Thomas (Dr.) Kaufmann
Consultant for Data Protection and Information Security
Experience
Jul 2020 - Present
5 years 1 monthConsultant for Data Protection and Information Security
DatenSchutzBeratung Dr. Kaufmann GmbH
- Consulting and training on data protection and information security management systems.
- Conducting data protection and information security consulting in various projects:
- ISMS implementation with successful ISO 27001 certification at a software manufacturer.
- ISMS revision and certification preparation for ISO 27001 at an IT service provider.
- Migration of ISMS to ISO 27001:2022 at a software manufacturer.
- Data protection update at a medium-sized industrial company.
- Ongoing appointments:
- Data Protection Officer (DPO) at a hospital.
- DPO at a small software consultancy.
- Information Security Officer (ISO) at a healthcare software company.
May 2018 - Jun 2020
2 years 2 monthsVice President Corporate Data Protection (Chief Data Protection Officer)
LEONI AG
- Establishment of a data protection management system for accountability in accordance with the GDPR.
- Implementation of data protection measures:
- Introduction of a global contract for intragroup data exchange.
- EU-wide data protection training.
- Creation and expansion of the record of processing activities.
- Establishment of reporting channels and procedures for data protection incidents and inquiries.
- Project support and audits.
- Deletion of data from an SAP HR system.
- Internal Data Protection Officer of LEONI AG and external Data Protection Officer for 14 German subsidiaries.
- Span of control: up to 1.5 direct positions and up to 30 data protection coordinators functionally at various European sites.
Apr 2010 - Apr 2018
8 years 1 monthVice President Corporate Information Security (Chief Information Security Officer, Chief Data Protection Officer)
LEONI AG
- Ensuring secure (confidential, integral, and available) and BDSG-compliant information processing.
- Representing information security objectives across the group by establishing and operating an information security management system:
- Development and implementation of policies.
- Creating awareness within the company.
- Development and implementation of a medium-term IT security technology roadmap.
- Conducting assessments and audits.
- Preparation and support for customer audits (e.g., VDA TISAX).
- Leadership in the global data privacy compliance field.
- Development and continuous improvement of data protection policies.
- Monitoring the proper use of data processing programs.
- Span of control: up to 5 direct reports and up to 80 functional reports.
Dec 2005 - Dec 2006
1 year 1 monthTeam Lead SAP Logistics
LEONI AG
- Led a team responsible for customizing and programming the logistics modules (PP, SD, MM, APO) of SAP R/3 for group companies.
- Span of control: up to 10 direct reports.
Dec 2000 - Mar 2010
9 years 4 monthsAdvisor for Cross-Functional Functions in Central IT and Organization, later Manager IM Administration
LEONI AG
- Development of IT strategy, IT controlling, IT security, and project portfolio management.
- Collaboration on the implementation of international transfer pricing for IT costs.
- Support of IT audits for the annual financial statement audit.
- Introduction of ITIL sub-areas in information management.
- Creation and training of a project management manual.
- Participation in the introduction of a group-wide intranet and ticket system.
- Span of control: up to 3 direct reports.
Jun 1995 - Jul 2000
5 years 2 monthsPhD in Economics (Dr. rer. pol.)
- Dissertation: "Design of a marketplace for heterogeneous components of enterprise application systems".
- Major/professional skills: Business Informatics.
- Institution: Friedrich-Alexander University Erlangen-Nuremberg.
Jun 1995 - Jun 2000
5 years 1 monthResearch Associate
Bavarian Research Center for Knowledge-Based Systems (FORWISS)
- Participation in research: cooperative software development.
- Conducting chair activities (Business Informatics I, Prof. Dr. Dr. h.c. mult. P. Mertens), including lectures.
Oct 1989 - May 1995
5 years 8 monthsDiploma in Business Informatics
- Institution: Darmstadt University of Applied Sciences (today TU Darmstadt).
Summary
Consulting or training on data protection and information security, in particular data protection or information security management systems.
Languages
German
Native
English
Intermediate
Education
Jun 1995 - Jul 2000
Friedrich-Alexander University Erlangen-Nuremberg
PhD in Economics (Dr. rer. pol.), Design of a marketplace for heterogeneous components of enterprise application systems · Business Informatics · Erlangen, Germany
Oct 1989 - May 1995
Darmstadt University of Applied Sciences (today TU Darmstadt)
Diploma in Business Informatics · Business Informatics · Darmstadt, Germany
Certifications & licenses
A
A1
AM
B
BE
C1
C1E
CE
GDD-cert (BDSG a.F.)
ITIL Foundation
L
Similar Freelancers
Discover other experts with similar qualifications and experience