IT risk management: protection needs analysis for IDVs, adaptation of existing software
Project duration: 5 months
Brief description
With the help of the IDV-Organizer (IDV = Individual data processing) the customer is enabled to evaluate, recognize and document potential dangers by individually created software (here Excel applications). In the event of an identified hazard, the application creates a catalogue of measures and controls their implementation. In this further development, the calculation / assessment of the need for protection is adapted and the catalog of measures is changed accordingly.
Supplement
The IDV-Organizer is a tool created by PTA for the administration of office-based smaller applications (usually MS Access or MS Excel).
Subject description
Requirements for risk minimisation in MaRisk provide for the recognition, assessment and implementation of measures in the case of systemically relevant IDVs. The Minimum Requirements for Risk Management (BA), abbreviated MaRisk (BA), are administrative instructions published in a circular by the Federal Financial Supervisory Authority (BaFin) for the design of risk management in German credit institutions. The new calculation of the need for protection provides a stricter grid and results in significantly more applications being classified as needing protection.