Alpemi Consulting srl (socio unico)

🎬 MGS Media Press srl compliance management web channel 📘Playlist | Finance sector - compliance | Svizzera | ✅Topic | Circolare 01/2023 FINMA «rischi operativi e resilienza – banche» e Sistemi di Gestione ISO 27001 sicurezza informazioni, ISO 20000-1 servizi IT, ISO 22301 continuità operativa. 🎤 Italiano. 🔵 Alpemi Consulting ltdè società fondatrice di MGS Media Press srl #Switzerland #Schweiz #Suisse #Svizzera #FINMA #circolare #finance #bank #ICT #GRC #Governance #ISO38500 #riskmanagement #ISO31000 #compliance #ISO37301 #informationsecurity #cybersecurity #ISO27001 #ISO27110 #NIST #businesscontinuity #resilience #ISO22301 #itservice #ISO200001 https://lnkd.in/d3nednyc

🔵Alpemi Consulting ltd è società fondatrice di MGS Media Press srl https://lnkd.in/dWW8HYce #IA #AI #artificialintelligence #ISO42001 #riskmanagement #ISO23894 #ISO31000 #ISO27001 #informationsecurity #ISO27701 #privacy #dataprotection #ISO9001 #quality

Alpemi Consulting ltd is a founding company of MGS Media Press srl https://lnkd.in/dj72xNE2

https://lnkd.in/dcTE9A_k

🌟A tutta la nostra community ed ai nostri follower auguri di un sereno e prospero nuovo anno! 🌟We wish our entire community and followers a happy and prosperous new year! 🎉Buon Anno ! Good Year! Bonne Année! Gutes Jahr ! Buen año! Bom ano! орошего года ! 过个好年 ! 良い年を ! שתהיה לך שנה טוב أتمنى لك سنة ج 🚩Alpemi Consulting ltd (Società fondatrice e consorziata di MGS - A founder company and shareholder of MGS) 🚩Minerva Group Service (MGS) | GRC Advisory, Training, Business Assurance & Audit 🚩MGS Legal | Law Firm società tra avvocati 🚩MGS Media Press srl| digital publishing 🚩MGS GRC ICT business unit | ICT compliance , cybersecurity, AI & Digital Innovation 🚩MGS MKTG business unit | marketing, communication & business development #advisory #training #audit #businessassurance #grc #governance #riskmanagement #compliance #ISOstandards #managementsystems #privacy #GDPR #LPD #DSG #medicaldevices #MOG231 #lawfirm #legalservices #lawtech #digitalinnovation #digitalmarketing #digitalcommunication #ecommerce #videomaker #ditalpublishing

 🎄Buon Natale ! 🌟 🎄 Merry Christmas! 🌟 🎄 Joyeux Noël! 🌟 🎄 Frohliche Weihnachten! 🌟 🎄 Feliz Navidad! 🌟 🎄Feliz Natal ! 🌟 🎄С Рождеством! 🌟 🎄 圣诞节快乐 ! 🌟

🎬Minerva Group Service MGS GRC ICT & Alpemi Consulting ltd ⚙️Consulting | Training | Audit e Business Assurance 🎯ISO Management Systems Division 📘 Regolamento DORA e Sistemi di Gestione ISO: approccio GRC   ⚖️ Il Regolamento (Ue) 2022/2554 Del Parlamento Europeo e del Consiglio del 14 dicembre 2022 relativo alla resilienza operativa digitale per il settore finanziario e che modifica i regolamenti (CE) n. 1060/2009, (UE) n. 648/2012, (UE) n. 600/2014, (UE) n. 909/2014 e (UE) 2016/1011 (DORA: Digital Operation Resilience Act) è entrato in vigore il 16 Gennaio 2023 e si applica ai fornitori di servizi finanziari della UE. 📘 Il DORA definisce una serie di requisiti per assicurare la resilienza e la sicurezza digitale nei seguenti capitoli: ✅ I. Disposizioni generali ✅ II. Gestione dei rischi informatici ✅ III. Gestione, segnalazione e classificazione degli incidenti informatici ✅IV. Test di Resilienza operativa digitale ✅V. Gestione dei Rischi Informatici derivanti da Terzi ✅VI. Meccanismi di condivisione delle informazioni ⚙️ Un approccio GRC (Governance ISO 38500), Risk Management ISO 31000, Compliance ISO 37301) fornisce una utile base per indirizzare ed integrare i principali aspetti di resilienza e business continuity (ISO 22301), di sicurezza delle informazioni (ISO 27001), di Servizi ICT (ISO 20000-1) quali ad esempio: asset and configuration management, minacce e vulnerabilità, gestione incidenti e problemi (ISO 27035) , backup e disaster recovery, etc. 📘 DORA Regulation and ISO Management Systems: GRC approach ⚖️Regulation (Eu) 2022/2554 of the European Parliament and of The Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (DORA: Digital Operation Resilience Act) entered into force on 16 January 2023 and applies to EU financial service providers. 📘 DORA defines a set of requirements to ensure digital resilience and security in the following chapters: ✅ I. General Provisions ✅ II. ICT Risk Management ✅ III. ICT Related Incident Management Process ✅IV. Digital operational resilience test ✅V. Managing of ICT Third party risk ✅VI. Information sharing arrangement ⚙️ A GRC approach (Governance ISO 38500), Risk Management ISO 31000, Compliance ISO 37301) provides a useful basis for addressing and integrating the main aspects of resilience and business continuity (ISO 22301), information security (ISO 27001) , ICT services (ISO 20000-1) such as: asset and configuration management, threats and vulnerabilities, incident and problem management (ISO 27035), backup and disaster recovery, etc. #DORA #ICT #finance #bank #digital #GRC #Governance #ISO38500 #riskmanagement #ISO31000 #compliance #ISO37301 #informationsecurity #ISO27001 #resilience #businesscontinuity #ISO22301 #itservice #ISO20000-1 #incidentmanagement #ISO27035

