This training aims to provide an introduction to the main IT regulatory requirements applicable to CSSF supervised entities with a specific focus on the topics of ICT and security risk management (CSSF 20/750), IT outsourcing and cloud computing (CSSF 22/806), fraud and incident reporting (CSSF 11/504) and teleworking requirements (CSSF 21/769).
This presentation will be supported by good market practices and practical examples. The goal is to increase your comfort level when confronted with IT specific regulations and to strengthen your company’s oversight and IT risk management capabilities.
This training course is designed as an essential step to assist you to address the following challenges, among others:
13 June 2024 (EN) - 1pm-5pm - On site
Price: 780.00 €
Duration: 4h
Language: English
Number of participants: 20
By the end of this training, the participants will be able to:
IT regulatory landscape in Luxembourg
ICT and security risk management as per CSSF 20/750
IT outsourcing and cloud computing
Fraud and incident management as defined by CSSF 11/504
Teleworking requirements (CSSF 21/769)
Target audience
This course is coordinated by Cécile Liégeois, Partner, and presented by Xiaoyi Fang, Senior Manager and Vojtech Volf, Manager at PwC Luxembourg.
Xiaoyi Fang, is a senior manager with in-depth experience in implementing European regulatory requirements, in reviewing the compliance framework for financial institutions and familiar with EU regulatory process in financial services.
She has driven and contributed to a number of projects in complex structure and dynamic environments.
Vojtech is a manager in our PwC regulatory and compliance department specialised in ICT compliance.
He has been working on IT compliance related topics for over 6 years and for PwC since 2018.
Vojtech works on various IT subjects related to IT compliance, PSD2, outsourcing (BPO/Cloud/IT), IT and security risks, privacy as well as payment related aspects. He also assists in various licence application processes, be it for e-money or payment institutions, IFMs where he focuses on IT aspects, data privacy as well as operational aspects for payments (payment flows, safeguarding, segregation…).