Due to the rapidly increasing threats to an IT operation, every company should survey and evaluate the relevant IT threats with regard to information security. However, the selection of threats for the primary InfoSec protection goals confidentiality, integrity and availability is very complex, because there are no simple threat lists, especially for small and [...]
We would like to provide valuable tips for the implementation of ISO 27001 for all companies that are aiming for certification. The ISO 27001 standard describes the requirements of an information security management system (ISMS), which also includes having a person responsible for information security. This person is often called the information security officer [...]
From January 21 to 22, 2019, a training course on the topic of the General Data Protection Regulation (GDPR) Audit Approaches and Impacts on Internal Audit Activities will be held at the Academy of Internal Auditing in Vienna. Primary target group are interested persons in the audit department, IT department, security and data protection officers [...]
Secure coding is no longer new in software development. It has also been established for a long time, you can find a wealth of information about it, there are courses, tutorials, and everything is well documented. All developers should therefore be using it by now. Unfortunately, developing secure software does not start with a simple [...]
Date 6: Audit approaches to demonstrate accountability. In preparation for the General Data Protection Regulation, SEC4YOU is offering a series of events that focus on the what and how. In the last workshop of the event series, we look at the upcoming audit approaches to demonstrate accountability. In our workshops, defined results of the [...]
Date 5: Risk analysis as a preliminary step to data protection impact assessment. In preparation for the General Data Protection Regulation, SEC4YOU offers a series of events that focus on the what and how. This time, we look at risk analysis as a precursor to data protection impact assessment (DPIA). In workshops, defined results [...]
More and more often we are asked how to train data protection and the requirements of the GDPR. For internal data protection officers (DPOs) or, if you don't have a DPO, for the internal data protection contact person, there are numerous training courses and courses for further training in the GDPR requirements. However, familiarization [...]
The inventory of processing activities according to Article 30 (without sound). Video presentation of our GDPR workshop in Vienna on November 7, 2017. This video is the presentation recording of our GDPR "What & How" customer event held in Vienna on November 7, 2017. Learn with the video the important features of a register [...]
4. appointment: Internal and external service providers according to DSGVO Article 28. In preparation for the General Data Protection Regulation, SEC4YOU offers a series of events focusing on the "what" and the "how". In workshops, defined results of the concrete implementation (the "how") are presented in addition to the known requirements of the EU [...]
3rd date: Technical & organizational measures according to DSGVO Article 32. In preparation for the General Data Protection Regulation, SEC4YOU offers a series of events that focus on the "what" and the "how". In workshops, defined results of the concrete implementation (the "how") are presented in addition to the known requirements of the EU [...]