20.11.2025 aktualisiert

**** ******** ****

Berater QMS (13485;9001), RMS(14971;31000;27005), ISMS(27001), BCMS(22301), KRITIS

Schwäbisch Gmünd, Deutschland
Weltweit
M.Sc. Regulatory Affairs Management; Diplom Wirtschaftsinformatiker (BA)
Schwäbisch Gmünd, Deutschland
Weltweit
M.Sc. Regulatory Affairs Management; Diplom Wirtschaftsinformatiker (BA)

Profilanlagen

FBA_Friederike_Balaz_Short_2025-12.pdf
EuropassCV_Friederike_Balaz_DE_2025_12.pdf
EuropassCV_Friederike_Balaz_EN_2025_12.pdf

Skills

SaaS1348527001149716236662304QMSISMSRegulatory AffairsSaMDKRITIS
What I offer
  1. Information Security Management (ISMS): I build, implement and maintain ISMS based on ISO/IEC 27001 with a focus on healthcare‑specific requirements.
  2. KRITIS advisory: I support compliance with §8a BSIG and implementation of protection and evidence obligations for critical infrastructure in the health sector.
  3. Regulatory affairs for MedTech and SaMD: I provide strategic regulatory and market entry advice, QMS setup according to ISO 13485 and risk management per ISO 14971.
  4. Operational projects: I deliver GDPR alignment, CRM and industry‑software implementations, SQL/SSRS reporting and pragmatic IT project management with sustainable handover to operations.

Method and strengths
  1. I work pragmatically, audit‑oriented and process‑driven, translating requirements into concrete, implementable measures.
  2. My focus is on information security (information protection, governance and processes), not only on IT technology.
  3. I ensure clear communication between clinical users, IT and management so security measures are accepted and lived.
  4. I have hands‑on experience with small and medium organizations and deliver cost‑efficient, scalable solutions.

Key qualifications
  1. M.Sc. Regulatory Affairs Management
  2. PECB Certified ISO/IEC 27001 Lead Auditor; appointed ISO 27001 auditor (TÜV)
  3. Lead Auditor ISO 22301; ISO/IEC 27001 Practitioner (Information Security Officer)
  4. CSPO (Certified Scrum Product Owner) and extensive MedTech and healthcare project experience

Sprachen

DeutschMutterspracheEnglischverhandlungssicherFranzösischGrundkenntnisse

Projekthistorie

Ext. ISB

Pharmagroßhandel

Pharma und Medizintechnik

1000-5000 Mitarbeiter

Freiberufliche Auditorin ISO 27001

TÜV Rheinland

Unterstützung- und Beratung des ISB und Anpassungen des ISMS

- KRITIS
- ISO 27001

Zertifikate

PECB Certified ISO/IEC 27001 Lead Auditor

PECB

2024

Zusätzliche Prüfverfahrenskompetenz für § 8a (3) BSIG

ISACA Germany Chapter e. V.

2022

ISO/IEC 27001 Practitioner

APGM International

2018

Lead Auditor ISO 22301:2012

BSI Group

2018

Risikomanagement & ISO 14971

Johner Institut

2016

QWare Risk Manager

Bayoonet

2016

Risikomanagement und Risikoanalyse für Medizinprodukte nach der DIN EN ISO 14971:2012

TÜV Süd

2014

CSPO – Certified Scrum Product Owner

Scrum Alliance

2014

Kontaktanfrage

Einloggen & anfragen.

Das Kontaktformular ist nur für eingeloggte Nutzer verfügbar.

RegistrierenAnmelden