Thomas (Dr.) Kaufmann

Consultant for Data Protection and Information Security

Hilpoltstein, Germany

Experience

Jul 2020 - Present
5 years 1 month

Consultant for Data Protection and Information Security

DatenSchutzBeratung Dr. Kaufmann GmbH

  • Consulting and training on data protection and information security management systems.
  • Conducting data protection and information security consulting in various projects:
  • ISMS implementation with successful ISO 27001 certification at a software manufacturer.
  • ISMS revision and certification preparation for ISO 27001 at an IT service provider.
  • Migration of ISMS to ISO 27001:2022 at a software manufacturer.
  • Data protection update at a medium-sized industrial company.
  • Ongoing appointments:
  • Data Protection Officer (DPO) at a hospital.
  • DPO at a small software consultancy.
  • Information Security Officer (ISO) at a healthcare software company.
May 2018 - Jun 2020
2 years 2 months

Vice President Corporate Data Protection (Chief Data Protection Officer)

LEONI AG

  • Establishment of a data protection management system for accountability in accordance with the GDPR.
  • Implementation of data protection measures:
  • Introduction of a global contract for intragroup data exchange.
  • EU-wide data protection training.
  • Creation and expansion of the record of processing activities.
  • Establishment of reporting channels and procedures for data protection incidents and inquiries.
  • Project support and audits.
  • Deletion of data from an SAP HR system.
  • Internal Data Protection Officer of LEONI AG and external Data Protection Officer for 14 German subsidiaries.
  • Span of control: up to 1.5 direct positions and up to 30 data protection coordinators functionally at various European sites.
Apr 2010 - Apr 2018
8 years 1 month

Vice President Corporate Information Security (Chief Information Security Officer, Chief Data Protection Officer)

LEONI AG

  • Ensuring secure (confidential, integral, and available) and BDSG-compliant information processing.
  • Representing information security objectives across the group by establishing and operating an information security management system:
  • Development and implementation of policies.
  • Creating awareness within the company.
  • Development and implementation of a medium-term IT security technology roadmap.
  • Conducting assessments and audits.
  • Preparation and support for customer audits (e.g., VDA TISAX).
  • Leadership in the global data privacy compliance field.
  • Development and continuous improvement of data protection policies.
  • Monitoring the proper use of data processing programs.
  • Span of control: up to 5 direct reports and up to 80 functional reports.
Dec 2005 - Dec 2006
1 year 1 month

Team Lead SAP Logistics

LEONI AG

  • Led a team responsible for customizing and programming the logistics modules (PP, SD, MM, APO) of SAP R/3 for group companies.
  • Span of control: up to 10 direct reports.
Dec 2000 - Mar 2010
9 years 4 months

Advisor for Cross-Functional Functions in Central IT and Organization, later Manager IM Administration

LEONI AG

  • Development of IT strategy, IT controlling, IT security, and project portfolio management.
  • Collaboration on the implementation of international transfer pricing for IT costs.
  • Support of IT audits for the annual financial statement audit.
  • Introduction of ITIL sub-areas in information management.
  • Creation and training of a project management manual.
  • Participation in the introduction of a group-wide intranet and ticket system.
  • Span of control: up to 3 direct reports.
Jun 1995 - Jul 2000
5 years 2 months

PhD in Economics (Dr. rer. pol.)

  • Dissertation: "Design of a marketplace for heterogeneous components of enterprise application systems".
  • Major/professional skills: Business Informatics.
  • Institution: Friedrich-Alexander University Erlangen-Nuremberg.
Jun 1995 - Jun 2000
5 years 1 month

Research Associate

Bavarian Research Center for Knowledge-Based Systems (FORWISS)

  • Participation in research: cooperative software development.
  • Conducting chair activities (Business Informatics I, Prof. Dr. Dr. h.c. mult. P. Mertens), including lectures.
Oct 1989 - May 1995
5 years 8 months

Diploma in Business Informatics

  • Institution: Darmstadt University of Applied Sciences (today TU Darmstadt).

Summary

Consulting or training on data protection and information security, in particular data protection or information security management systems.

Languages

German
Native
English
Intermediate

Education

Jun 1995 - Jul 2000

Friedrich-Alexander University Erlangen-Nuremberg

PhD in Economics (Dr. rer. pol.), Design of a marketplace for heterogeneous components of enterprise application systems · Business Informatics · Erlangen, Germany

Oct 1989 - May 1995

Darmstadt University of Applied Sciences (today TU Darmstadt)

Diploma in Business Informatics · Business Informatics · Darmstadt, Germany

Certifications & licenses

A

A1

AM

B

BE

C1

C1E

CE

GDD-cert (BDSG a.F.)

ITIL Foundation

L