ALLER AU CONTENU
Le portail de la formation tout au long de la vie
LU
DE
EN
FR
PT
Vous êtes ici: Accueil > Formations > PwC's Academy

IT regulation and IT outsourcing in Luxembourg - what you need to know

4 heure(s)

Objectifs

This training aims to provide an introduction to the main IT regulatory requirements applicable to CSSF supervised entities with a specific focus on the topics of ICT and security risk management (CSSF 20/750), IT outsourcing and cloud computing (CSSF 22/806), fraud and incident reporting (CSSF 11/504) and teleworking requirements (CSSF 21/769). This presentation will be supported by good market practices and practical examples. The goal is to increase your comfort level when confronted with IT specific regulations and to strengthen your company’s oversight and IT risk management capabilities. This training course is designed as an essential step to assist you to address the following challenges, among others:

  • What is the current IT regulatory framework in Luxembourg?
  • Which IT regulations are applicable to your organisation (including investment fund managers, banks, PSFs, e-money and payment institutions)?
  • What are the main ICT risks to be considered in the risk management framework of your organisation?
  • How to assess the ICT risks? What controls should be foreseen?
  • What does IT outsourcing mean from a regulatory perspective?
  • What are the key considerations prior to your IT outsourcing arrangements?
  • What are the key aspects to know prior to your implementation of a telework solution within your organisation?

By the end of this training, the participants will be able to:

  • have a clear overview of the main applicable IT regulations
  • understand the key considerations and the common pitfalls while strengthening the IT regulatory framework
  • identify the main aspects of managing IT/cloud outsourcing and ICT related risks
  • describe the key documentation requirements

Contenu

IT regulatory landscape in Luxembourg

  • Main provisions defined by laws and circulars, concepts and available guidance
  • Key challenges and common pitfalls

ICT and security risk management as per CSSF 20/750

  • Governance and risk management
  • Information security
  • ICT operations /change / project management
  • Business continuity management
  • Payment services users relationship management
  • Main ICT risks and oversight
  • Key documentation to maintain (incl. procedures and policies, risk register, risk reporting, ICT assets inventory)

IT outsourcing and cloud computing as per CSSF 22/806

  • Concept of IT outsourcing materiality
  • Key focus of IT outsourcing lifecycle
  • Outsourcing and professional secrecy requirements
  • IT outsourcing vs. cloud outsourcing
  • Assessment of the applicability of cloud specific regulations
  • Role and responsibilities
  • CSSF prior notification request process
  • Main outsourcing risks and oversight
  • Key documentation to maintain (incl. materiality assessment, due diligence, risk assessment, cloud register)

Fraud and incident management as defined by CSSF 11/504
Teleworking requirements (CSSF 21/769)

Public cible

A qui s'adresse la formation?

  • Chief risk officer and (operational) risk managers
  • Regulatory responsible and compliance officers
  • Internal auditors
  • Head of IT, information security officers and Information technology officers
  • IT services providers serving the entities under the supervision of the CSSF

Evaluation

Certificat, diplôme

Certificate of attendance

Informations supplémentaires

This course is coordinated by Cecile Liegeois, Parner at PwC Luxembourg.

Cécile has 22 years of professional experience in Luxembourg and developed deep knowledge of Luxembourg banking and investment firms regulations, amongst other topics, internal governance, outsourcing arrangements (BPO/ICT/Cloud) and operational/ICT risk management. She is leading projects of new regulations implementation focusing on business, regulatory and operational impacts. Cécile has experience in the external audit (financial and regulatory audit) of entities of the financial sector, mainly in the banking industry, other professionals of the financial sector (investment firms, support and specialised PFS), management companies and investment funds.

Voir les coordonnées de l'organisme
Partager sur

 



Le contenu de ce descriptif de formation est de la seule responsabilité de son auteur, l'organisme de formation PwC's Academy.

Imprimer Tout voir/cacher Envoyer à un ami
Voir les coordonnées de l'organisme
Caractéristiques
Niveau Avancé
Organisation Formation inter-entreprise
Langues de prestation
Prochaines sessions
Du/Au Lieu Prix
25/05/23
promo
  PwC's Academy   648.00 €
Voir détails
Utilisation des cookies

lifelong-learning.lu utilise des cookies pour vous offrir une expérience utilisateur de qualité, mesurer l’audience, optimiser les fonctionnalités des réseaux sociaux et vous proposer du contenu personnalisé.

En poursuivant votre navigation sur ce site, vous acceptez l’utilisation de cookies dans les conditions prévues par notre politique en la matière. En savoir plus.

Cookies nécessaires
Ces cookies permettent d'utiliser les principales fonctionnalités de notre site (par exemple l'accès à votre espace réservé). Sans ces cookies, vous ne pourrez pas utiliser notre site normalement.
Statistiques
Ces cookies permettent d'établir des statistiques de fréquentation de notre site. Les désactiver nous empêche de suivre et d'améliorer la qualité de nos services.
Publicité ciblée
Ces cookies permettent de vous proposer sur internet et les réseaux sociaux des informations et des offres de formation qui répondent mieux à vos besoins.

Consulter notre politique d’utilisation des cookies

Accepter tout Paramétrer les cookies
Veuillez patienter...