René Lorenz Knebel

IT Advisory: *Digital Operational Resilience Act (EU-DORA): GAP assessments and implementation plans *developing interfaces for the operationalization of IT-related risks *Information Security and GRC IT Audit: *ISAE 3402 reports (analog to SOC) for core IT environments such as Mainframe (RACF) *Audits based on BSI KRITIS, ISO 2700x & 20000, COBIT, ITIL and BAIT / MaRisk *Alteryx data analytics (IDW PS210, PS261 / US: SAS 99)

IT-Audit: - successful acquisition of a ISMS-project - Audit lead for an international PIE client IT-Advisory: - defining a Information Security Management System (ISMS) compliant with ISO 27001 and BSI 200-1 - modelling the information network, individual risk situation, hazard & cyber security exposures compliant with BSI-CS 006 - execution of tool-based risk analyses & implementation plans for protective and risk mitigating measures compliant with BSI 200-2 - risk-based protection assessment methods

IT-Audit: - project-related Audit for the deployment of IT compliant with IDW PS850 - Journal Entry Testing & Data Analytics compliant with IDW PS210 and PS261 (US: SAS 99) IT-Advisory: - data classification, data handling & data deletion compliant with DIN 66398, FAIT 3, EU-GDPR - co-lead of a SIEM-project, categorization of system logs & specification of use cases - creation of Internal Control Systems incl. End-User-Computing, Outsourcing-, Change-, Incident-, and Emergency Management

International Taxation International Business