As the volume of available data continues to expand, so do the potential benefits as well as the associated security risks. To safeguard against potential misuse of valuable information and to maintain customer trust, robust data protection and high-level information security measures are imperative.
At Confero Group, we recognize that effective data management is a critical foundation for forward-thinking banking practices. As such, we provide comprehensive support for all aspects of corporate security management.
Our experienced team serves as external data protection officers for a range of financial services companies in Germany and Luxembourg, assuming ongoing responsibility for ensuring compliance and maintaining the highest standards of data protection. With our expertise in this area, our clients can rest assured that their information is safeguarded against potential threats and their businesses are well-positioned for continued success.
Objective
To ensure compliance with all data protection requirements in accordance with DS-GVO/BDSG at an asset management firm.
Role of the Consultant
As an external data protection officer, project manager, and data protection specialist, our role is to oversee the implementation and coordination of the necessary measures.
Implementation
Our approach involves conducting a comprehensive GAP analysis, coordinating and prioritizing the EU-DSGVO requirements, defining and designing the data protection organization, implementing the necessary measures in a process-integrated manner, and assuming the role of external data protection officer as required under DS-GVO Art. 37-39.
Duration
We have been providing our services in this capacity since 2017 and continue to work closely with our clients to ensure ongoing compliance and robust data protection practices.
Objective
To oversee the digitalization of regulatory requirements for data protection (DS-GVO) and information security at a regional bank.
Role of the Consultant
As a specialist in data protection and information security, our role was to provide technical expertise and guidance throughout the implementation process.
Implementation
Our approach involved developing technical and structural specifications and conceptual designs, serving as a product owner/representative for the technical department in agile implementation, integrating the solution into an overall technological platform (TopEase), and designing and implementing an interim IDV solution using XLS/Access/VBA. We also managed the migration of legacy data from previous year assessments to ensure a seamless transition.
Duration
We worked on this project from 2018 to 2019, providing our expertise and support to ensure successful digitalization of regulatory requirements for data protection and information security at a regional bank.
Objective
To provide support for the comprehensive revision and redesign of the ISMS at a large regional abnk.
Role of the Consultant
As an Information Security Specialist, our role was to provide expertise and guidance throughout the planning, implementation, and introduction of the new IT security management system.
Implementation
Our approach involved planning and implementing the new ISMS, creating company-specific implementation guidelines based on the concepts of "Secure IT Operations" (including DIN ISO 27XX and BSI 100ff) developed by the Sparkassen Finanzgruppe (SIZ), coordinating the results with audits and WP, planning, preparing, and implementing the protection needs assessment, and planning and preparing for the operationalization of the implementation guidelines through a written order.
Duration
2016-2018