LOGBOOK

HELP

Quiz Entry - updated: 2026.06.20

How is the security organization structured at a large international insurer like Helvetia Baloise across group and local levels?

A central Group CISO sets direction, while market-unit and business-unit layers carry the controls down to local CISOs and ISOs near the front line.

The structure at Helvetia Baloise (a Swiss insurer present across Europe) layers a Group CISO over 2LoD CISOs for each Market Unit and Business Unit, who in turn oversee 1LoD ISOs (Information Security Officers) at unit level. Group-wide there are roughly 50 security officers for ~22,000 employees, including Group CISO, Group ISOs, Local CISOs, Local ISOs, and a Cyber Defense Team. A separation of 1LoD (IT) and 2LoD (Risk Management) responsibilities was ongoing — meaning operational security ownership is being cleanly split from independent risk oversight.

Tip: "LoD" = Line of Defense; 1LoD owns and runs controls, 2LoD independently oversees risk.

From Quiz: ISM / Praktische Anwendung | Updated: Jun 20, 2026