In today’s world, information technology (IT) has become an integral part of almost every aspect of our businesses. As digitalisation increases, so does our dependence on the availability and reliability of IT processes and systems. This is exactly where the Digital Operational Resilience Act (DORA) comes in – a pioneering EU regulation that aims to strengthen digital resilience in the financial sector by creating standardised and consistent requirements. DORA makes it clear that we need to integrate corporate IT more closely into our governance structures and internal control systems in order to meet the challenges of the digital era. This new regulation will fundamentally change the way financial institutions manage their IT risks and ensure their operational resilience.
One of the unfortunate side effects of the digital transformation is the increased risk of cyber threats. The EU has launched the Digital Operational Resilience Act (DORA) to address these challenges. The aim is to improve security and operational resilience across the European finance sector.
From 17 January 2025, companies in the finance sector will have to comply with extensive requirements. In addition, national laws such as the Financial Markets Digitalisation Act (FinmadiG) and amendments to other national supervisory laws (including the German Banking Act (KWG), Insurance Supervision Act (VAG), Investment Services Supervision Act (ZAG), Securities Trading Act (WpHG), Securities Prospectus Act (WpIG), Capital Investment Act (KAGB), Stock Exchange Act (BörsG), Capital Markets Act (KMAG), Trade Regulation Act (GewO)) must be complied with. Companies face great challenges with these new regulations.
To help companies meet these challenges, Frankfurt School is expanding its portfolio on the subject of IT Regulatory Assurance. In addition to the IT Governance Manager and IT Compliance Manager certificate courses, an IT Regulatory Assurance Manager course will also be offered from 2025. These courses will be conducted at the Frankfurt School in cooperation with the ISACA Germany Chapter e.V..
The Information Systems Audit and Control Association (ISACA) is an international professional association dedicated to promoting and developing the skills of professionals in the field of IT control, security and management. The ISACA Germany Chapter e.V. has developed a multi-level certificate programme that fully prepares professionals for the challenges of the digital world.
This seminar provides a comprehensive introduction to regulatory IT requirements and their practical implementation. It provides a thorough overview of national German and European regulations, including DORA, and the relevance of these requirements for IT departments. Special emphasis is placed on IT Audit Management, IT Governance and the integration of regulatory requirements into audit planning to ensure compliance.
In addition, it covers important topics such as ICT Risk Management, with a focus on identifying critical functions and establishing an effective risk management system. It also focuses on operational information security, including methods for vulnerability management, network security and protecting sensitive data through access and identity management.
In addition, this course discusses IT project management and application development in the context of regulatory requirements. It also covers the management of ICT third-party risks, particularly in the case of cloud outsourcing, in order to ensure the operational security of IT and business continuity. With the help of practical case studies and best practices, participants will learn strategies to strengthen IT resilience and ensure compliance with regulatory requirements.
Experts from regulatory authorities, academia as well as the internal and external audit sectors will present the individual requirements in a comprehensive and practical way.
The certificate programme is under the professional supervision of Prof. Dr. Andreas Igl, Professor at the TH Deggendorf and lecturer at the Hochschule der Deutschen Bundesbank, and Markus Gaulke, Senior Manager at KPMG AG Wirtschaftsprüfungsgesellschaft in the Financial Services division and board member of ISACA Germany Chapter e.V.
Participants attending the certificate course at the Frankfurt School take a demanding examination to gain the “IT Regulatory Assurance Manager” (ITRAM-FS) certificate. This is the highest level of the three-level certificate programme offered by the ISACA Germany Chapter e.V. and is on the same level as the existing “IT Governance Manager” and “IT Compliance Manager” certificates.
These certificate programmes are also offered at the Frankfurt School.
ISACA Certification Concept
In a world where IT plays an increasingly important role, solid IT governance is essential. With the right tools and expertise, organisations can not only minimise their risks, but also increase their operational excellence. Certificate programmes such as IT Regulatory Assurance Manager provide valuable support in this regard and optimally prepare professionals for the challenges of the digital future.
Co-Author
(C)Matthias Ketz
Prof. Dr. Andreas Igl
BDO Foundation Professor at TH Deggendorf
Andreas Igl is a renowned expert in financial markets with over 15 years of international experience in both consulting and academic positions in leading institutions and supervisory authorities. The main focus of his research and teaching activities is on issues relating to the conception and implementation of systems for risk measurement and management in the finance sector, as well as the practical implementation of regulatory requirements. His current work focuses on the areas of digital data analysis and forensics, the implementation of DORA, key figure-based overall banking management (including ICAAP and ILAAP) and innovative business models for credit institutions. As a lecturer at the Frankfurt School, he shares his knowledge with professionals and managers in seminars on regulatory requirements, risk management (including ICT and ESG) and DORA/information security.
LinkedIn: Prof. Dr. Andreas Igl | LinkedIn