Insurance – VAIT

Implement insurance requirements for IT (VAIT) with QSEC


With the circular 10/2018, the Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht) published law requirements for the IT in the insurance sector (VAIT). The requirements are based on the banking supervisory requirements which were already published 2017.

  • IT Strategy
  • IT Governance
  • Information Risk Management
  • Information Security Management
  • User Authorization Management
  • IT projects, application development
  • IT operations
  • IT service outsourcing and other service relationships in the IT services sector; isolated purchase of hardware and/or software and
  • Critical infrastructures

are important areas which have to be considered in insurance companies according to VAIT.

This is a complex challenge for thee responsible (information security managers etc.).

The establishment of an ISMS such as QSEC is recommended as the basis for managing the requirements from VAIT.

In QSEC experts and business users are

  • methodological
  • user-friendly
  • Workflow, wizard and task supported

by the demands

  • of the compliance
  • of information security management according to ISO 27001
  • of information risk management
  • of data protection

It would be a pleasure for us to show you how QSEC enables you to implement the VAIT requirements in a sustainable, optimized way considering resources and costs.


References & case studies


QSEC Online-Demo