Skip to content

Florian Schnettelker helps clients in highly regulated industries like life science and healthcare to achieve compliant, cost effective and efficient solutions in the light of digitalization and rising cybercrime to keep their IT and business secure, competitive and compliant to applicable, (IT)-GRC Regulations, Laws, Best Practices and Codes. This include topics like EU GDPR, COBIT 2019, ISO 27001, FDA and EU GxP Regulations (GMP, GLP, GCP, GVP, etc.) and many more.

Florian Schnettelker holds a bachelor degree in Bachelor degree in Business Informatics from the Cooperative State University of Baden-Wurttemberg. In parallel to his job, he is working on his Master in IT-Governance, Risk and Compliance Management. At the moment he is working for the Avacone AG in Allschwil as IT-GRC Consultant for different clients in different IT and IT-GRC related positions.

During his professional life he  worked already in different compliance relevant positions, like Drug Safety Specialist for Roche Pharma AG, IT-Quality and Compliance Manager for Novartis and Elanco. From his past experiences he knows how to develop a full integrated lean (IT-)GRC Framework according to different IT-Governance and (IT-) Compliance Frameworks.

He is member of following international business organizations:

  • ISACA German Chapter
  • ISC² Swsiss Chapter

He participates in following Industry Special Interest Groups:

  • ISACA – ISPE Supplier Audit
  • ISACA – ISPE Cybersecurity in GxP
  • ISACA – IT-GRC in Digital Health

Certifications he holds:

  • IPMA Project Manager
  • SAP TERP 10 Certificate
  • Cisco Certified Entry Network Technician (CCENT)
  • Cisco Certified Network Associate
  • Trainer according to German Ausbildereigungsverordnung
  • Lean Six Sigma White Belt
  • Cyber Security Partitioner from German Cyber Security Alliance
  • ISACA Cybersecurity Fundamentals Certificate
  • Acronis Backup Engineer
  • BSI IT-Sicherheitsbeauftragter/CISO

Services he offer through his current employer:

  • Cyber-Security Check
  • Information Security Management System Implementation according to ISO 27000-Series
  • IT-Infrastructure (Project)Management
  • IT-Quality Management
  • Data Privacy Management System Implementation according to EU-GDPR
  • IT-Application Management
  • Penetrationtesting (Server/Network/Medical Devices/Industrial-PCs)
  • Cyber Intelligence Analysis
  • Cyber Security Architecture Design
  • Cybersecurity Engineering
  • Enterprise IT Security Services
  • IT Incident Response
  • IT Network Security
  • IT Network Management
  • Information Security Analysis
  • Web Penetration Testing
  • Social Engineering
  • IT-GRC Manager for Digital Health

Conference attendance as Speaker:

  • ISC² Switzerland Chapter Security Conference 2018
    • Topic: Cybersecurity for Healthcare Facilities