In this talk the business application security process at Allianz SE will be laid out. Information security is an integral part of any IT related project from the very beginning and – supported by a well-defined framework of processes and accompanying documents – this is maintained through the whole project lifecycle. I will give a detailed overview of the process, show the relevant steps and documents and discuss common challenges when dealing with the projects, how to tackle those and lessons learned.
Thomas Stocker works as Information Security Officer for the Holding of Allianz SE. He has initially established and continuously improved the business application security process since he took over the job six years ago. Prior to that he worked as an application developer and architect, so he knows his stuff from the ground up.