Services
Seven engagement areas. Deliverables and engagement formats are detailed for each.
IEC 62443 end to end: zones & conduits architecture, IACS hardening, gap analysis (SL-T / SL-C), OT policies and procedures, compliance roadmap.
- Architecture HLD / LLD (zones, conduits, DMZ).
- SL-T / SL-C gap analysis report.
- Prioritised roadmap & OT policies.
- Short diagnostic or long-term engagement.
- On-site (workshops, FAT/SAT) or remote.
ISMS (ISO 27001 / NIS2), risk assessments (EBIOS RM / ISO 27005), DLP policy & classification, compliance audits, DRP & BIA.
- ISMS documentation set & Statement of Applicability.
- Risk assessment report and treatment plan.
- Audit report with prioritised action plan.
- Scoped mission (pre-certification, NIS2 readiness).
- Business & IT workshops, remediation follow-up.
AD / Entra ID, M365, PAM / SSO / MFA, GPO audits, RBAC / ABAC models, Zero-Trust, access reviews and hardening.
- RBAC / ABAC role matrix and access processes.
- Audit report (GPO, privileged accounts).
- Hardening plan and PAM / MFA design.
- One-off review or full IAM transformation programme.
- Integration with your tooling (ServiceNow, ITSM).
Architecture and configuration reviews, posture assessment, controlled testing, DRP tests, hardening recommendations.
- Detailed audit report & executive summary.
- Risk-prioritised remediation plan.
- Per-device hardening recommendations.
- Short diagnostic (2 to 10 days) depending on scope.
- Restitution to ExCo or technical teams.
Phishing campaigns, immersive workshops (security escape-game), best practices, playbooks, coaching for teams and executives.
- Consolidated campaign reports (executive & detailed).
- Workshop materials and hands-on scenarios.
- Playbooks & good-practice guides.
- Recurring campaigns or one-off intervention.
- On-site or remote sessions, FR / EN.
Agile delivery (Scrum / Kanban), scoping, roadmap, vendor management, reporting & KPIs.
- Scoping note & project roadmap.
- Dashboards, reporting & KPIs.
- Vendor tracking files (FAT / SAT).
- Part-time or full-time security PMO.
- Multi-team programme management.
From scoping to integration: solution selection, documentation and skills transfer to your IT / OT teams.
- Solution selection file (comparison, recommendation).
- Operations documentation & diagrams.
- Skills transfer plan.
- Format adapted to your need and constraints.
- Commitment on measurable results.