This course aims to provide a general introduction to cloud computing, within the context of IT outsourcing. The goal is to prepare someone to assume the role of “Cloud Officer” as per CSSF Circular 17/654 and be responsible for the use of cloud services, understanding the competences of the staff managing cloud computing resources
At the end of the training, participants will be able to:
-Describe different governance models supporting IT outsourcing to a public cloud provider
-Explain the different cloud platform service delivery models
-Describe how risk is managed within the context of a “shared security model” with a cloud provider
-The role of Cloud Officer
- Risk Management (Territoriality,…)
- GDPR journey
- Outsourcing Framework
- Governance
-Sourcing Models
-Overview of Cloud Technologies
-Cloud risks (and shared security/Responsibility models)
-Vendor/Supplier Management/Third Party Risk Management
- Notification to the CSSF (authorization request, discontinuation, etc.)
-Applicability of the Circular
-Requirements of the CSSF
Proportionality
Signatory
Resource Operation
(IT) GRC (Governance Risk Compliance)
Client Notification and Consent
-GDPR
-ISCR complies with data protection regulations
Necessity to inform the Competent Authority
Management of outsourced risks
Business Continuity
System Security
Monitoring Activities
Contractual Clauses
Right to Audit
Performance of the right to audit
Establishing and completing the Register
Particular case of Investment fund managers
-Individuals who are going to be a Cloud Officer
-IT supervisors of organizations using or contemplating cloud use
-CISO
-Internal Audit (as requested by CSSF)
-Member of Credit Institution and PFS within the meaning of the Law of 5 April 1993 on the Financial Sector (“LFS”).
-Member of payment institution and electronic money institutions within the meaning of the Law of 10 November 2009 on payment services (“LFS”)
-Member of investment fund partners subjects to circular CSSF 18/698.
N/A
1 day
Back Registration