Training Catalog

Cloud Officer & Outsourcing Officer - Certified programme




At the end of the course, the participants must be able to:

  • understand the role and responsibilities of the cloud officer / outsourcing officer

  • have an overview of the applicable circulars including CSSF Circular 22/806 and the domains covered in this circular. It will enable them to make their choices including gap analysis and remediation actions for conformity with this circular.

  • understand and demonstrate different service and delivery models of cloud computing

  • understand and demonstrate the risk management for outsourcing arrangements (ICT, cloud, and business process outsourcing)

  • understand and demonstrate security aspects and principles of cloud computing

  • practically manage the outsourcing operations

Role and responsibilities
  • Introduction

  • Definition

    • Cloud officer

    • Outsourcing officer

  • Responsibilities

  • Hierarchical structure

Compliance considerations 
Based on the European Banking Authority (EBA) guidelines and best practices in the field of outsourcing compliance 
  • Introduction

  • Applicable circulars

    • CSSF 22/806

    • CSSF 20/750

    • CSSF 21/769 (22/804)

  • Circular 22/806 domains

    • General principles (including sustainability (ESG))

    • Governance

      • Assessments of outsourcing arrangements

      • Framework

      • Outsourcing process

    • Requirements in the context of ICT outsourcing arrangements

  • Next Steps

Cybersecurity, policies, processes, and Risk Management
  • Introduction

  • Cybersecurity domains

    • Governance and strategy

    • Risk management

      • Basics of Risk Management

      • Risk management of the outsourcing arrangements (ICT, cloud and business process outsourcing)

    • Information security

      • Policy and processes

      • Identity and Access management

      • Cryptography

      • Examples of cloud security solutions

    • ICT governance

    • Business continuity management

  • Next Steps

Outsourcing and Technologies: Cloud Solution Providers (AWS & AZURE) and other outsourcing use case 
  • Introduction to different service and delivery models of cloud computing.

  • Introduction to the cloud solution providers

    • AWS

    • MS Azure

  • Cloud solution providers

    • Security principles

    • How principles apply (Security options, data encryption…)?

  • Cascade outsourcing: Organisational and Compliance Aspects

  • Other outsourcing use cases: SOC, Hosting, Development, …

Compliance practical implications (Circular 22/806 CSSF included) 
  • CSSF notification step by step

  • Alignment of the governance with the circular 

    • Management body responsibility

    • Proportionality analysis 

    • Outsourcing definition

    • Outsourcing policy

    • Outsourcing life-cycle

    • Outsourcing register

    • Contract management

    • Upgrade of existing outsourced functions

    • Critical or important functions (CIF)

    • Exit strategy and Business Continuity management

    • Service provider monitoring process – Outsourcing monitoring framework.

Target audience

ICT/Security Risk Managers, (C)ISO, Risk Officer, Cloud Officer, Outsourcing Officer, Business Continuity Manager, Compliance Officer, of Banks 

Any manager involved in the 2nd Line of defense (such as governance, risk management, compliance, security, business continuity) 


Course Material

The training material will be handed out at the beginning of the course.


The knowledge acquired in the seminar will be validated through an ONLINE examination. The examination is based on a MCQ questionnaire of around 50 questions. The required passing rate is 80%.

By the end of the course participants will receive the link for the examination and will have 5 working days to take it. 


At the end of the training, a certificate of attendance will be available either on your client account or on demand to the customer service.

Candidates who successfully complete the examination will receive the following certificate of completion co-signed by the ABBL: "Certified Cloud Officer & Outsourcing Officer"

Chambre de Commerce Luxembourg Chambre de Commerce Luxembourg
7, rue Alcide de Gasperi
L-1615 Luxembourg
Calculate the itinerary

For further questions please contact our partner in your country


Cloud Officer & Outsourcing Officer - Certified programme


Great course and great instructor!!! The content, the opportunities to ask questions and talk about real life examples made this a really enjoyable and insightful course.

Jean-Hubert was an excellent instructor. He balanced everyone’s varying levels of experience well throughout the course.

I really expanded my knowledge regarding cloud technology and outsourcing.

Hermiona Jolle - Albania


Cloud Officer & Outsourcing Officer - Certified programme


I wanted to take a moment to express my sincere gratitude and appreciation for my attendance at the recent Cloud and Outsourcing Officer training session. The lecturer's active participation and engagement were truly invaluable, and his insights greatly enriched the discussions and learning experience for everyone involved.

Florentina KRASNIQI  -  Kosovo

Cloud Officer & Outsourcing Officer - Certified programme


I wanted to express my sincere appreciation for providing me with the opportunity to participate in the recent course(i.e., Cloud Officer & Outsourcing Officer - Certified programme) on behalf of our Bank. The experience was truly valuable, especially considering the timing as our country prepares to transition to the cloud and explore various outsourcing options, some of which we have already initiated with certain cloud service providers.

The insights gained from learning more about cloud and outsourcing were indispensable for me. It has equipped me with the knowledge necessary to take necessary precautions and prepare relevant documentation related to cloud outsourcing. Moreover, understanding how to select the right cloud service provider(CSP) is paramount for our Bank's success in this transition. Finally, given its importance and timeliness, I highly recommend extending this training to others as well.

Once again, I am deeply grateful for this opportunity. It has allowed me to further develop my skills and contribute to our Bank's strategic objectives.

Tewodros Tesfaye MERDASSA

Cloud Officer & Outsourcing Officer - Certified programme


I highly appreciate the opportunity to have been part of this course. It was very close to my activity and my daily activities, being very practical.

Although there are some things that are peculiar and very specific to Luxembourg legislation and requirements.

For the exam part, being a very busy week for me – I had to take it last day (we had a weekend), this had an impact on the results as I found out now.

Also, the exam has very peculiar questions that aren’t necessarily found through the material, so if you take the test later there’s a high chance you might miss some of the questions.

Roman TATARU  -  Moldova

Cloud Officer & Outsourcing Officer - Certified programme