Skip to main content
Data protection

Data protection

For Managing directors, board members and supervisory board members, authorised signatories, compliance and data protection officers


Plus 19% VAT.
  • With the seminar, you will receive your certificate as proof of your expertise
    (e.g. for submission to BaFin)

  • Agile techniques for modern compliance

  • IT governance: risk analysis to determine the need for IT protection

  • Data protection obligations

Save the Dates





  • 9.15 am – 1.00 pm

    Agile techniques for modern compliance

    Company data protection officer: tasks, duties and rights

    Top prepared for

    • Supervisory audits by the authorities
    • Home office and employee protection
    • secure handling of video conferences
    • on the internet: Use of tracking tools

    Outsourcing or external procurement? Correct valuation of software and IT services

    • IT compliance at a glance: Interlocking IT strategy, IT governance, information security and information risk management
    • Focus of the audit on IT compliance: IT strategy, IT environment and IT organisation in the focus of the new MaRisk, MaGO, KAMaRisk and BCBS

S+P Tool Box

  • S+P Sample Handbook Data Protection Management (approx. 40 pages)

  • S+P Check: Data Protection IT Security and Cyber Risks

  • S+P Tool: Risk Assessment IT Protection Needs with Scoring

  • S+P Handbook: Information Security Guideline

  • 2.00 pm – 5.00 pm

    IT governance: risk analysis to determine the need for IT protection

    Risk analysis in information management

    Carrying out the qualitatively tightened IT risk analysis on the basis of uniform scoring criteria

    Assessment of the need for protection with regard to integrity, availability, confidentiality and authenticity

    New BaFin requirements for cloud computing: strategy, risk analysis and Materiality assessment

    Information security management: drawing up the catalogue of target measures and Deriving the risk-reducing measures

    Data protection obligations: Interfaces between compliance,information security, money laundering prevention and actively manage

    Modules of an effective data protection system: Interface management to

    • Processing directory Art. 30 EU GDPR
    • Data protection impact assessment Art. 35 EU-DSGVO
    • Deletion concept Art. 17 EU-DSGVO and DIN standard 66398

    Confident handling of self-developed IT applications, access rights, IT approvals and changes in the IT system

    Efficient communication to outsourcing, money laundering and Information Security Officers

    • Compliance control plan – The most important monitoring and control actions
    • Compliance requirements for control and reporting obligations in the IT sector
Data protection
Data protection