EBIOS, the French reference method, helps organizations to identify and understand their own digital risks. It allows determining security controls that suit to the threat and setting up the monitoring and continuous improvement framework following a risk analysis shared at the highest level.
On the ANSSI website: EBIOS Risk Manager
The CNIL’s PIA Guides have been updated to provide a tool for the General Data Protection Regulation (GDPR).
The methodological approach is an privacy specific instantiation of the EBIOS toolbox.
It allows to build and demonstrate compliance with the GDPR of a processing of personal data.
The guides (the methodology, the templates and the knowledge bases) are provided with a free software, case studies, guidelines, etc.
On the CNIL’s website: Privacy Impact Assessment (PIA)