During the last weeks the Alyne Team has been updating and reviewing the existing MaRisk control set and assessment covering now the new content of the MaRisk IT Governance and Security 09/2017. The update has been provided - as with all previous library updates - to existing and new customers alike.
This control set covers IT governance, cyber security and assurance requirements as defined by the German regulatory body for financial institutions BaFin in the MaRisk BA in version 09/2017 (Minimum Requirements for Risk Management). Chapters included: AT 2.2, AT 3, AT 4.3, AT 4.4.2, AT 4.4.3, AT 5, AT 6, AT 7, AT 8.2, AT 9, BTR 4, BT 2. The new content includes a control set of 247 control statements and a corresponding assessment set.
Two years ago we already published a Blog article, covering the 8 new requirements, for the IT (CIO) and IT security (CISO) executives in banks, in the MaRisk (Mindestanforderungen an das Risikomanagement) the BaFin (Bundesanstalt für Finanzdienstleistungsaufsicht) published in February 2016.