Employees in banks from the areas of IT, information security, risk management / risk control, audit and organisation, as well as employees of IT- or IS-service providers for banks, which would deepen their understanding of the legal requirements on information security (IS) defined in MaRisk.
The seminar gives an overview of the MaRisk requirements for information security for financial services companies under German supervision. The requirements existing in MaRisk are discussed in the context of other regulations and complemented by a summary of legal responsibilities. Participating in this seminar will give an in-depth overview of the overlapping topics of risk management according to MaRisk and information security as per ISO 27000. The usual outsourcing of IT services at banks will be particularly taken into account and relevant requirements be discussed for both the Bank as well as the IT- (or IS-) service providers.
Interactive lecture, case studies, discussion, group work