What will change with the Sanctions Enforcement Act (SanktDG)? For the effective operational enforcement of the sanctions, the expertise of various authorities and bodies at federal and state level and their cooperation is required for the respective sanction areas. The existing legal regulations have so far not been specifically geared towards...
What is a Business Impact Analysis (BIA)? The EBA Guide EBA/GL/2019/04 provides guidelines for the management of ICT and security risks. In the business impact analysis, serious business interruptions are analyzed and their potential impact (including the impact on confidentiality, integrity and availability) is evaluated quantitatively and...
What is a Business Continuity Plan (BCP)? The business continuity plan (BCP) serves to ensure the continuity of business operations. The BCP should be approved and documented by the governing bodies.
Risks that may have a dysfunctional impact on ICT systems and ICT services should be taken into account in particular.
The BCP should promote...
Why do I need a Business Continuity Plan (BCP)? The EBA Guide EBA/GL/2019/04 provides guidelines for the management of ICT and security risks. The BCPs ensure you can respond appropriately to potential outage scenarios and have the ability to recover from disruptions.
The BCP shall specify the following:
# recovery time objective (RTO): target...
What must the emergency plan include? The MaRisk provide guidelines for the management of security risks. The emergency concept must include recovery and business continuity plans.
It must ensure that alternative solutions are available promptly in an emergency.
The recovery plans aim to enable a return to normal operations within a reasonable...