Compliance and Certifications
Know the standards. Comply with the norms.
Ever increasingly, regulation in the financial markets keeps setting new standards for our actions as enterprises. That’s why for us and our customers, maintaining and ensuring compliance in all our solutions and internal processes is tremendously important.
Avoiding risks, following the rules, proceeding safely.
In the age of digitalization, operational and legal matters are more closely connected than ever. This can entail legal risks for companies when outsourcing processes and services.
Compliance with standard regulations is becoming increasingly important, especially for companies in the financial market. Requirements for employed technologies are tightening and advanced qualifications, certifications, clearly defined processes and operating models are becoming imperative – both internally and for the IT service company carrying out implementation. We at oraïse help you to firmly anchor the fulfillment of these requirements within your company structures.
Certifications
Internal Control System (ICS)
Regulations
Information Security Management System (ISMS)
Business Continuity Management System (BCMS)
Data Security Management System (DSMS)
Certifications
With ISO 27001:2013 certification, oraise meets rigorous security standards – including risk assessments, security policies and continuous monitoring – to ensure all data is protected.
oraïse is certified according to ISO 22301:2019. This standard requires ensuring the continuity of business operations in crisis and emergency situations as part of the Business Continuity Management System (BCMS). It also calls for a holistic view of risks at all company levels.
The certifications are valid for managed services in the areas of software and system development, consulting, project management, integration, service/support, front and back office and human resources in Germany and Switzerland.
Information Security Management System (ISMS)
By operating an Information Security Management System (ISMS) in accordance with the international standard ISO/IEC 27001:2013, we ensure the protection of our customers’ data and our infrastructure by applying appropriate measures. In order to maintain the effectiveness of the ISMS, it is continuously evaluated, monitored and, if necessary, improved.
Business Continuity Management System (BCMS)
The goal of emergency management is to avoid, prevent and reduce security incidents, disruptions and emergencies that negatively affect the functionality of the company. For this purpose, an emergency management system has been implemented in accordance with the specifications of ISO 22301:2019.
Internal Control System (ICS)
With the ICS, we ensure the overarching control of service provision and service quality.
It encompasses all important internal criteria, stipulated control goals and operational processes for the Data Security Management System (DSMS), the Information Security Management System (ISMS) and the Business Continuity Management System (BCMS).
Regulation
The majority of our customers are BaFin and FINMA regulated. It is therefore a matter of course for us to comply with these relevant regulatory requirements:
- §25b Banking Act (outsourcing of activities)
- EBA Guidelines on outsourcing arrangements
- Minimum requirements for risk management (MaRisk)
- Minimum requirements for risk management of capital management companies (KAMaRisk)
- Banking supervisory requirements for IT (BAIT)
- Capital management supervisory requirements for IT (KAIT)
- Digital Operational Resilience Act (DORA)
Data Protection Management System (DPMS)
In the oraïse Group, data protection, including personal and other confidential data, enjoys the highest priority and protection. All employees are obliged to comply with all relevant regulations, such as those resulting from the GDPR (General Data Protection Regulation) and TOM (Technical and Organizational Measures). They receive regular training and continuing education in this regard.
More efficiency and profitability for your financial enterprise
…now! oraïse is your IT partner on the financial markets with actionable solutions and consulting from the worlds of IT and management. Let’s work together on the future of your financial enterprise – starting right now. Sign up via e-mail!