GOVERNANCE & COMPLIANCE


"Scassi has contributed significantly to the achievement of the initial ISO 27001 certification of our Cloud Services activities, providing the appropriate advice and expertise for this strategic project. Building on this success, we continue to trust Scassi to help us manage our SMSI, ensuring consistency with other standards such as ISO 20000 or ISAE3402."

Pierre DARPHIN, Responsable Sécurité & Qualité Dpt Cloud Services, CEGEDIM ACTIV

 

 

 

IS risk and compliance management is crucial to operate in many industries. It must bi implemented systematically and organised in such a way  to ensure a perfect control of operations. SCASSI engineers can support at every step of the process, from the diagnostic till the implementation, the monitoring and the improvement of your plans, in order to ensure their compliance towards risk management regulations and policies.

We help our clients implement a security management system, through a risk-driven approach :

  • Organisational & physical audits
  • Risk analysis (custom-made or standard)
  • Compliance with Security database laws and regulations : ISO 27001, MPL, ii901, GDPR, GRS, HDS (health data), PCI-DSS
  • Security processes : IS homologation, project security, access management...
  • Security policy and ISSM coaching
  • Steering and management of security (indicators, dashboard, plans...)
  • PCA and PRA : emergency stategies, steering, crisis management