Library Update: BAIT

The Alyne library has just been updated with new content to meet the requirements published by the German Financial Regulator BaFin for governing IT in regulated banks known as BAIT.

The BAIT (Bankaufsichtliche Anforderungen an die IT) defines more specific requirements for IT departments based on the overall requirements defined in the minimum requirements for risk management (MaRisk). The update has been provided - as with all previous library updates - to existing and new customers alike. The new content includes a control set of 130 control statements and a corresponding assessment set. We also added some new control statements specific to the BAIT to the library to appropriately cover this regulation.

More Transparent IT Governance

Banks are required to put a more transparent IT Governance Framework in place and increase controls management diligence. The IT Governance controls framework shall be linked to mature information risk management processes and information security management practices. For Alyne customers, these requirements are easily implemented. Alyne's control framework, linked to multiple standards, laws and regulations, is fully integrated into an assessment and risk management capability, exactly as intended by this new regulation. 

Strengthened CISO

The role of the Chief Information Security Officer is significantly strengthened and is now a mandatory role for regulated banks. Reporting, responsibilities and oversight of secure software development have been defined in significant detail. Unsurprisingly, identity and access management, secure operations and outsourcing remain focus topics. 

Contact our sales team at to learn how Alyne can help your BAIT initiative or learn about how you can experience Alyne’s capabilities in a Proof of Concept.

Karl Viertel

Related Posts

Library Update: ACSC Essential Eight 2021

The Alyne Library has recently been updated with a Control Set covering the July 2021 version of the Essential Eight Maturity Model issued by the Australian Cyber Security Centre (ACSC). The standard allows self-assessments based on the highest maturity level provided within the Essential Eight Maturity Models.
Read more

Library Update: TISAX VDA ISA Version 5.0.4

The Alyne Library has recently been updated with a Control Set covering version 5.0.4 of the Information Security Assessment (ISA) issued by the Verband der Automobilindustrie (VDA). The ISA allows for self-assessments, audits and health checks in accordance with the Trusted Information Security Assessment Exchange (TISAX).
Read more

Library Update: UK GDPR

The Alyne Library has recently been updated with a Control Set covering the United Kingdom General Data Protection Regulation (UK GDPR). It explains the general data protection regime that applies to most UK businesses and organisations, and covers the UK GDPR, tailored by the Data Protection Act 2018.
Read more