VAIT sets out requirements relating to information security and information technology for the insurance industry.


ControlDescription
IT Strategy
The contents of the IT strategy should be defined. These include IT structures and IT procedures organization, outsourcing of IT services or procurement of IT, information security as well as IT systems operated or developed in-house.
IT Governance
The management is responsible to established provisions based on the goals set out in the IT strategy concerning IT structures and IT procedures organization in accordance with the risk profile and to ensure the implementation of these provisions.
Information Risk Management
The company must introduce and implement a management of information risk. Identification, evaluation, monitoring, and control processes must be set up.
Information Security Management
Management must adopt guiding principles for information security describing the organization of information security management. Based on these principles, guidelines and information security processes must be defined to ensure that the protection goals are achieved.
User Authorization Management
The company must set up user authorization management as a part of which authorization concepts must be defined for all IT systems that are consistent with the protection requirements of the respective system.
IT Operations
The company needs to set up ITIL service support functions: configuration, change, incident, and problem management. This allows control of the IT system portfolio including risks from outdated systems.
Access Control
IT systems and related IT processes shall ensure the integrity, availability, authenticity, and confidentiality of the data.
Change Management
Changes to the organization, business processes, information processing facilities, and systems that affect information security shall be controlled.



To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.