OSIS The new regulation of the NBRM and Law on protection of personal data

Date: 05.03.2019

Location ABIT

Duration 10:00 – 17:00h

Deadline for applications until 01 March 2019

Contact: +389 2 312 55 00, +389 70 355 656

The fee for participating in the training is 5,900 MKD
For the second participant from the same institution, 80% of the price is paid.

NOTE: full members of ABIT pay only 50% of the fee.


This training aims to explain the role and significance of the OSIS person i.e. the Information Security in the Banks in general in the light of the new trends and challenges, especially the new regulations of the NBRM and the Law on the Protection of Personal Data (GDPR).

The training starts with an explanation of the position of the Information Security Officer (OSIS) and its role in the information security process to ensure the stability and the robustness of the Bank’s operations. Within this framework, the role will be considered and analyzed by the OSIS person in the light of the new decision of the NBRM for information security of Banks and the new Law on Protection of Personal Data (GDPR). Furthermore, an overview of local and international standards and recommendations in the area of ​​information security relevant to OSIS’s information security and operations will be made.

The conclusion will be discussed and reviewed the contemporary trends and challenges that OSIS faces in the face of emerging threats and the use of the Internet and mobile technologies in the overall operation of Banks.


MODULE 1:Placement, organization and activities of the Information Security Officer (OSIS)

MODULE 2:The role of ISIS in the light of the new regulations and decisions

  • Review of the new Decision on Information Security of Banks, NBRM, May 2018 within which all significant parts (areas) will be discussed as part of the safety management system:
  • Process for managing the information system security
  • Planning, developing and implementing the strategy for managing information technology
  • Ensuring continuity of work
  • Modern channel systems
  • Information society bank services company
  • Notifications
  • the new Law on the Protection of Personal Data (GDPR), within which an emphasis will be placed on the connection between information (cyber) security and privacy, and the role of OSIS in the protection of (personal) data.

MODULE 3:Review of local and international standards and recommendations in the area of information security relevant to the operation of OSIS, such as:

  • CobiT – a working framework and methodology for managing / managing IT, ie aligning business objectives with IT processes and control procedures.
  • BS 17799 / ISO 27001 – standard for the establishment of an information systems security management system
  • ISO / IEC 27032 cybersecurity – the standard for the establishment of a system for managing the information systems security
  • PCI DSS – refers to security controls retrieved by storing, transmitting and processing chiral information
  • SWIFT CSF – refers to security controled by using the SWIFT service

MODULE 4:An overview of the contemporary trends and challenges that the OSIS faces, ie the increasing presence of the Internet and mobile technology in the overall operation of Banks.

Target group

The seminar is intended for all involved in the process of ensuring the safe and secure operation of Banks in line with the legislation and best practices such as:

*The Information Security Officer (OSIS)

*Internal Auditors

*Persons from the risk management sectors (operational)

*Personal Data Officer

*Persons in charge of compliance and monitoring of the legislation

*Persons from the IT department

*Persons from the property management and physical security services

as well as all others who want to get to know and exchange experience from their work on the challenges and trends of information security in the Banks.

Certification and language

In the end, each student receives a certificate for participation in the training.

The training is conducted in Croatian.

Our experts (lecturers)

Saso Mickov graduated from the Faculty of Electrical Engineering – Computer Technique, Informatics and Automation, at the University of Saints Cyril and Methodius in 1996.

His professional career begins with the first employment in the company Loginin Sutemy, Skopje, the first and only distributor of Microsoft in the country.

In 2001 he was employed at Stopanska Banka AD Skopje, initially as System Engineer and then from 2006 as an internal auditor in IT.

Firstly, as a System Engineer and then as an IT internal auditor, he participates in the implementation of a modern, integrated banking system as part of the process of regrouping and focuses on the Bank’s operations.

Since 2014 he has been working as a Responsible for Information System Security (OSIS) in Sparkasse Bank Macedonia AD Skopje and actively participates in the process of building and establishing the information security management system, contributing to the general trend of growth and modernization of the Bank.

It possesses relevant international certificates in the field of information systems such as:

  • CISA – Certified Information Systems Auditor
  • CIA – Certified Internal Auditor
  • Information Security ISO 27001 Lead Auditor
  • ITIL v3 Foundation Certificate
  • Microsoft Certified Systems Engineer- MCSE

In cooperation with:

No Comments Yet

Leave a Reply

Your email address will not be published.