• Graduation


  • Learning format

    Blended learning

  • Duration

    1 day

  • Language

    German or English

“Member States shall ensure that the members of the management bodies of essential and important entities are required to follow training“ (Article 20, clause 2).
The EU Directive 2022/2555 expressly addresses the management level of the companies and organisations concerned. It requires demonstrated competencies and capabilities in cybersecurity. In addition, steering and management of additional training for subsidiary management levels is required.
The seminar conveys the required knowledge in condensed format, specifically addressing senior management levels. A formal university certificate will be awarded as proof of participation and success.
Rolf von Rössing
Rolf von Rössing

Seminar speaker

Any questions?

We’re here to help.

Or contact us directly.

  • leadership skills

  • practice-oriented

  • personal support

  • Strategic oversight with regard to cybersecurity and NIS2 requirements
  • Self-reflection of own organisation and NIS2 maturity levels
  • Risk-based decisions in cybersecurity
  • Development and definition of the NIS2 target state
  • Risk-based steering and control
  • Board of Directors, C-level directors and officers, non-executive directors, supervisory board members
  • Second tier of directors and officers for organisations directly covered by NIS2

The short course covers all work areas in NIS2 and cybersecurity in line with prior knowledge and priorities of the individuals attending. Starting with the legal requirements, critical issues and risks will be treated in depth and transformed into a defined target state. Special situations and practical cases will be taken on board and addressed in a joint effort. The resulting target state will be documented for each work area:

  • All hazards approach to risks and threats, risk analysis
  • Information security, incident management
  • Business continuity and resilience, crisis management
  • Security and risk management in the supply chain
  • Acquisition, development, operations (life cycle)
  • Effectiveness of controls and measures (audit, compliance, formal reviews)
  • Cyber hygiene, training, awareness
  • Encryption, MFA, technical questions in practice
  • HR / personnel security

This shourt course will be administered solely on an individual basis and within an agreed set of sessions on site and/or remotely.

Rolf von Roessing is a partner and CEO at FORFA Consulting AG, an international consultancy firm specialising in GRC, security and related disciplines. He brings 30 years of experience in governance, risk management and compliance; security and business continuity; and crisis management in a range of sectors, including banking and finance, insurance, wholesale and retail, automotive, and healthcare.

He has also been teaching as a senior lecturer in M. Sc. courses at Donau-Universität Krems since 2005, covering foundational IT subjects as well as advanced topics. In 2014, he was awarded honorary professorship.

He is a former International Vice President and Global Vice Chairman of ISACA (2009-2011; 2019-2021) Since 2021, Rolf has been lead developer within the core team developing the ISACA Digital Trust Ecosystem and Framework (DTEF).

From 2001 to 2008, Rolf was a member of the BCI Board of Directors, and Chairman of the Audit Committee from 2003 to 2008.

Rolf has published extensively on BCM, resilience and cyber topics since 2001. A list of works is available on scholar.google.com and academia.edu. He frequently provides contributions to leading journals and magazines such as Computer Weekly. In 2023, he was nominated as one of three worldwide ISACA Global Evangelists.

Back to top