Safeguard your clients' sensitive data
Skip Ribbon Commands
Skip to main content

This system library was created by the Publishing feature to store pages that are created in this site.

Safeguard your clients' sensitive data

courseType Technical Skills, Financial Sector

Course preview

No content to display

Show interest form

Please fill this form and you will get notified when a new session is available.

* * * * *
  terms and conditions.

*  required information

Contact PwC's Academy

Phone +352 49 48 48 4040

PwC's Academy
2 rue Gerhard Mercator
L-2182 Luxembourg
map & driving instructions

cancellation policies

general terms and conditions

Cofinancement de la formation: les nouvelles dispositions législatives 2018

Pour plus d'informations veuillez consulter notre article.

Ou directement : Lifelonglearning​​

Interested in a in-house workshop?

Please let us know if you are interested in organising this training course as an in-house training workshop.

Send us more information

Related courses

General course details


The handling of sensitive information remains one of the key concerns for organizations. Recent events regarding the disclosure of client-related data in the banking sector have again underlined the importance of this subject. Significant reputational risks and financial penalties are often the direct effects organizations face when confronted with data loss.

Modern technologies facilitate the storage, transmission and duplication of data. Due to the ever increasing volumes of information handled by organizations as well as its borderless flow through a greater number of channels, the challenge of safeguarding information has become increasingly complex. Furthermore, changing operating models of organizations (e.g. outsourcing of non-core activities) also require the transmission of information to external entities.

Regulatory requirements on the other hand demand an adequate level of protection with regards to sensitive data which is captured, processed, transmitted or archived. Information Security Officers aim to strike the right balance between several objectives: the provision of adequate security measures, while minimizing the interference with the organizations business processes and compliance with regulatory requirements. While a number of technical solutions are available which are supposed to mitigate the risk of data loss (e.g. content-aware DLP suites), their implementation is only one element in a holistic approach to be taken by organizations who seek to improve their ability to protect their sensitive data. In this respect, organizations face the following challenges and questions:

  • What kind of data does the organization consider to be of sensitive nature and where does it reside?
  • Which regulatory requirements does the organization need to comply with?
  • Have all risks related to the handling of sensitive data been identified and accounted for?
  • Which measures and controls could be implemented to further reduce these identified risks?
  • How can the organization anticipate future changes regarding the regulatory requirements and business needs?
To assist you in these challenges, PwC's Academy is pleased to offer a dedicated training workshop which provides participants with an overview of different scenarios requiring the handling of sensitive data, applicable regulatory requirements as well as an approach to better manage the handling of sensitive data within your organization.


At the end of the training, participants will be able to:
  • Reflect on their organization to identify processes involving the handling of sensitive data
  • Explain the main types of risks related to the handling of sensitive data
  • Describe the main regulatory requirements related to the handling of sensitive data
  • Adopt a holistic approach to address risks related to the handling of sensitive data


Section 1: Introduction: Setting the scene
  • Growing importance of data protection in light of recent events and regulatory and tax requirements
Section 2: Context: Why organizations need to handle sensitive data
  • Scenarios and market issues which organizations are facing today
Section 3: Identification of risks related to the handling of sensitive data
  • Operational, regulatory and reputational risks
  • Establishing the link with the organization’s risk strategy
  • Identifying and assessing internal controls to mitigate risks related to the handling of sensitive data
Section 4: Regulatory requirements: Responsibilities of organizations handling sensitive data
  • Defining sensitive data
  • Main principles (banking secrecy, data privacy law, CSSF circulars, MiFID)
  • Processing of personal data (main principles, formalities and anticipated impact by the European Regulation)
Section 5: A practical approach to safeguarding sensitive data
  • Identifying all relevant data
  • Classifying data
  • Introducing standards and procedures
  • Available technical solutions – an overview
  • Monitoring and continuous alignment
Section 6: Outlook - preparing for the future
  • Trends in the market
  • Potential future regulatory and tax changes

Target audience

Financial Institutions, who would like to understand the regulations and risks related to handling sensitive data as well as practical measures to address these risks:
  • IT managers
  • HR managers
  • Compliance officers
  • (Operational) risk managers
  • Internal auditors
  • Security officers
  • Department heads


This training is coordinated by Florian Bewig, Director in Risk Assurance Advisory Services, PwC Luxembourg. The different sessions will be presented by PwC IT audit and tax experts.


Florian bewig.tif
Florian is a Director in the Risk Assurance Advisory Services where he mainly focuses on Information Technology internal control and regulatory compliance engagements. lorian is a Director in the Risk Assurance Advisory Services where he mainly focuses on Information Technology internal control and regulatory compliance engagements.
Since he joined PricewaterhouseCoopers in 2001, Florian has specialised in the review of internal controls mainly in the context of statutory audit assignments and third party assurance engagements for financial institutions. Florian is also specialized in assessing the feasibility of IT-sourcing projects, both from a regulatory as well as operational point of view.
Florian is also providing technical trainings on an ongoing basis to both colleagues and clients, covering areas such as developing an IT audit approach, protection of sensitive data and regulatory requirements regarding IT outsourcing.​




Number of participants

Limited to 20 participants, to ensure good interactivity


0.5 day

© 2020 PricewaterhouseCoopers Academy S.à r.l. All rights reserved. "PwC" refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.
This website uses cookies to provide a personalized browsing experience and appropriate site functionality.
By using this site, you agree to our use of cookies as outlined in our cookies policy. More information