Derisk Advisory is a boutique advisory firm based in Luxembourg with over 20 years of experience, primarily serving the financial services sector. The company specializes in Information and Communication Technology (ICT) and cybersecurity, helping clients manage technology risks and navigate complex regulatory landscapes.

Their core activities include:

Governance and Risk Management: Assisting with the implementation of risk management frameworks, defining risk appetite, and providing external advice to boards.

ICT and Cybersecurity: Offering services such as policy and procedure development, gap assessments against regulations like DORA, incident management support, and assistance with selecting security tools.

Third-Party Risk Management: Helping clients manage risks associated with their service providers, from due diligence to regulatory notifications.

Internal Audit: Supporting internal audit functions by developing audit plans and executing audit missions focused on technology and cybersecurity.

Training and Interim Management: Providing tailored training on regulations (DORA, NIS2, AI Act) and offering interim management for key ICT and security roles.