Beschreibung

I support organizations that need clarity, structure, and confidence when facing audits, regulatory requirements, or complex IT landscapes.

I am an experienced IT audit specialist, certified ISO 27001 Lead Auditor, ISO 20000 Lead Auditor, CISA (ISACA), and ITIL Expert across multiple generations (V2, V3, V4). My work combines deep audit expertise with hands-on process design and governance implementation.

I regularly help clients prepare for:

IT and compliance audits

ISO 27001 and ISO 20000 audits

Internal audits and management reviews

Governance and control assessments

Regulatory-driven IT reviews (DORA / NIS2 / etc.)

---

Ich unterstütze Organisationen, die Klarheit, Struktur und Sicherheit bei Audits, regulatorischen Anforderungen oder komplexen IT-Landschaften benötigen.

Ich bin ein erfahrener IT-Audit-Spezialist, zertifizierter ISO 27001 Lead Auditor, ISO 20000 Lead Auditor, CISA (ISACA) und ITIL-Experte (Version 2, 3 und 4). Meine Arbeit verbindet fundierte Audit-Expertise mit praktischer Erfahrung in Prozessdesign und Governance-Implementierung.

Ich unterstütze meine Kunden regelmäßig bei der Vorbereitung auf:

IT- und Compliance-Audits

ISO 27001- und ISO 20000-Audits

Interne Audits und Managementbewertungen

Governance- und Kontrollbewertungen

Regulatorisch bedingte IT-Reviews (DORA, NIS2 etc.)

Sprachen

Deutsch
Muttersprachlich oder zweisprachig
Englisch
Verhandlungssicher

Arbeitsortpräferenzen

Nur remote

Führt Projekte hauptsächlich remote aus

Multiple Banking and Financial Service Provider
External Auditor
BANKEN & VERSICHERUNGEN
Juni 2016 - November 2024 (8 Jahre und 5 Monate)
Frankfurt am Main, Deutschland
Employment Type: Project engagement on behalf of ChallengeIT GmbH

DEUTSCHE BANK:
2024: Technology roadmap audit and IT transformation audit; assessment of legacy systems and Microsoft platforms; regulatory validations for HKMA and FED
2023: Cloud platform and enterprise architecture audits
2022: International audits covering IT infrastructure and ITIL processes; cloud audits (Windows, O365, Google Cloud); vendor strategy; regulatory requirements (HKMA)
2021: International audits focusing on IT infrastructure and ITIL processes (Asset & Configuration Management, Middleware)
2020: International audits in Italy and Poland, including local regulatory requirements
2018–2017:
Data center and physical security audits
Software development procedure audits (SDLC, open source, source code reviews)
Audits of ultra-low-latency environments
2016: Application and infrastructure audits (regulators: ECB, FED, MAS), review of program governance frameworks and access management

Focus: IT Audit, ISO 27001, ITIL Processes, Cloud & Infrastructure, Regulatory Audits

DEUTSCHE BOERSE:
2021: Compliance audit of the “B7 Buy-in Agent Platform” prior to go-live, Compliance audit and risk assessment (LeSS framework for software development), IT Operations audit
FINANZ INFORMATIK PLUS:

2024: IT audits focusing on user access management, Audits of order and billing processes, Planning, execution, and documentation of audits using standardized operational templates
TOYOTA KREDITBANK:

2024: Annual Sarbanes-Oxley (SOX) IT audit, Scope: SAP, non-SAP systems, IT operations, Creation of an audit matrix for documentation and stakeholder alignment
IT-Audit Sarbanes-Oxley Act Regulatory Compliance IT Service Management
Mercedes Benz Cars, Daimler Truck and Van
IT Service Management Consulting, ISO 27001 Consulting and Audit preparation
AUTOMOBILSEKTOR
Oktober 2009 - Dezember 2024 (15 Jahre und 2 Monate)
Köln, Deutschland
Employment Type: Project engagement on behalf of ChallengeIT GmbH

