Discover our tailor-made Security-as-a-Service solutions for IT infrastructures and web applications.
Auf einen Blick
03
Outsourcing management for complex outsourcing
In the case of larger institutions, which have to manage many types of outsourcing, this is done via central outsourcing management, which prepares an annual report on all material outsourced services and processes for the supervisory authority. BaFin also stipulates that institutions must ensure the implementation and further development of outsourcing management and corresponding control and monitoring processes. Ongoing documentation of outsourced activities and processes as well as coordination and review of risk management must also be ensured.
Discover our tailor-made Security-as-a-Service solutions for IT infrastructures and web applications.
06
Contractual requirements for material outsourced activities and processes (MaRisk AT 9, No. 7)
The services to be provided, auditing rights, powers to give instructions, and notice periods must be specified in a comprehensive outsourcing contract to formally ensure the continuity and quality of the outsourced processes. Furthermore, the contractual relationship must also include rules covering subcontracting, which is when the service provider in turn hires a subcontractor to perform the services. Particular attention is paid to the possible right to reserve approval and the obligation to provide information along the entire supply chain up to the institution.
Want to learn more about our solutions, use cases and best practices for attack defense? In our download area you will find product sheets, fact sheets, white papers and case studies.