policies, laws, regulations Archives - Jean-Christoph von Oertzen

TPRM

jean-christoph — Fri, 30 Jan 2026 16:47:04 +0000

TPRM : Third Party Risk Managemenet Third Party Risk Management (TPRM) refers to the structured process organizations use to identify, assess, monitor, and mitigate risks arising from relationships with external vendors, suppliers, service providers, and other third parties. These risks can include cybersecurity, data protection, compliance, operational resilience, financial stability, and reputational impact. Effective TPRM […]

The post TPRM appeared first on Jean-Christoph von Oertzen.

CA

jean-christoph — Wed, 19 Feb 2025 15:50:51 +0000

CA : Certificate Authority A Certificate Authority (CA) is a trusted entity that issues digital certificates used to verify the identity of organizations and individuals in online transactions. CAs play a crucial role in establishing a secure and trustworthy online environment by enabling secure communications through encryption. Digital certificates issued by CAs are essential for […]

The post CA appeared first on Jean-Christoph von Oertzen.

ISP

jean-christoph — Wed, 24 Apr 2024 17:22:43 +0000

ISP: Information Security Policies Internet Service Provider […] is a set of rules, policies and procedures designed to ensure all end users and networks within an organization meet minimum IT security and data protection security requirements. https://www.upguard.com/blog/information-security-policy ISP: Information Security Policies Internet Service Provider […] is a set of rules, policies and procedures designed to […]

The post ISP appeared first on Jean-Christoph von Oertzen.

ISA

jean-christoph — Mon, 22 May 2023 18:17:22 +0000

ISA: Interconnection Security Agreement Information Security Awareness A document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities. https://csrc.nist.gov/glossary/term/interconnection_security_agreement Information security awareness is defined as an employee’s general knowledge about information security and his […]

The post ISA appeared first on Jean-Christoph von Oertzen.

NIS 2

jean-christoph — Tue, 24 Jan 2023 20:48:30 +0000

NIS 2: Network and Information Security (NIS) Directive 2 aka. DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive) The […]

The post NIS 2 appeared first on Jean-Christoph von Oertzen.

SRE

jean-christoph — Fri, 06 Jan 2023 14:04:18 +0000

SRE: Sicherheitsrelevante Ereignisse :de: Sicherheitsrelevante Ereignisse (SRE) sind unter anderem Protokoll- und Protokollierungsdaten, die Auswirkungen auf die Informationssicherheit und ihre Schutzziele (Vertraulichkeit, Integrität, Verfügbarkeit) haben können. Sie werden in primäre und sekundäre sicherheitsrelevante Ereignisse eingeteilt, wobei diese Einteilung sich auf den Ursprung des SRE und nicht auf dessen Relevanz oder Wichtigkeit bezieht. https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/PDCA/PDCA_node.html SRE: Sicherheitsrelevante […]

The post SRE appeared first on Jean-Christoph von Oertzen.

TOM

jean-christoph — Tue, 28 Jun 2022 18:54:02 +0000

TOM: :de: Technisch-Organisatorische Massnahmen :de: […] durch die DSGVO (Datenschutz-Grundverordnung) vorgeschriebene Maßnahmen, die die Sicherheit der Verarbeitung personenbezogener Daten gewährleisten sollen. https://www.datenschutzexperte.de/technisch-organisatorische-massnahmen/ TOM: :de: Technisch-Organisatorische Massnahmen :de: […] durch die DSGVO (Datenschutz-Grundverordnung) vorgeschriebene Maßnahmen, die die Sicherheit der Verarbeitung personenbezogener Daten gewährleisten sollen. https://www.datenschutzexperte.de/technisch-organisatorische-massnahmen/

The post TOM appeared first on Jean-Christoph von Oertzen.

SOX

jean-christoph — Tue, 08 Mar 2022 19:16:26 +0000

SOX: Sarbanes-OXley act […] was passed [in 2002] by the United States Congress to protect the public from fraudulent or erroneous practices by corporations or other business entities. The law is named after Paul Sarbanes and Michael Oxley, the two congressmen that drafted it. https://www.upguard.com/blog/sox-compliance SOX: Sarbanes-OXley act […] was passed [in 2002] by the […]

The post SOX appeared first on Jean-Christoph von Oertzen.

CNI

jean-christoph — Mon, 07 Mar 2022 10:56:45 +0000

CNI: Critical National Infrastructure Container Networking Interface Critical National Infrastructure (CNI) refers to the essential systems and assets that are vital for the functioning of a nation, including transportation, energy, healthcare, and communication systems. Protecting CNI is crucial for national security and public safety, as disruptions to these systems can have severe consequences. Governments and […]

The post CNI appeared first on Jean-Christoph von Oertzen.

BYOD

jean-christoph — Fri, 04 Mar 2022 23:41:28 +0000

BYOD: Bring Your Own Device Bring Your Own Device (BYOD) is a policy that allows employees to use their personal devices, such as smartphones, tablets, and laptops, for work-related tasks and access to company resources. This approach might become increasingly popular outside Germany, as it can enhance employee satisfaction and productivity, allowing individuals to work […]

The post BYOD appeared first on Jean-Christoph von Oertzen.