DAIMLER TRUCK AG:

2024: Design of an ISO 27001 assessment questionnaire (Power App) for all European applications, Execution of ISO 27001 assessments, Introduction of a centralized SharePoint for application owners, Presentation of NIS2 requirements and process recommendations, Development of Power BI dashboards
2009 - 2019 (multiple engagements): Design and operation of ITIL processes (Incident, Problem, Change, Release, Request, Demand), Setup of service management organizations, Reporting, ticket automation, demand and budget analysis, ISO 20000 assessments and expert reports, Outsourcing support and provider management,
IT-Audit ISO 27001 Lead Auditor ITIL V4 IT Service Management
ChallengeIT
IT Audit & Governance Specialist / Lead Auditor (ISO 27001 & ISO 20000) / CISA / ITIL Expert
BERATUNG & AUDITS
März 2009 - Dezember 2024 (15 Jahre und 9 Monate)
Köln, Deutschland
Senior IT audit and governance specialist with long-term responsibility for planning, execution, and documentation of IT audits, compliance assessments, and ITIL process implementations across regulated and complex enterprise environments.

Core responsibilities included:
IT and compliance audit preparation and execution (internal audit, ISO 27001, ISO 20000, ITGC, SOX)
Acting as lead auditor and subject matter expert in international audit teams
Design, optimization, and governance of ITIL processes across all disciplines
Development of risk & control frameworks, maturity models, and audit matrices
Creation of policies, procedures, KPIs, RACIs, and audit-ready documentation
Business continuity management (BCM) and business continuity plans (BCP)
Governance and compliance coaching for IT management and audit teams
Application risk profiling and control assessments across large application landscapes
Enterprise-level ITIL expert (V2, V3, V4) with deep hands-on experience across all ITIL disciplines. Responsible for designing, implementing, governing, and auditing ITIL processes and policies in global organizations.

Focus areas:
Incident, Problem, Change, Release & Request Management
Service Level, Event, Asset & Configuration Management
Capacity, Availability & Continuity Management
ITIL policies, procedures, operating models, and KPIs
Tool-supported implementations (ServiceNow, Jira, reporting platforms)
Audit-aligned ITIL process documentation
Engagements covering: banking, financial services, energy, automotive, pharma, chemical industry, semiconductor industry, public sector, and KRITIS environments.
IT-Servicemanagement IT-Audit Business Continuity Management IT Governance Training on the job

Sei die erste Person, die Jan empfiehlt

Teile Deine Erfahrung aus der Zusammenarbeit mit diesem Freelancer.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Anmelden, um Profile zu sehen

CISA
Manufaktur IT
2019
Die CISA-Zertifizierung (Certified Information Systems Auditor) ist eine weltweit anerkannte Qualifikation für IT-Profis, die ihre Expertise in IT-Prüfung, -Sicherheit und -Governance nachweist und von der ISACA vergeben wird. Sie bestätigt die Fähigkeit, IT-Systeme und -Prozesse zu prüfen, zu steuern und zu überwachen, was zu vielfältigen Karrierechancen führt.
SCRUM for Agile Projectmanagement
Maxpert
2015
Scrum ist ein agiles Framework für das Projektmanagement, das ursprünglich für die Softwareentwicklung konzipiert wurde, heute jedoch branchenübergreifend zur Bewältigung komplexer Probleme eingesetzt wird. Das Framework wird durch drei Säulen der Empirie gestützt: Transparenz, Überprüfung und Anpassung.

Ausbildung und Abschlüsse von Jan ansehen

Sonstige

Jan Konnerth

Independent IT Audit & Governance Advisor

Über Jan

Projekt- und Berufserfahrung

Empfehlungen

Diese Freelancer passen auch zu Ihren Kriterien

Ausbildung und Abschlüsse

Fähigkeiten

Kategorien