
Information risk management – an overview
The protection of information is essential for companies in view of the constant increase in digitalization, the growing technical processing of data and increasing threats.
The protection of information is essential for companies in view of the constant increase in digitalization, the growing technical processing of data and increasing threats.
The October update focuses on the EBA’s supervisory priorities and work programme, the Financial Market Digitization Act and DORA
The September update focuses on a timeline on DORA, the ZAG MaRisk consultation, and European input on ICT third-party service providers
Information security has long since ceased to be a topic that only concerns IT. Over the last few years, attacks have multiplied and so have regulatory requirements related to information security.
Various regulatory developments such as DORA, Cloud, BAIT, third-party procurement and information security will be covered in a compact form through practical presentations.
The July update focuses on DORA, IT operations in the context of the cloud, and the interplay between data protection and antitrust law.
The ESAs approached market participants with a discussion paper at the end of May 2023 to consider their input in advice to be submitted to the EU Commission by September 30, 2023. Addressed are critical ICT third-party service providers, specifically the criteria for their identification as well as the supervisory fees they are required to pay.
The April update focuses on three new pieces of EU legislation, the FSB’s Cyber Incident Reporting, and the timeline on RTS/ITS under DORA
The March update focuses on IT-Grundschutz Compendium, the cybersecurity maturity assessment, and the BaFin-FAQ on outsourcing notifications.
The February update focuses on BaFin outsourcing notifications, the Data Privacy Framework and Coordinated Vulnerability Disclosures.