Andreas Funder Senior Consultant
Education and qualifications
-
Bachelor’s Degree (B.Sc.) in Business Administration
-
ISO/IEC 27001 Lead Auditor + Lead Implementer
-
ISO/IEC 27005 Risk Manager, ISO 31000 Lead Risk Manager
-
ISMS implementation according to ISO/IEC 27001:2013
-
Specialist Audit Process Competence for § 8a BSI Act
-
BSI IT-Grundschutz Practitioner
-
Data Privacy Auditor, Data Privacy Officer (DSA-TÜV)
Consulting services
-
Information Security, ISMS, Cyber Security Strategy, Program Management, Remediation Roadsmaps, ISO/IEC 27001, PCI-DSS, NIST, BSI IT-Grundschutz, ENISA, TISAX, IEC 62443
-
Business Continuity Management ISO 22301, BSI standard 200-4
-
Information Security Risk Management ISO/IEC 27005, BSI standard 200-3, NFPA 1600
-
Risk Management ISO 31000
-
Critical Infrastructures (KRITIS) EU NIS2, EU RCE, EU CRA, IT-SiG 2.0, KRITIS Regulation, Orientation Guide to Using Intrusion Detection Systems (IDS)
-
Data Privacy EU GRPR, BDSG (new)
-
Key Performance Indicators (KPI) ISO/IEC 27004
-
Internal Control Frameworks COBIT 2019
-
Audit Standards ISAE 3402 Type 1 and 2, IDW PS 951, SOX, J-SOX, IDW PS 860, IDW PH 9.860.1
Professional experience
-
PricewaterhouseCoopers, Manager | Advisory, Cybersecurity and Privacy
-
Ernst & Young, Senior Consultant | Technology Consultant, Cybersecurity
-
Ernst & Young, Consultant | Advisory Services, Cybersecurity
-
CSPi, Consultant Security and Data Privacy | Governance, Risk & Compliance / DataSecurity
Languages
-
English (business fluent)
-
German (mother tongue)
-
French (Professional Working)