Case Study - Aerospace - Risk analysis and ISS compliance

Risk analysis and ISS compliance

We were integrated into a department dedicated to risk management and compliance of sensitive Information Systems (IS).

More specifically, it focuses on Information Systems Security (ISS) expertise and has the following goals:

Assessing the combined compliance of sensitive IS with II 901, GDPR and PPST and export rules;
Conducting risk analyses on these IS based on the EBIOS 2010 methodology;
Supporting IS managers in the implementation of corrective measures;
Improving the process in place, the tools, and training the junior consultants.

Our security expertise and an understanding of the challenges of sensitive IS.

Our ability as a service provider to interact with the managers of a wide range of IS.

Familiarity with legal frameworks (exports, privacy, national defence).

Our ability to provide feedback to decision-making bodies (CSO, CISO, export control).

Streamlining of reference systems and industrialization of tools.