Data Protection Officer
OPS.1.1.6 Software Testing and Approvals
The use of IT in institutions requires that automated data processing functions as error-free as possible, since the individual results can in most …
CON.2 Data Protection
Unlike information security, which primarily serves to protect the data-processing institution itself, the task of data protection is to protect …
INF.2 Data Center and Server Room
Today, almost all strategic and operational functions and tasks are significantly supported by information technology (IT) or cannot be carried out …
APP.2.1 General Directory Service
A directory service makes information about any objects available in a defined manner within a data network. An object can store associated …
DER.2.1 Security Incident Handling
To limit damage and prevent further harm, detected security incidents must be handled quickly and efficiently. To this end, a predefined and tested …
DER.2.2 Precautions for IT Forensics
IT forensics is the strictly methodical analysis of data on storage media and in data networks to investigate security incidents in IT systems.
OPS.2.2 Cloud Use
Cloud computing refers to the demand-driven provision, use, and billing of IT services over a network. The range of services offered within the …
IND.3.2 Remote Maintenance in Industrial Environments
The operational technology (OT) of an institution often has a decentralized infrastructure. Various areas of OT can be geographically far apart from …
OPS.3.2 Providing Outsourcing
In outsourcing, institutions (outsourcing users) outsource business processes or activities wholly or partly to one or more external service companies …
CON.6 Deletion and Destruction
Deletion and destruction constitute an essential component of the lifecycle of information on storage media. The term storage media in this building …
INF.11 General Vehicle
Institutions use a wide variety of vehicles for short and long distances in many situations. In the context of this building block, vehicles are …