GOVERNANCE & COMPLIANCE


"SCASSI made a significant contribution that allowed us to get the initial ISO 27001 certification of our Cloud Services, by providing the appropriate advice and expertise for this strategic project. Following this success, we continue to place our trust in SCASSI to help us to manage our ISMS and to ensure our compliance with other standards such as ISO 20000 or ISAE 3402" 

Pierre DARPHIN, Security & quality manager, Cloud Services departments,Cegedim Activ

IS risk and compliance management is crucial to operate in many industries. It must be implemented systematically and organised in such a way to ensure a perfect control of operations. SCASSI engineers can support at every step of the process, from the diagnostic till the implementation, the monitoring and the improvement of your plans, in order to ensure their compliance towards risk management regulations and policies.

We help our clients implement a security management system, through a risk-driven approach:

  • Organisational & physical audits
  • Risk analysis (custom-made or standard)
  • Compliance with Security database laws and regulations: ISO 27001, MPL, ii901, GDPR, GRS, HDS (health data), PCI-DSS
  • Security processes: IS homologation, project security, access management…
  • Security policy and ISSM coaching
  • Steering and management of security (indicators, dashboard, plans…)
  • PCA and PRA: emergency strategies, steering, crisis management