Interface to outsourcing AT 9 MaRisk
Optimal interaction with the central outsourcing officer design:
- New service provider management AT 9.7 with risk analysis and new outsourcing report
- Compliance officer as central outsourcing officer?
Pre-outsourcing analysis according to MaRisk AT 9 and EBA guidelines:
- Minimum requirements for the due diligence of a prospective service provider:
- When is it mandatory to classify an outsourcing as critical / material?
What does the compliance officer have to pay attention to in the adaptation processes AT 8 MaRisk?
AT 8.1 MaRisk: Securely integrate annual New Product Check
Interface Compliance Officer to ISB and DPO
Regulatory requirements for IT governance:
- Is the outsourcing data protection compliant?
- Establish audit-proof interfaces between outsourcing officer, ISB and DPO.
AT 7: Audit focus on IT compliance:
- IT strategy, IT environment and IT organisation in focus of the new MaRisk
- Secure handling of self-developed IT applications, access rights, IT approvals and changes in the IT system