Our competencies gained in the field of information security and IT risk management are based on the experience in the

  • Governance of IT security and risk themes in the financial industries
  • Set-up and operation of the internet banking and brokerage systems for a German bank’s retail business

Some significant activities have been

  • Consulting of the business and IT areas to identify, assess, mitigate and monitor operational information security risks associated with the group’s IT landscape
  • Guidance to and supervision of IT units in acquisition, outsourcing and divestment projects with high IT risk profile to establish and maintain an adequate IT control environment
  • Development and rollout of a groupwide information security risk assessment management methodology and supporting tools
  • Harmonisation of the training program for information security professionals and practicioners
  • Set-up of cross-divisional processes and a governance body to supervise progress and cost-benefit ratio. As a result the program effectively supported Sarbanes Oxley, Basel II and other regulatory compliance programs for the bank
  • Integration of adequate authentication and encryption technologies in internet banking applications
  • Integration of EU General Data Protection Regulation (GDPR) requirements across the bank’s IT landscape