Increasing compliance requirements
“The dependency of core and value-added processes on the IT infrastructure and the IT systems operated there is constantly increasing at credit institutions. This means that the associated compliance requirements are also increasing almost to the same extent”. In an article that has just been published on the specialist platform “Security Insider”, SRC expert Dagmar Schoppe explains the different regulatory and legal requirements that determine the daily business of credit institutions and how IT compliance is improved by the introduction of an ISMS.
Value creation processes are threatened
The protection of these value-added processes through compliance with regulatory and legal requirements, e.g. from BAIT, MaRisk or the IT Security Act, is a very topical issue. After all, the danger of hacker attacks is a real and current threat. This is one of the reasons why IT security is one of the central audit focuses of the BaFin. The TIBER-EU programme, which is intended to strengthen the resilience of the financial world against cyber attacks, also aims in this direction.
Holistic information security management system creates security
For a holistic approach to the protection of corporate values, the various organisational and technical aspects must be combined into a holistic concept. This leads to the introduction of an information security management system, e.g. on the basis of ISO 27001.
The experts of the SRC division Banking Compliance will gladly advise you on regulatory and legal requirements and their implementation, e.g. by introducing an information security management system (ISMS) or by carrying out TIBER tests. SRC is a member of the Cyber-Alliance.