The productions related to EBIOS

1. Risk management in general | 2. Cybersecurity implementation | 3. Privacy implementation

Submit a production

In a spirit of sharing and reuse, the productions that are the exclusive property of their authors are, unless otherwise specified and subject to the intellectual property rights of third parties, made available under the terms of the following license:

CC BY

Risk management in general

Standards

  • ISO 31000 – Risk management
    This international standard defines the vocabulary and the principles which must be respected by any risk management approach, whatever its field of application. >See the tandard (paying)

Methods

  • EBIOS Generic Approach
    This guide is the EBIOS* generic approach. It provides a common base to any sector-specific breakdown. Initially designed for information security, EBIOS can be employed in all fields using the appropriate techniques and knowledge bases. EBIOS allows us to assess and treat risks. It also supplies all the information required for communication within the organization and ...

Q&A

                Cybersecurity implementation

                Standards

                Methods

                • The ANSSI’s method: EBIOS Risk Manager
                  EBIOS, the French reference method, helps organizations to identify and understand their own digital risks. It allows determining security controls that suit to the threat and setting up the monitoring and continuous improvement framework following a risk analysis shared at the highest level. On the ANSSI website: EBIOS Risk Manager Listen to the podcast with Fabien CAPARROS ...

                  Tools

                  • ALL4TEC: Agile Risk Manager
                    Collaborate efficiently for your EBIOS Risk Manager analyses! From the EBIOS Risk Manager method to its agile and collaborative application Agile Risk Manager is designed to support you in the implementation of risk analysis using the EBIOS Risk Manager method. Take advantage of the strength of an adapted tool to focus on the fundamental values highlighted by ...

                            Articles, interviews, videos, academic researches

                            Workshop 1 – Scope and security baseline

                                Q&A

                                      Alternative techniques

                                      • A Privacy Baseline
                                        The following document can be used for determining the baseline of the Workshop 1 of EBIOS Risk Manager, when the scope of the study is a processing of personal data: > Download It constitutes a declaration of applicability relating to the fundamental principles related to the protection of privacy. The other Workshops of the study makes it possible ...

                                            Workshop 2 – Risk origins

                                                                Workshop 3 – Strategic scenarios

                                                                                    Workshop 4 – Operational scenarios

                                                                                                        Workshop 5 – Risk treatment

                                                                                                                            Privacy implementation

                                                                                                                            Standards

                                                                                                                            Methods

                                                                                                                            • The CNIL’s PIA Guides
                                                                                                                              The CNIL’s PIA Guides have been updated to provide a tool for the General Data Protection Regulation (GDPR). The methodological approach is a privacy specific instantiation of the EBIOS toolbox. It allows to build and demonstrate compliance with the GDPR of a processing of personal data. The guides (the methodology, the templates and the knowledge bases) are provided ...

                                                                                                                              Tools

                                                                                                                              • The CNIL’s PIA Tool
                                                                                                                                The open source PIA software helps to carry out data protection impact assesment. The PIA software aims to help data controllers build and demonstrate compliance to the GDPR. The tools is available in French and in English (and many other languages). It facilitates carrying out a data protection impact assessment. This tool also intends to ease ...

                                                                                                                                  Alternative techniques

                                                                                                                                  • A Privacy Baseline
                                                                                                                                    The following document can be used for determining the baseline of the Workshop 1 of EBIOS Risk Manager, when the scope of the study is a processing of personal data: > Download It constitutes a declaration of applicability relating to the fundamental principles related to the protection of privacy. The other Workshops of the study makes it possible ...

                                                                                                                                        EBIOS on the web