Security analysis is a diagnosis of the risk factors to which an organization exposes its information system.

It corresponds to an IS inventory, a mapping in its current version in order to identify the security rules in force: physical and digital IS security, to identify shortcomings and areas for improvement and to list recommendations according to the company, its activities and its investment capacity

Risk Analysis is a process used to understand the nature of the hazards and to determine the level of risk of the company.

This risk analysis then determines recommendations to be implemented and proposes an associated action plan.

This risk analysis examines all potential risk areas with the aim of assessing:

• The technical context and the specific target IT environment,
• Business imperatives and their consequences on the information system,
• The strengths and weaknesses of the IS implemented, administered and used,
• Operational and organizational strengths and weaknesses,
• Identification of areas of progress based on associated best practices

The ISO Gap is a gap analysis to the requirements of the ISO 27001 Standard and/or others.

This analysis makes it possible to identify deviations from the standard and determine mandatory compliance requirements

ISO 27001 is a standard related to the information security management system (WSIS or ISMS, Information Security Management System). ). It is an international repository of security practices, comparable to NIST SP-800. This standard helps organizations improve their security, comply with cyber security regulations and protect and improve their reputation.

The ISO 22301 standart makes it possible to understand and prioritize the threats facing the company.

It specifies the requirements of a management system to protect the company from disruptive incidents, reduce their probability and ensure recovery. This certification allows you to anticipate and improve the resilience of your organization.

Fire, cyber attacks, disruption of the telephone network… a disaster can quickly jeopardize an organization and its relationships with its customers.

What we do:

• Carrying out an IS security inventory
• Analysis and evaluation of security measures already in place
• Implementation of a guidance plan and recommendations to improve the security policy
• Risk analysis to identify the different risks involved
• Business case

(GDPR: General Data Protection Regulations)

This gap analysis and compliance analysis with the provisions of the General Regulation on the Protection of Personal Data, which entered into force on 25/05/2018 (EU).

This makes it possible to verify the compliance of the organization and its information system with the requirements of the Regulations, to identify gaps and areas for improvement, to highlight strengths and to establish a provisional action plan.

Objective: to establish a real risk mapping and a precise mapping between the treatments carried out and the solutions involved

What we can do for you:

• Analysis of your Information System

We assess the gap between your current organization and the requirements of the GDPR. We will then be able to determine the size of the challenge in front of you.

• Assistance with compliance

We provide you with turnkey, personalised support in order to comply with the new European regulation on the protection of personal data.

• Provision of a DPO (Data Protection Officer)

We provide you with a Data Protection Officer who will be the true leader of data protection compliance.