Site Search Site Search

Menu

Content & events

Menu

Upcoming events & sponsorships

Loading Results

Assurance Reporting for Privacy and Data Protection

Demonstrating appropriateness of design and operational effectiveness of your privacy and data protection controls

Service areas

ISAE 3000 attestation wrt. GDPR

Your challenges

  • You're looking for a way to respond to regulatory reporting requirements or presenting public claims of compliance?
  • You want to set yourself apart from competition and give customers the type of information they need to trust you
  • You intend to demonstrate your Corporate Social Responsibility and sustainability commitment to customers and employees.

What does it include?

  • An opinion from a knowledgeable third party of your internal controls supporting Data Privacy objectives on three dimensions: (1) design, (2) implementation, and (3) operating effectiveness, aligned with the CARPA framework developed by the CNPD.

Key benefits

  • Leading with trust, by embedding a governance and monitoring framework that promotes the right behaviours and improves information reliability;
  • Protection of your reputation by safeguarding your most important asset - your brand;
  • Enhanced internal controls and performance by using a world-known attestation mechanism

Key deliverables

  • An ISAE3000 assurance report on internal controls supporting data privacy objectives, aligned with the requirements of the CARPA framework.

CARPA certification (being developed by the CNPD)

Your challenges

  • You want to demonstrate your clients, employees and counterparts that you comply with the key principles of the GDPR?
  • You look to be ahead of competition and demonstrate your accountability with core data privacy principles?
  • You do business outside of Luxembourg and want to demonstrate your partners that you comply with you core requirements as to data privacy?

What does it include?

  • An opinion from a knowledgeable third party of your internal controls supporting Data Privacy using an ISAE3000 report;
  • A public certificate demonstrating your compliance with the core requirements of the GDPR.

Key benefits

  • An ISAE 3000 report focusing on areas you would define;
  • A recognition of your ongoing efforts to comply with data privacy requirements;
  • A certificate with EU-wide recognition.

Key deliverables

  • A certificate granted as per the CARPA framework (soon).

Contact us

Frédéric Vonner

Advisory Partner, Sustainability, PwC Luxembourg

Tel: +352 49 48 48 4173

Linkedin Follow Email

Guy Brandenbourger

Advisory Partner, Government & Public Sector Leader, Healthcare Leader, PwC Luxembourg

Tel: +352 49 48 48 2386

Linkedin Follow Email

Antonin Jakubse

Senior Manager, Privacy, PwC Luxembourg

Tel: +352 62133 44 12

Linkedin Follow Email
Follow us

Required fields are marked with an asterisk(*)

Please select the cybersecurity service(s) you are interested in and would like to discuss further

Please select the privacy service(s) you are interested in and would like to discuss further:

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide
Content & events Careers Contact us Manage your PwC Luxembourg Preferences

© 2018 - 2025 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.