- Board members and managing directors of banks, financial service providers, investment and fund management companies, leasing and factoring companies
- Executives and specialists from the fields of information security management, outsourcing controlling, risk controlling, compliance, data protection and internal audit
Your lead with the course IT-Compliance Manager: Monitoring + Control + Reporting
Each participant receives the following S+P products with the course:
+ Organizational Manual for the Information Security Guideline (size approx. 30 pages)
+ S+P Tool Risk Assessment: Identify IT protection needs
+ S+P Check: User Authorization Management
+ S+P Organizational Manual Data Protection Management (Extent approx. 40 pages)
+ S+P Check: Privacy, IT Security and Cyber Risks
Program for the course IT-Compliance Manager: Monitoring + Control + Reporting
Implement IT compliance securely
- You must be familiar with these “red lines”: Implement minimum requirements from BAIT, VAIT, DIN EN ISO 2700x and BSI basic protection in a test-proof manner
- Which risks are “essential”? Definition of terms to § 25b KWG; § 26 ZAG and § 32VAG
- Outsourcing or external procurement? Proper evaluation of software and IT services
- Overview of IT compliance: integration of IT strategy, IT governance, information security and information risk management
- AT 7: Focus on IT Compliance: IT strategy, IT environment and IT organization in the focus of the new MaRisk, MaGO, KAMaRisk and BCBS 239
The participants will receive the S+P Tool Box with the course IT-Compliance Manager: Monitoring + Control + Reporting:
+ S+P test: Is the IT system compliant?
+ Organizational Guide to the Information Security Guideline (about 30 pages)
+ S+P Check: system check on the IT system
IT governance: risk analysis to determine IT protection needs
- Risk analysis in information management
- Implementation of qualitatively tightened IT risk analysis on the basis of uniform scoring criteria
- Assessment of the need for protection with regard to integrity, availability, confidentiality and authenticity
- New BaFin requirements for cloud computing: strategy, risk analysis and materiality assessment
- Information Security Management: Creation of the target measures catalog and derivation of the risk-reducing measures
The participants will receive the S+P Tool Box:
+ S+P Tool Risk Assessment: IT protection needs with scoring and risk-oriented derivation of the target measures catalog
Obligations in data protection: actively controlling interfaces between compliance, information security, money laundering prevention and data protection
- Modules of an Effective Data Protection System: Interface Management to
- Processing Inventory Art. 30 EU-GDPR
- Data protection impact assessment Art. 35 EU-GDPR
- Deletion Concept Art. 17 EU-DSGVO and DIN Standard 66398
- Secure handling of self-developed IT applications, access rights, IT approvals and changes in the IT system
- Efficient communication with outsourced, privacy, money laundering and information security officers
- Control Plan Compliance – The most important monitoring and control actions
- Compliance requirements for control and reporting obligations in the IT area
Each participant receives the S+P Tool Box:
+ Checklist: Data Protection for Practitioners acc. new GDPR
+ Checklist: Monitoring and documentation of control actions
+ Job description for Information Security Officer