Projects
05/14 – 08/15 Monetary financial institution
External Consultant/IT-Riskmanagement project
- Development of a policy, procedure and tools for a centralized risk repository and homogenous risk analysis and rating
- Risk evaluation of potential risks
Senior Consultant/Employee Head of the business unit risk management
- Development of Consultancy tools for ISMS and risk management based on ISO/IEC 31000 & 27000
- Execution of Information security and risk evaluation projects in the finance industry and SMEs
09/13 – 01/14 IT service provider for financial institutions(Sparkassen)
External Consultant/IT-Riskmanagement project
- Development of a tool based on the BRA (Business Risk Analysis) method
- Training of management to conduct a self-assessment and risk evaluation
- Final report to head of audit
11/13 – 12/13 Monetary financial institution
External Consultant/IT-Riskmanagement project
- Development of a procedure and tool to conuct a risk self-assessment snap-shop of external IT service providers on duty.
- Risk evaluation of selected applications
(External Consultant/IT-Riskmanagement project)
- Risk evaluation following an external vulnerability scan
- Final report to the head of IT
11/12 – 02/13 Manufacturer of logistic systems
(External Consultant/Information Security project)
- Development of ISMS assessment tool based on ISO/IEC 27001 and level of maturity assessment (expert interviews)
- Final report to the head of IT