Contact us

Certification and compliance preparation

Structure, demonstrate, and accelerate your security

A single path to prepare for your certifications and prove your compliance.

ISO 27001, NIS2/DORA, IEC 62443… a consistent system, without redundant projects.

Our approach

(common to all standards)

Flash diagnosis

Mapping, multi-standard standard deviation, risk/impact prioritization

Governance & Risks

Policy, roles, risk register, objectives, and indicators

Controls and evidence

Procedures, logging, IR/BCP/DRP plans, dashboards

Pre-audit & maintenance

Internal audits, exercises, authority/auditor coaching, run & improvement

Dora

Finance sector

DORA requires tangible resilience for financial players. We establish clear management, a reporting system compatible with the authorities, and an accurate overview of dependencies on critical suppliers. Contracts exude control, resilience tests become regular events, and crisis communication is ready. Your services remain operational, even when IT falters.

Learn more about DORA

ISO 27001

Voluntary

ISO 27001 provides a clear direction: protect information and prove it. Governance is established, risks are assessed as they are, and simple rules that stand the test of time are formalized. Access, backups, incident handling: everything is clear and measurable. Ultimately, you come away with a clear policy, an understandable risk register, and an audit kit that facilitates certification.

Learn more about ISO 27001

IEC 62443

Industrial sector

IEC 62443 speaks the language of the workshop. Sensitive areas are clearly separated, security is tightened without adding unnecessary complexity, and only the information needed to keep production secure is documented. Authorized flows are visible, changes follow a defined path, and maintenance no longer creates vulnerabilities. The line remains productive, and stays that way for a long time.

Learn more about IEC 62443

NIS2

Legal obligation

NIS2 emphasizes the ability to respond quickly and be accountable. Roles are clarified, including those of management, and messages are prepared in advance so they can be sent out in a timely manner. Relationships with service providers are defined, evidence is organized, and reflexes are trained. When an incident occurs, everyone knows what to do, when to say it, and how to demonstrate it.

Learn more about NIS2

Part-IS

Aviation sector

PART-IS sets the rules for aviation cybersecurity: protecting critical systems and proving it, without compromising operational safety. It structures governance, manages digital risks such as theft, and implements simple controls that stand the test of time. Embedded systems, maintenance, air traffic: everything is regulated and traceable. Ultimately, you come away with an ISMS ready for EASA audits, a clear compliance plan, and actionable evidence.

Learn more about PART-IS

Our articles

Discover the latest news and trends in governance and compliance.

The Domino Effect of Cyber. Why EASA and Part IS require you to monitor your suppliers.

CaRE Program – Area 2: Funding for your medical-social institution

Protecting workstations and infrastructure: a vital issue for hospitals and healthcare organizations

All our articles

Our services

Analyse de risques EBIOS RM

Certification and compliance preparation

Awareness and training

Security policies and internal charters

ISO 42001 & SMIA support

Outsourced CISO​

Supplier evaluation

Organizational Audit

Technical Audit

Phishia CTI

BCP & DRP

Cyber crisis management exercise

Support for employees

Post-incident assistance and remediation

About us

Our blog

Contact us