Strategy and transformation

Information Security Risk Management

Your challenges
  • Do you have a clear understanding of the risks impacting your data?
  • Do you regularly monitor risks to ensure your protective measures remain appropriate and adapted to the threats you face?
  • Are you aware of new risks arising from changes to your environment or external threats?
  • Are your risk management activities compliant with the latest regulations (e.g. GDPR, CSSF, etc.)?
What does it include
  • Outsourced risk management service that includes risk identification, assessment and reporting, run by our information security experts;
  • Risk assessments tailored to your context and information systems;
  • Assistance in developing risk treatment plans;
  • Access to a web-based risk management tool (MONARC), which includes a central risk register.
Key benefits
  • Timely access to threat intelligence feeds;
  • Risk management informed by technical expertise;
  • Standardised approach to risk management across the organisation.

Information Security Management System assessment & implementation

Your challenges
  • Do you want to have a detailed analysis of the gaps between your current security practices and best practices (ISO27001, ISO27002)?
  • Do you want to become compliant or certified with an internationally recognised security standard by implementing n Information Security Management System (ISMS)?
What does it include

An in-depth transformation process in three key phases:

  • Gap analysis of the current situation;
  • Implementation of the ISMS based on the tailored recommendations provided in the first phase;
  • Preparation for the certification, white audit and support to prepare documents and evidence for the auditors.

Each phase can be selected individually depending on your needs.

Key benefits
  • Detailed list of gaps and recommendations to achieve best practices;
  • Support for the development of security documentation and governance required for an ISMS;
  • Support for the deployment of security controls and procedures.

Cyber assurance/attestation

Your challenges
  • Is the business resilient to a cyber attack?
  • Which threats should you be the most concerned about?
  • Are there gaps in your cybersecurity capabilities?
  • Do you have the right controls in place to detect key risks?
  • Are we investing in the right areas?
What does it include
  • Readiness assessment of your Cybersecurity Risk Management Program;
  • Remediation assistance;
  • Support in the report preparation and writing;
  • Cybersecurity controls testing.
Key benefits
  • Enhance brand and reputation;
  • Provide transparency;
  • Assess program effectiveness;
  • Reduce communication and compliance burdens;
  • Allow flexibility in reporting.

Cybersecurity transformation

Your challenges
  • Do you want to undertake a comprehensive security assessment of your organisation?
  • Do you want to identify technical and organisational weaknesses?
  • Do you want to define an information security strategy aligned with your business objectives?
  • Do you want to achieve a security posture aligned to your security risks and objectives?
What does it include
  • Full assessment of your Cybersecurity maturity against PwC’s Cybersecurity framework;
  • Support in the definition of a security strategy to reach a security maturity level aligned to your expectations;
  • Roadmap to achieve this strategy, with detailed project sheets.
Key benefits
  • Cybersecurity strategy and objectives defined, aligned with business objectives and security initiatives; identified, prioritised, planned and explained to achieve these objectives.

Contact us

Greg Pitzer

Cybersecurity Leader, PwC Luxembourg

Tel: +352 49 48 48 2068

Frédéric Vonner

Privacy Leader, PwC Luxembourg

Tel: +352 49 48 48 4173

Koen Maris

Cybersecurity Director, PwC Luxembourg

Tel: +352 49 48 48 2096

Follow us