Simple implementation of IT security requirements in the insurance industry

November 12, 2024

In the project, Fraunhofer IESE adapted CosmosDirekt's processes for application development with regard to IT security and secure software development to the updated Europe-wide regulatory requirements of the Generali parent company.

iStock-1388013584 — © iStock.com/TU IS
cloud computing technology concept transfer database to cloud. There is a large cloud icon that stands out in the center of the abstract world above the polygon with a dark blue background.

Last modified: November 12, 2024

CosmosDirekt Success Story at a glance

What it is about:
Summary of the project

The challenge:
What was the challenge with which the company approached IESE?

The support:
How did IESE specifically support the company?

The result:
What are the most important results of the project and what are the next steps for the company?

Your advantages:
Fraunhofer IESE as your partner for security

What it's about: Summary of the project

In the Generali Group, a guideline for secure software development applies to all national companies and Group companies throughout Europe. Depending on the criticality of an application, it defines the requirements that must be met with regard to data protection and IT security. This guideline was updated and expanded in 2023. The aim of the project was to implement the updates to the guideline for the life cycle of applications (development, release, operation and maintenance) as unbureaucratically as possible for the subsidiary CosmosDirekt. The software processes had to be adapted accordingly. In an initial project phase, the concept development, the IESE team analyzed the workflows in development, release and operation processes as well as their control with regard to the changes in the requirements. Specific tools such as checklists and templates were then adapted to the guideline and, where necessary, new elements were added in order to implement changes efficiently and effectively. A total of 65 so-called "controls", which define the requirements for secure software development, were added to or updated in the processes. The changes to the development processes were presented to the approximately 130 employees affected and a concept for converting existing applications to the new standard was communicated.

The challenge: What was the challenge with which the company approached IESE?

The particular challenge lay in the regulatory framework, whose changes and extensions had to be implemented simply and unbureaucratically in CosmosDirekt's IT and software processes.

The support: How did IESE specifically support the company?

Fraunhofer IESE supported CosmosDirekt in analyzing the regulatory requirements with regard to their innovations and developing a concept for adapting them to existing processes in a simple and manageable way. Existing templates and checklists were supplemented accordingly, slides were created for the rollout to the development teams and several employee training events were actively supported.

The result: What are the most important results of the project and what are the next steps for the company?

In the project with CosmosDirekt, Fraunhofer IESE established modified and additional regulatory requirements in the Secure Software Development processes. Tools and materials for a targeted rollout were also made available.

This is what Michael Jungblut, Head of IT Operations and IT Compliance, Cosmos Direkt, says

"In the project with CosmosDirekt, Fraunhofer IESE has established modified and additional regulatory requirements in the Secure Software Development processes. Tools and materials for a targeted rollout were also made available."

© CosmosDirekt
Michael Jungblut, Head of IT Operations and IT Compliance, Cosmos Direkt

Your advantages: Fraunhofer IESE as your partner for security

Our expertise

IT security and IT compliance
IT security management
Secure Software Development
Regulation
Software processes

Your advantages

Fulfillment of important regulatory requirements in the area of IT security and IT compliance
Benefit from IESE's experience in IT security and IT compliance

Get in touch with us!

Get in touch with us! We use software-based and digital innovations to develop customized solutions for you. Benefit from Fraunhofer as an industrial partner on your way to the virtual validation of your autonomous off-road vehicles.

Reference to further information:

Information Security

Informed, self-determined, and secure in the digital world.

Digital Business

Fraunhofer IESE combines software engineering and research to optimally implement the digital transformation in your company.

more Infos

Success Story CosmosDirekt