Twenty-five officer roles, all live todayArt. 33 GDPR, 72 hours to report a breach93 controls under ISO/IEC 27001:202237 ready-to-run audit templates in the workspace§ 130 OWiG, supervisory duty of the management boardOfficer appointment letter, signed, filed, evidencedOne workspace for tasks, trainings, audits, documentationDIN 14095 fire protection plans, standardisedEU AI Act, the first horizontal AI regulation worldwideTwenty-five officer roles, all live todayArt. 33 GDPR, 72 hours to report a breach93 controls under ISO/IEC 27001:202237 ready-to-run audit templates in the workspace§ 130 OWiG, supervisory duty of the management boardOfficer appointment letter, signed, filed, evidencedOne workspace for tasks, trainings, audits, documentationDIN 14095 fire protection plans, standardisedEU AI Act, the first horizontal AI regulation worldwide

Sign in or register

Officer Roles

Every appointable officer role, in one workspace.

Select a role to see its mandate, legal basis, typical workflows and how CIVAC supports it. Roles range from data protection and IT security to fire safety, occupational health and supply-chain compliance.

Data Protection Officer

Data breaches, DPIAs, DPA reviews, records of processing, privacy policies. Appointed externally or handled in-house, with the 72-hour breach clock always running.

DPIABreach <72hRoPADPA review

Art. 37 GDPR · § 38 BDSG

Compliance Officer

Policy governance, whistleblower intake, internal control system, quarterly board report. Appointed, documented, defensible under § 130 OWiG.

IDW PS 980WhistleblowerICS§ 130 OWiG

IDW PS 980 · § 130 OWiG

Information Security Officer (ISB / CISO)

ISO 27001:2022 ISMS ownership, NIS-2 incident reporting, KRITIS obligations. 93 controls tracked, 24-hour early-warning and 72-hour incident-notification handled, TISAX and BSI C5 delivered on request.

ISO 27001:2022NIS-2KRITISTISAX

ISO/IEC 27001:2022 · §§ 30, 38 BSIG · NIS-2

Occupational Safety Specialist

Hazard assessments, site inspections, mandatory trainings, accident investigations. Appointed in writing per § 5 ASiG, documented per DGUV V2, filed in one place.

§ 5 ASiGDGUV V2§ 6 ArbSchGHazard log

§ 5 ASiG · DGUV V2 · § 6 ArbSchG

Fire Safety Officer

Fire-protection orders, evacuation drills, fire-department plans per DIN 14095. DGUV-I-205-023-compliant documentation, appointed in writing, audit-ready at inspection.

DGUV I 205-023DIN 14095ASR A2.2Evacuation

DGUV I 205-023 · DIN 14095 · ASR A2.2

Hazardous Substances Officer

Substance inventory per TRGS 400, risk assessment per § 6 GefStoffV, substitution checks. A live register that survives any Gewerbeaufsicht visit.

§ 6 GefStoffVTRGS 400TRGS 402/510Substitution

§ 6 GefStoffV · TRGS 400 / 402 / 510

Environmental Officer

Permit management, emission reporting, waste tracking, hazardous-substance storage. Full environmental file cabinet across BImSchG, WHG, KrWG and ISO 14001.

BImSchGWHGKrWGISO 14001

BImSchG · WHG · KrWG · ISO 14001

Anti-Money-Laundering Officer

Risk analysis, KYC/KYB, suspicious-activity reporting to FIU. § 7 GwG appointment documented, reporting line clean, BaFin-inspection ready.

§ 7 GwGRisk analysisKYCSAR

§ 7 GwG · FIU reporting

Quality Management Officer

Process audits, management review, CAPA, customer-complaint loop. DIN EN ISO 9001:2015 certification and recertification handled without surprises.

ISO 9001Process auditCAPAMgmt review

DIN EN ISO 9001:2015

Supply-Chain Due-Diligence Officer

Human-rights risk analysis, preventive measures, grievance mechanism, annual BAFA report. Supply-chain due diligence on rails for any company above the LkSG thresholds.

