IoT Trust - mobilize connected world through Digital Trust

Your expert for questions

Hendrik Reese

Hendrik Reese
Director Artificial Intelligence at PwC Germany
Tel: +49 1517 0423201

Trust and transparency for Internet of Things

The Internet of Things (IoT) is created by numerous connected devices. The resulting extensive and complex data processing chains raise questions about control and monitoring for both the provider of IoT services and the user itself. It is particularly important to focus not only on the risk management but also on the offered opportunities leading to successful transformation. The best practices developed in early stages are a good contribution to these opportunities. It is important that they are manifested in an aligned operational concept, which includes guideless and monitoring controls.

The basic data protection in the process of data collection and transfer, control and monitoring of IoT devices, as well as the data processing and analysis are essential aspects required for establishment and operation of an efficient and secure IoT infrastructure. Thereby, the properly working IoT initiative implies the choice of the right platform, strong governance and control system. These enable gathering reliable data and ensure operational security. Also, the standards for interfaces and communication ensure seamless integration between IoT edge devices and integration of applications. From a risk management perspective, it is important to anticipate failures related to the aforementioned aspects and implement appropriate measures. In a connected world these aspects shape the value chains and impact the customer experience. In consideration of all these criteria the operators and suppliers ensure a high investment security.

In the complex and connected IoT-environment the fundamental challenge is to simultaneously manage and control systems, processes and data, as well as the risks and dependencies related to them. The GRC Framework of PwC helps to create trustworthy IoT solutions supported by proven best practices. It also allows to design the processes for IoT governance and control, which are necessary to secure IoT environments. The GRC Framework guides through the implementation of these processes in an organization and ensures their sustainable and secure operation.

Service offering


Definition of appropriate IoT Governance structures, processes and controls considering relevant business requirements, risks and compliance requirements for your IoT engagement by

  • defining appropriate IoT Risk Management and corresponding IoT policies as general guidelines as well as suitable KPIs to effectively steer and monitor your IoT initiatives
  • development of processes and controls for specific IoT solutions considering the internal IoT policies, individual risks and business requirements


Increase transparency on your IoT environment, processes and controls and get recommendations to address relevant gaps by:

  • performing a maturity assessment on your IoT Governance and Risk Management structures
  • obtaining an in-depth understanding of data cleansing, transformation, aggregation and reporting operations as applicable
  • evaluate risks and corresponding control coverage including documentation concerning considerations of relevant risks and their treatment as well as deviations from good practice
  • evaluation of platform selection,planned target operating model,implemented solutions, processes and controls


Prove trust towards internal and external IoT stakeholders by

  • ensuring completeness of regulatory requirements taken into considerations, based on your specific business profile
  • providing industry best-practices based on established standards, frameworks and criteria catalogues
  • testing the design and the operating effectiveness of your IoT internal controls and reporting on the results (for example as ISAE 3000 (revised))

“A key success factor for the acceptance of an IoT solution, as it applies to all new technologies and fundamental developments, is the issue of trust. To create this, we combine our know-how about the opportunities in the Internet of Things with our expertise to anticipate the challenges and risks of this emerging technology.”

Hendrik Reese,Director, Artificial Intelligence at PwC Germany
Follow us

Contact us

Hendrik Reese

Hendrik Reese

Partner, PwC Germany

Tel: +49 1517 0423-201

Rico Gottschald

Rico Gottschald

Assurance, PwC Germany

Tel: +49 89 5790-5141