Assurance Reporting for Privacy and Data Protection

Demonstrating appropriateness of design and operational effectiveness of your privacy and data protection controls

Service areas

ISAE 3000 attestation wrt. GDPR

Your challenges

  • You're looking for a way to respond to regulatory reporting requirements or presenting public claims of compliance?
  • You want to set yourself apart from competition and give customers the type of information they need to trust you
  • You intend to demonstrate your Corporate Social Responsibility and sustainability commitment to customers and employees.

What does it include?

  • An opinion from a knowledgeable third party of your internal controls supporting Data Privacy objectives on three dimensions: (1) design, (2) implementation, and (3) operating effectiveness, aligned with the CARPA framework developed by the CNPD.

Key benefits

  • Leading with trust, by embedding a governance and monitoring framework that promotes the right behaviours and improves information reliability;
  • Protection of your reputation by safeguarding your most important asset - your brand;
  • Enhanced internal controls and performance by using a world-known attestation mechanism

Key deliverables

  • An ISAE3000 assurance report on internal controls supporting data privacy objectives, aligned with the requirements of the CARPA framework.

CARPA certification (being developed by the CNPD)

Your challenges

  • You want to demonstrate your clients, employees and counterparts that you comply with the key principles of the GDPR?
  • You look to be ahead of competition and demonstrate your accountability with core data privacy principles?
  • You do business outside of Luxembourg and want to demonstrate your partners that you comply with you core requirements as to data privacy?

What does it include?

  • An opinion from a knowledgeable third party of your internal controls supporting Data Privacy using an ISAE3000 report;
  • A public certificate demonstrating your compliance with the core requirements of the GDPR.

Key benefits

  • An ISAE 3000 report focusing on areas you would define;
  • A recognition of your ongoing efforts to comply with data privacy requirements;
  • A certificate with EU-wide recognition.

Key deliverables

  • A certificate granted as per the CARPA framework (soon).

DPO Meet Up

Discover more and request an invitation

Contact us

Want to get in touch and discuss our cybersecurity and privacy services in detail?

Contact us

Frédéric Vonner

Partner, Regulatory Advisory Services, PwC Luxembourg

Tel: +352 49 48 48 4173

Linkedin Follow Twitter Follow Email

Guy Brandenbourger

Partner, Industry & Public Sector, Healthcare Leader, PwC Luxembourg

Tel: +352 49 48 48 2386

Linkedin Follow Email

Antonin Jakubse

Senior Manager, PwC Luxembourg

Tel: +352 49 48 48 4412

Email
Stay Connected:
Media & Events Contact us Careers RSS

© 2018 - 2021 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.