§ 4 LkSGBAFA reportRisk analysisGrievance

§ 4 LkSG · BAFA reporting

Equal Opportunity Officer

AGG complaints office per § 13 AGG: confidential intake, documentation, case handling. BGleiG workflows for federal bodies included.

§ 13 AGGBGleiGCase fileConfidential

§ 13 AGG · BGleiG

Occupational Physician

Preventive checkups, workplace health assessments, return-to-work coordination, vaccination programmes. Appointed per § 3 ASiG, hours scaled to DGUV V2 headcount rules.

§ 3 ASiGDGUV V2CheckupsReturn-to-work

§ 3 ASiG · DGUV V2

Dangerous Goods Officer

ADR, IMDG and IATA documentation, transport-safety checks, annual report to the operator. Appointed where transport volumes cross the § 3 GbV thresholds.

§ 3 GbVADRIMDGAnnual report

§ 3 GbV · ADR · GGVSEB

Hygiene Officer

Hygiene plan per § 36 IfSG, infection-control audits, staff training, drinking-water sampling per TrinkwV. Mandatory in healthcare, gastronomy, kindergartens.

§ 36 IfSGTrinkwVInfection logStaff training

IfSG · TrinkwV

ESG / Sustainability Officer

Double-materiality analysis, CSRD-compliant sustainability report, ESRS data points, GHG-Protocol inventory. Responsible for the annual report management signs.

CSRDESRSDouble materialityGHG Protocol

CSRD · ESRS · LkSG

Internal Reporting Officer

Confidential intake of whistleblower reports, case handling within the 3-month HinSchG deadline, retaliation monitoring. Independent from management reporting lines.

HinSchGCase file3-month deadlineIndependent

HinSchG · EU Whistleblower Directive

Emission Control Officer

Emission monitoring, supervision of permit-required plants, annual report to operator management, input on notifiable plant changes. Mandatory per § 53 BImSchG.

§ 53 BImSchGEmission logAnnual reportPlant supervision

Waste Officer

Waste register per AbfBeauftrV, recycling-quota monitoring, annual report to management, input on notifiable waste decisions. Required per § 59 KrWG above threshold.

§ 59 KrWGAbfBeauftrVWaste registerAnnual report

§ 59 KrWG · AbfBeauftrV

Water Protection Officer

Water-hazard inventory per AwSV, tank and separator inspections, leakage response, annual report. Required for facilities handling water-hazardous substances above thresholds.

§ 64 WHGAwSVTank inspectionAnnual report

§ 64 WHG · AwSV

Emergency Response Officer

Business-continuity plans per ISO 22301, emergency drills twice yearly, crisis-team coordination, after-action reviews. Often bundled with ISO 27001 or occupational safety mandates.

ISO 22301BCM drillCrisis teamAfter-action

ISO 22301 · DGUV I 205-001

Major Incident Officer

Safety concept per 12. BImSchV, safety analysis, incident report to Regierungspräsidium within 24 h, coordination with fire brigades. Mandatory for Seveso-tier plants.

12. BImSchVSeveso24 h reportSafety concept

12. BImSchV (StörfallV)

Radiation Protection Officer

Permits per StrlSchG, dosimeter management, staff medical screening, monthly dose reporting to BfS. Required in medical, industrial radiography and research.

StrlSchGDosimetryBfS reportStaff screening

StrlSchG · StrlSchV

Inclusion Officer

Coordination with the Integrationsamt, workplace-adaptation budgets, accessibility reviews, annual representation report. Required per § 181 SGB IX in most companies.

§ 181 SGB IXIntegrationsamtAccessibilityAnnual report

Site Manager

Construction-site supervision per state building codes (LBO), SiGeKo role per BaustellV, DGUV-compliant safety briefings, as-built documentation. Named on the building permit.

LBOBaustellVSiGeKoAs-built

LBO · BaustellV · DGUV

Supplier Auditor

On-site supplier audits per ISO 9001 and IATF 16949, non-conformance logs, CAPA tracking, audit report with risk score. Scheduled against a rolling three-year cycle.

ISO 9001IATF 16949CAPARisk score

ISO 9001 · IATF 16949