Who We Are
IT WORKS S.A. is an independent Luxembourg-based consulting services company offering objective advices and high-end strategic and technical support developed by our world-class team of multi-certified consultants.
Established in 2003, we are now recognized by local and international businesses as being one of the leaders in our field.
We are the only business and technical consulting company in Luxembourg to offer objective, independent expertise and we are committed to providing professional, high-end, best-of-breed technical solutions and business advices based on technologies regardless of the vendor platform.
Each of our consultants has more than 10 years of experience in a wide range of business and technical skills coupled with some of the most recognized technology-oriented certifications:
CISSPCertified Information Systems Security Professional - ISC2
CISMCertified Information Security Manager - ISACA
ISO 27001Information technology -- Security techniques -- Information security management systems - Lead Auditor
ISO 20000Information technology -- Service management - Lead Auditor
ISO 13569Financial services -- Information security guidelines
Former PCI - QSA (until 2016)Payment Card Industry Qualified Security Auditor
Former PCI - ASV (until 2016)Payment Card Industry Approved Scanning Vendor
SNIAStorage Networking Industry Association
Even if we do not sell any hardware or software we have built high-level partnerships with industry leaders in each IT domains. These relationships enable us to offer a wide range of world-class expertise in the following broad areas:
- Payment Card Industry Security Services
- Information Security Management Systems (ISMS)
- IT Service Management Systems (ITIL)
- Risk analysis and management
- Access & Identity Management
- Data / Voice converged networks
- Storage Networking
- IT systems, applications & services high availability
- Security and Trust Services
- Strategic IT/Business Alignment
- Business Continuity and Disaster Recovery Planning
- Data/Systems Management
- Payment Card Industry Security Services

Keep Information Security Business Centric
New data security regulations have elevated issues of information security to the strategic levels of organizations. A problem arises when the CISO is not able to advise the management properly because he is not able to articulate security issues in business terms.
Security specialists are often much more technology specialists than they are business experts.
They have to learn to focus less on information security and more on information assurance, involving the availability and integrity of data. Risk avoidance is less important than risk management. A risk management approach has to involve an analysis and prioritization of the information risks an organization faces and articulating them in business terms.

IT Security is a governance and management concern
Although security investment justifications usually focus on the negative impacts of realized security risks, companies should consider how investing in security can help them to...
- enable new and improved types of products and services
- improve market and brand position by being known as a trusted partner and a trusted provider of products and services
- communicate with customers in a reliable, cost-effective, timely manner
- conduct transactions with greater integrity and privacy, thus ensuring business throughput, customer satisfaction, and customer confidence, which can help to create and sustain customer loyalty
- enable new types of customer/supplier engagement, including more timely and reliable value- and supply-chain interactions
Insufficient security investment will definitely increase the risk of compromise of company's business assets like:
- Stakeholder value
- Trust
- Compliance and legal liability
- Customer and partner identity and privacy
- Ability to fulfill business requirements
Conversely, adequate security investment in these areas can create business opportunity.

Useful Related Links
Cases Luxembourg
Portail de la sécurité de l'information du Ministère de l'Economie et du Commerce extérieur.
www.cases.public.luSecurityFocus
Be up to date and find out about the latest security vulnerabilities.
www.securityfocus.com