German regulation

BAIT (Bankaufsichtliche Anforderungen an die IT)

German financial-supervision requirements for IT at banks and financial institutions, issued by BaFin. Covers IT governance, information risk management, information security, user access (Berechtigungskonzept), IT operations, and outsourcing.

In ITSMx

ITSMx produces the Berechtigungskonzept (authorization concept) as PDF and JSON per BAIT 5, enforces segregation of duties in code, and supports information classification with IDV flagging.

MaRisk / BAIT compliance

Related terms

MaRisk Berechtigungskonzept SoD

Informational only — not legal advice.