🎬Minerva Group Service & Alpemi Consulting srl (socio unico) ⚙️Consulting | Training | Audit e Business Assurance 🩺🌡💉 Medical Devices Division 📀 💡 Software come Dispositivo Medico: Intelligenza Artificiale e Innovazione 💡 Lo standard ISO 56002 fornisce utili line guida per la gestione dell’innovazione applicabile applicabile anche al settore dei dispositive edici. 📀 🧠 Sempre più i SW classificati come dispositive medici ai sensi del regolamento EU MDR 2027/745 (vedi anche le line guida “MDCG 2019-11 Guidance on Qualification and Classification of Software in Regulation (EU) 2017/745 – MDR and Regulation (EU) 2017/746 – IVDR “) incorporano infatti soluzioni innovative basate sull’Intelligenza Artificiale. ⚖️ 📀 Da qui l’esigenza di gestire la compliance ai requisiti del regolamento EU 24/1689 AI Act lungo tutto il ciclo di sviluppo del SW in conformità allo standard IEC 62304: 2006 «Software per dispositivi medici - Processi del ciclo di vita del software» 🧠 L’adozione di un Sistema di Gestione per l’Intelligenza Artificiale in conformità allo standard ISO 42001 può efficacemente supportare lo sviluppo di soluzioni innovative basate sull’AI anche nel settore dispositive medici ed essere utilmente integrato con I seguenti sistemi di gestione: 🎯 ISO 13485 Qualità settore dispositive medici 💻 ISO 20000-1 Servizi IT 🔐 ISO 27001 Sicurezza Informazioni e requisiti in materia di data protection (GDPR). 📀 💡 Software as a Medical Device: Artificial Intelligence and Innovation 💡 The ISO 56002 standard provides useful guidelines for the management of applicable innovation also applicable to the building devices sector. 📀 🧠 More and more SW are classified as medical devices pursuant to the EU MDR 2027/745 regulation (see also the “MDCG 2019-11 Guidance on Qualification and Classification of Software in Regulation (EU) 2017/745 – MDR and Regulation ( EU) 2017/746 – IVDR “) incorporate innovative solutions based on Artificial Intelligence. ⚖️ 📀 Hence the need to manage compliance with the requirements of the EU 24/1689 AI Act regulation throughout the SW development cycle in compliance with the IEC 62304: 2006 standard «Software for medical devices - Software life cycle processes » 🧠 The adoption of an Artificial Intelligence Management System in compliance with the ISO 42001 standard can effectively support the development of innovative AI-based solutions also in the medical device sector and be usefully integrated with the following management systems: 🎯 ISO 13485 Quality in the medical device sector 💻 ISO 20000-1 IT Services 🔐 ISO 27001 Information security and data protection requirements (GDPR). #medicaldevice #MDR745 #SW #IEC62304 #innovation #ISO56002 #Quality #ISO13485 #artificialintelligence #ISO42001 #informationsecurity #ISO27001 #itSMS #itservices #ISO200001 #dataprotection  #privacy #GDPR

