IT Regulatory Compliance & GRC (BCM, IT Risk, DORA, ISO 22301, Outsourcing)

IT & ICT Risk Executive (15+ yrs) in banking and global organisations. Built ICT risk frameworks, DORA/MaRisk compliance, BC programmes, and risk dashboards. Strengthen governance, protect critical IT, and deliver audit-ready policies.

• Amazon Web Services (AWS)
• Auslagerungsmanagement
• Betriebskontinuitätsmanagement (BKM)
• Cyber Security
• Datenschutz
• Informationssicherheit
• ISO / IEC 27001
• ISO 22301
• Lieferantenmanagement (allg.)
• MaRisk/BAIT

DORA & IT/GRC | BCM | Outsourcing (MaRisk EBA) | Information Security

I’m an independent DORA and IT/GRC programme lead helping banks and financial institutions achieve audit-ready outcomes fast. I deliver time-boxed engagements with regulator-style evidence across Operational Resilience, Outsourcing (MaRisk AT 9/EBA), BCM (MaRisk 7.3/ISO 22301) and Information Security (ISO 27001/ NIST).

Why me

I cover three roles at once: DORA Lead, Outsourcing Manager, BCM Manager; so you avoid hand-offs and delays. I’ve sat on each side (IT, Risk, Security), so I connect requirement -> control -> test -> evidence -> report without friction.

Services
- DORA compliance uplift
- Outsourcing management (MaRisk AT 9/EBA): register, contractual clauses, performance monitoring, exit strategies
- Business Continuity (ISO 22301): BIA, RTO/RPO, BCP, crisis playbooks, tabletop exercises
- IT Risk & Control: KRIs, test templates, monthly dashboards
- Regulatory reporting: board/CRO packs, audit responses, remediation tracking

Skills / Competencies
- DORA, Operational Resilience, ICT Risk, Incident & Continuity
- Outsourcing / Third-Party Risk (MaRisk AT 9, EBA)
- BCM / DR (ISO 22301), Crisis Management & Tabletop
- Information Security (ISO 27001), Policy & Controls
- IT Risk Management, KRIs, Control Testing, Evidence Management
- Programme/Project Leadership (PMP)
- Stakeholder & Audit Management (CIO/CRO/Regulator)

Certifications & Memberships
- Certificate of the BCI Examination (CBCI), Business Continuity Institute
- AWS Certified Cloud Practitioner, Amazon Web Services
- Member of BCI (MBCI), Business Continuity Institute
- Project Management Professional (PMP), Project Management Institute
- Outsourcing Management in Financial Institutions, Bank-Verlag GmbH
- Data Protection in Financial Institutions, Bank-Verlag GmbH
- ISO 22301 Business Continuity Systems Implementation, British Standards Institution

Additional Project Experience
>150 mid-terms and smaller projects on UpWork and Fiverr (99% - 5-star result).
-Hyperlink entfernt-
-Hyperlink entfernt-

Tools
Microsoft 365 (incl. VBA), Jira, Confluence, ServiceNow (CMDB, TPRM module), Fusion Risk, Castellan (ClearView), Everbridge, AWS, PowerBI

AI-Tools
ChatGPT, Microsoft Copilot, METIS AI

ISO 22301, Project Management, Business Impact Analysis, Business Continuity Planning, PMO, Testing, Crisis Management, Incident Management, Disaster Recovery, ITSM, Information Security, Data Protection, Outsourcing Management