Systemintegration for Financial Services

IT security and data protection

IT security and data protection

In light of increasing digitalization and legal and regulatory requirements, IT security is becoming ever more important. We provide you with support in the implementation of measures to ensure the confidentiality, availability and integrity of your data. You benefit from our long-standing industry expertise along with the use of best practices in IT security.

Aside from the competent handling of recommendations from the BSI IT Baseline Protection Compendium (German: IT-Grundschutz-Kompendium) and NIST - Special Publication 800-53, we contribute our knowledge from certifications on IT security (ISO/IEC 27000x) and fraud prevention (Certified Fraud Examiner). For these reasons, we are the right partner for meeting BaFin requirements such as  supervisory requirements for IT in financial institutions (BAIT) and the supervisory requirements for IT in insurance companies (VAIT).

You also benefit from our specialist knowledge regarding the implementation of the European General Data Protection Regulation (EU GDPR). In this context we support you in the technical implementation of deadlines relating to the retention and deletion of personal data. In particular, Sec. 5 in conjunction with Sec. 32 EU-GDPR aims at ensuring the legally compliant processing of personal data. One approach that we are happy to discuss with you could be the targeted logging of reading or writing access to personal information.

In the roles of project manager or business analysts, we support you holistically in your projects for strengthening the company security from planning all the way through to implementation.

Requirements analysis: We determine the current and target state, advise you about solution approaches and record them in the requirements specification.

Conceptual design: In coordination with relating business and IT areas, we create the necessary conceptual design and documentation. Here, the project documentation generally includes detailed specifications, operating manuals or data processing concepts. Relating to IT security, we provide you with support for creating or revising security-relevant documents such as authorization concepts, disaster recovery plans, data protection check lists and IT security concepts.

Implementation: We can manage or support your implementation of standardized or customized solutions. We also adapt the processes required for this to your (ITIL) standard and can train your staff if required.

Our consultants combine methodological and specialist competencies with a passion to overcome complex challenges. It is our aim to jointly develop innovative strategies to increase your company security.