🎬Minerva Group Service & Alpemi Consulting srl (socio unico) ⚙️Consulting | Training | Audit e Business Assurance 🌐🌱 ESG CSR Division 📘 Standard ISO 9001 Qualità e rischi climatici 🌱 L’ ISO ha recentemente rilascia l’ Amd 1:2024 Amendment 1: Climate action changes allo  standard ISO 9001:2015 “Quality management systems — Requirements” 📘 Come noto lo standard ISO 9001 fornisce alle Organizzazioni i requisiti per implementare un SGQ in grado di assicurare che i prodotti ed i servizi soddisfino i clienti e gli applicabili requisiti statutari e regolamentari. Questo anche al fine di supportare la sostenibilità dell'Organizzazione. 🌱 L’Amendment 1:2024 esplicita nelle clausole 4.1 e 4.2 la necessità di valutare se il cambiamento climatico è un’esigenza rilevante anche in considerazione ai requisiti degli stakeholders. 📘 ISO 9001 Standard Quality and climate risks 🌱 ISO recently released AMD 1:2024 Amendment 1: Climate action changes to the ISO 9001:2015 standard “Quality management systems — Requirements” 📘 As is known, the ISO 9001 standard provides organizations with the requirements to implement a QMS capable of ensuring that products and services satisfy customers and applicable regulatory requirements. statutory and regulatory requirements. This is also in order to support the sustainability of the Organization. 🌱 Amendment 1:2024 explains in clauses 4.1 and 4.2 the need to evaluate whether climate change is a relevant need also taking into account the requirements of stakeholders. #GRC #ISOI9001 #qualità #quality #climatechanges #sustainability #CSR #ISO26000 #ESG

🎬Minerva Group Service & Alpemi Consulting ltd ⚙️Consulting | Training | Audit e Business Assurance 🎯ISO Management Systems Division 📘 🌩 Resilienza e gestione delle crisi (standard ISO 22361) 🌩 Lo standard ISO 22301:2019 “Security and resilience — Business continuity management systems — Requirements” definisce i requisiti per un Sistema di gestione per la continuità operativa. Tra I requisiti dello standard ISO 22301 assume particolare rilevanza la gestione delle crisi. 📘 Lo standard ISO 22361:2022 “Security and resilience — Crisis management — Guidelines” fornisce utili line guida per la gestione delle crisi. Lo standard si struttura nelle seguenti clausole principali: ✅ 4. Crisis management – context, core concepts and principles ✅ 5. Building a crisis management capabiities ✅ 6. Crisis leaderhip ✅ 7. Strategic crisis decision making ✅ 8. Crisis communication ✅ 9. Training, validation and learning from crises 📘 Lo standard ISO 22361 può essere utilmente utilizzato anche nell’ambito dei sistemi di gestione per la sicurezza delle informazioni (standard ISO 27001) e per i servizi IT (standard ISO 20000-1). 👉 Molti anche i rimandi con le seguenti normative: 📘 Direttiva Europea NIS 2 cybersecurity 📘 Regolamento Europeo DORA (Digital Operational Resilience Act) per il settoee finance 📘 Circolare 285 di Banca di Italia per i requisiti in materia di resilienza 📘 Circolare 01/2023 di FINMA (Svizzera) per i requisiti in materia di resilienza 📘 🌩 Resilience and crisis management (ISO 22361 standard) 🌩 The ISO 22301:2019 standard “Security and resilience — Business continuity management systems — Requirements” defines the requirements for a business continuity management system. Among the requirements of the ISO 22301 standard, crisis management is of particular importance. 📘 The ISO 22361:2022 standard “Security and resilience — Crisis management — Guidelines” provides useful guidelines for crisis management. The standard is structured into the following main clauses: ✅ 4. Crisis management – context, core concepts and principles ✅ 5. Building a crisis management capabilities ✅ 6. Crisis leadership ✅ 7. Strategic crisis decision making ✅ 8. Crisis communication ✅ 9. Training, validation and learning from crises 📘 The ISO 22361 standard can also be usefully used in the context of management systems for information security (ISO 27001 standard) and for IT services (ISO 20000-1 standard). 👉 There are also many references to the following regulations: 📘 European Directive NIS 2 cybersecurity 📘 European DORA regulation (Digital Operational Resilience Act) for the finance sector 📘 Bank of Italy Circular 285 for resilience requirements 📘 Circular 01/2023 from FINMA (Switzerland) for resilience requirements #resilienza #resilience #ISO22301 #businesscontinuity #crisismanagement #ISO22361 #informationsecurity #ISO27001 #Itservices #ISO20000-1 #dora #nis2 #circolare285 #bankitalia #circolare01  #FINMA #svizzera