Information security

Information security

Board members and managing directors at banks and financial service providers, CISO, outsourcing controlling, risk controlling, compliance, data protection and internal audit

665,-€

Plus 19% VAT.
  • With the seminar, you will receive your certificate as proof of your expertise
    (e.g. for submission to BaFin)

  • Tasks of the Information Security Officer

  • Risk analysis to determine the need for IT protection

  • Ongoing monitoring duties of the Information Security Officer

Save the Dates

30.09.-01.10.
Munich

……

…..

Programm

  • 9.15 am – 1.00 pm

    Tasks of the Information Security Officer


    Overview of the range of tasks: Interlocking IT strategy, information security and information risk management


    Efficient communication and interface management with outsourcing, data protection and compliance officers


     You need to know these „red lines“: Minimum requirements from BAIT, KAIT, VAIT, ZAIT, DIN EN ISO 2700x and BSI-Grundschutz in an audit-proof manner.


    Introduction of the information security guideline with processes for identification, protection, detection, response and recovery


    Establishment of an audit-proof management reporting system


    Risk analysis to determine the need for IT protection


    Risk analysis in information management


    Implementation of the qualitatively tightened risk analysis on the basis of uniform scoring criteria


    Assessment of the need for protection with regard to the goals of Integrity, availability, confidentiality and authenticity


    Benchmarks for drawing up the catalogue of target measures and deriving the risk-reducing measures


    Steering and control activities and their implementation


S+P Tool Box

  • Organisational handbook for the Information Security Guideline (Length approx. 30 pages)
  • Sample reporting for Information Security Officer
  • S+P Tool Risk Assessment: Determination of IT protection needs

Information security

  • 2.00 pm – 5.00 pm

    Ongoing monitoring duties of the information security officer


    New requirements for monitoring, control and reporting obligations


    The focus on agility places high demands on user Authorisation management


    Ad hoc reporting on significant IT projects and
    IT project risks to the management


    Mapping of significant project risks in risk management


    New requirements for control and reporting obligations of the IT service provider and the outsourcing officer


    Establish appropriate processes for IT application development


    Delimit outsourcing and other external procurement of IT services in an auditable manner


    Data protection concept of the ISB versus deletion concept of the DPO

Information security
Information security