Berater ISO 27001 / TISAX / ITIL / BSI / DORA

Zertifizierungen
Information & IT Security

• ISO/IEC 27001 Information Security Officer & Auditor (TÜV Süd)
• ITSec Analyst & Forensic Investigator Foundation (TÜV Süd)
• Zertifizierter Datenschutzbeauftragter (Hochschule München)
• NIS2 Zertifiziertes Leitunsgorgan (AustrianStandards)
• NIS2 Officer (Austrian Standards)

IT-Service Management

• ITIL 4 Managing Professional (EXIN)
• ITIL 4 Strategic Leader (EXIN)
• ITIL 3 Expert (EXIN)
• ISO/IEC 20000-1 Service Manager & Auditor (TÜV Süd)
• FitSM Foundation (TÜV Süd)
• ITSPS Foundation (DCON)

Artificial Intelligence

• AI Foundation (AICCI)
• AI Compliance Officer (AICCI)

Projektmanagement

• SCRUM Professional (TÜV Süd)
• Prince2 Practitioner (EXIN)

Requirements Engineering

• Certified Professional for Requirements Engineering Foundation (IREB)

Kompetenzen
ITSM Toolsets

• ServiceNow ITSM
• BMC Remedy ARS
• iET Solutions ITSM
• DCON IT-SPS/Servity

Programmierung

• Java: JEE, Spring Boot
• JavaScript: Vanilla, Vue.js, React
• Scripting: PowerShell, Python
• Cloud: Azure, AWS
• DevOps: Kubernetes, Docker
• APIs: REST, SOAP, XML
• Datenbanken: MS SQL, Oracle SQL, MySQL
• Versionierung: GIT, SVN

Weitere

• Business Intelligence: PowerBI, SQL Server Reporting Service

• Produktivität: Word, Excel, PowerPoint, Visio, SharePoint, Dynamics, Project
• Collaboration: Jira, Confluence, Teams

Standards, Regulatorien und Frameworks
Information Security & Cybersecurity

• ISO 27001 – Information Security Management System
• ISO 27002 – Security controls guidelines
• ISO 27005 – Information Security Risk Management
• ISO 27031 – ICT Business Continuity Management
• ISO 27701 – Privacy Information Management (extension to ISO 27001)
• ISO 22301 – Business Continuity Management
• ISO 22313 – Business Continuity Management guidelines
• NIST Cybersecurity Framework (CSF) – Risk-based security framework
• NIST SP 800-53 / SP 800-171 – Security & compliance control catalogs
• IEC 62443 – Security for industrial automation & control systems
• PCI DSS – Payment Card Industry Data Security Standard
• TISAX – Trusted Information Security Assessment (automotive industry)

Law, Regulation & Compliance

• GDPR – General Data Protection Regulation (EU)
• DORA – Digital Operational Resilience Act (EU)
• NIS-2 – Directive on Security of Network and Information Systems (EU)
• SOX – Financial reporting & IT compliance (US)
• CLOUD Act – US legislation on government access to data
• KRITIS Regulation – Protection of critical infrastructure

Risk Management & Compliance Management

• ISO 31000 – Risk management framework
• ISO 37301 – Compliance management system
• COSO ERM – Enterprise Risk Management framework

IT Service, Processes & Quality

• ITIL – IT Service Management best practices framework
• ISO 20000 – IT Service Management standard
• ISO 9001 – Quality management standard
• CMMI – Capability Maturity Model Integration
• BPMN – Business Process Model and Notation
• SAFe / Scrum / Agile – Scaled Agile, project & product management methods