0800 / 27 00 001
We are thrilled to serve you

Mo-Th.: 08:00 - 18:00
Friday: 08:00 - 14:00
  2. Home
  3. ICT Risk Management
  4. ICT Risk Manager

External ICT risk manager

The Digital Operational Resilience Act (DORA) brings communication and information technologies (ICT) and ICT service providers into focus. The ICT risk manager plays a crucial role in implementing the requirements of DORA and in strengthening the digital operational resilience of financial institutions and financial market infrastructures. Through risk assessment, security policy development, compliance monitoring, incident response and training, the ICT Risk Manager helps to strengthen the organization's digital resilience and improve its ability to cope with cyber-attacks. In order to carry out ICT risk management, sound technical skills are required to identify the risks in communication and information technologies. Due to the frequent lack of technical skills, it can make sense to outsource the role of ICT risk manager.

Tasks of the external ICT risk manager

Under certain conditions, this function can also be outsourced. We can tell you the conditions under which you can appoint an external ICT risk manager and would be happy to take on this role for you.

Graphic External ICT risk manager

We can perform the following tasks for you:

  • Identification of critical services: assisting in the identification of key ICT services and systems that are critical to the functioning of the financial institution or financial market infrastructure.
  • Risk Assessment: Conduct regular risk assessments to identify, evaluate and prioritize potential cyber risks and threats that could impact the digital resilience of the organization.
  • Risk management: Develop and implement strategies and measures to address identified risks and strengthen the organization's digital resilience in accordance with DORA requirements.
  • Security Policy Development: Develop security policies and procedures that meet the requirements of DORA and ensure that the organization maintains appropriate security standards.
  • Implementation of security measures: Overseeing security measures including implementing technologies to detect and defend against cyber-attacks and conducting cyber resilience testing.
  • Compliance monitoring: Monitoring the company's compliance with DORA requirements and ensuring that all necessary measures are taken to comply with legal requirements.
  • Reporting: Regular reporting to senior management and regulators on the company's digital resilience.
  • Incident Response: Coordinating the company's response to cybersecurity incidents and cooperating with other departments to respond quickly and effectively to security incidents and minimize potential impact.
  • Contingency planning: Supporting the development and updating of contingency plans and processes to ensure that the company is quickly back up and running in the event of a cyberattack and can limit the damage.

Advantages of the external ICT risk manager

  • Small and medium-sized companies in particular are now making use of the services of an external ICT risk manager. This has the following advantages:
  • Reduced training costs for in-house staff, saving time and money
  • Always up-to-date expert knowledge thanks to continuous further training by the external ICT risk manager
  • Support for the company risk manager, who often does not have the technical knowledge to carry out ICT risk management
  • Timely information on new or upcoming topics, e.g. Cyber Resilience Act (CRA), EU Network and Information Security Directive (NIS2), etc.
  • Targeted and calculable deployment thanks to a defined time budget
  • Greater acceptance among employees (especially for upcoming changes) if the suggestions come from an external consultant
  • Rapid implementation with less effort for the necessary measures - thanks to the practical experience and expert knowledge of the external ICT risk manager
External ICT risk manager

If required, we will be happy to take on the role of external ICT risk manager for you.

If you are interested, we can also support you in the area of data protection and information security. If you come from an industry that requires the appointment of a data protection or information security officer, you can benefit from synergy effects by having us take on several roles. We can offer you these synergy effects in the form of a lucrative overall package.

We would be happy to provide you with information in an initial free and non-binding consultation.

Address

Frommel Datenschutz GmbH
Akazienstr. 6a
61352 Bad Homburg
Germany

Contact

Phone: 06172 / 1710179
Fax: 06172 / 1714896
WhatsApp: 06172 / 4954596
E-Mail: datenschutz@frommel.com
Web: datenschutz.frommel.com

Opening hours

Mo.-Th.: 08:00 a.m. – 06:00 p.m.
Friday : 08:00 a.m. – 02:00 p.m.
Saturday: on appointment

In case of emergencies at any time

Our strengths

  • Free and non-binding initial consultation
  • Competent, individual and ongoing support
  • Practical and illustrative use cases
  • Pragmatic solutions
  • Many years of experience