Board members and managing directors at banks and financial service providers, CISO, outsourcing controlling, risk controlling, compliance, data protection and internal audit
With the seminar, you will receive your certificate as proof of your expertise
(e.g. for submission to BaFin)
Tasks of the Information Security Officer
Risk analysis to determine the need for IT protection
Ongoing monitoring duties of the Information Security Officer
30.09.-01.10.
Munich
……
…..
Tasks of the Information Security Officer
Overview of the range of tasks: Interlocking IT strategy, information security and information risk management
Efficient communication and interface management with outsourcing, data protection and compliance officers
You need to know these “red lines”: Minimum requirements from BAIT, KAIT, VAIT, ZAIT, DIN EN ISO 2700x and BSI-Grundschutz in an audit-proof manner.
Introduction of the information security guideline with processes for identification, protection, detection, response and recovery
Establishment of an audit-proof management reporting system
Risk analysis to determine the need for IT protection
Risk analysis in information management
Implementation of the qualitatively tightened risk analysis on the basis of uniform scoring criteria
Assessment of the need for protection with regard to the goals of Integrity, availability, confidentiality and authenticity
Benchmarks for drawing up the catalogue of target measures and deriving the risk-reducing measures
Steering and control activities and their implementation
Information security
Ongoing monitoring duties of the information security officer
New requirements for monitoring, control and reporting obligations
The focus on agility places high demands on user Authorisation management
Ad hoc reporting on significant IT projects and
IT project risks to the management
Mapping of significant project risks in risk management
New requirements for control and reporting obligations of the IT service provider and the outsourcing officer
Establish appropriate processes for IT application development
Delimit outsourcing and other external procurement of IT services in an auditable manner
Data protection concept of the ISB versus deletion concept of the DPO
We need your consent before you can continue on our website. If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. You can revoke or adjust your selection at any time under Settings. Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans.
If you are under 16 and wish to give consent to optional services, you must ask your legal guardians for permission. We use cookies and other technologies on our website. Some of them are essential, while others help us to improve this website and your experience. Personal data may be processed (e.g. IP addresses), for example for personalized ads and content or ad and content measurement. You can find more information about the use of your data in our privacy policy. Some services process personal data in the USA. With your consent to use these services, you also consent to the processing of your data in the USA pursuant to Art. 49 (1) lit. a GDPR. The ECJ classifies the USA as a country with insufficient data protection according to EU standards. For example, there is a risk that U.S. authorities will process personal data in surveillance programs without any existing possibility of legal action for Europeans. Here you will find an overview of all cookies used. You can give your consent to whole categories or display further information and select certain cookies.