VAIT sets out requirements relating to information security and information technology for the insurance industry.
|IT Strategy||The contents of the IT strategy should be defined. These include IT structures and IT procedures organization, outsourcing of IT services or procurement of IT, information security as well as IT systems operated or developed in-house.|
|IT Governance||The management is responsible to established provisions based on the goals set out in the IT strategy concerning IT structures and IT procedures organization in accordance with the risk profile and to ensure the implementation of these provisions.|
|Information Risk Management||The company must introduce and implement a management of information risk. Identification, evaluation, monitoring, and control processes must be set up.|
|Information Security Management||Management must adopt guiding principles for information security describing the organization of information security management. Based on these principles, guidelines and information security processes must be defined to ensure that the protection goals are achieved.|
|User Authorization Management||The company must set up user authorization management as a part of which authorization concepts must be defined for all IT systems that are consistent with the protection requirements of the respective system.|
|IT Operations||The company needs to set up ITIL service support functions: configuration, change, incident, and problem management. This allows control of the IT system portfolio including risks from outdated systems.|
|Access Control||IT systems and related IT processes shall ensure the integrity, availability, authenticity, and confidentiality of the data.|
|Change Management||Changes to the organization, business processes, information processing facilities, and systems that affect information security shall be controlled.|
To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.