DECISION – Risk and Transformation
Thanks to its agile and operational approach, Synetis is able to support SMEs and large companies with the Definition, Implementation and Monitoring of Cybersecurity.
Our approach is pragmatic, provides a 360° vision of your security, allows budget optimization by focusing on your major risks, and is a possible starting point for a roadmap.
Decides: ISP Service Centre
As Group CISO, you are responsible for steering and managing the Integration of Security into Projects (ISP); this translates as an annual portfolio of 20 to 100 projects which, throughout their development and life cycles, create new risks for your company that need to be identified, managed and monitored.
To this end, your team of in-house employees and external service providers conduct qualifications, analysis and monitoring in conjunction with your business areas, the IT department and suppliers. Such a methodology is, at best, perfectible. And, for sure, one cannot consider it to be industrialized. Such a methodology is based on office automation tools such as Excel, which are poorly adapted and difficult to evolve and tailor. All of these activities involve a substantial budget, and it is difficult to supervise and report on them effectively. And, at the end of the day, we find ourselves wondering “What is my actual level of risk?” “Are my he projects sufficiently protected?” “Are the measures effective?” You would very much like to have answers to these questions.
With the Synetis ISP Services Center and its integrated approach, you can:
- achieve substantial budget optimization by relying on shared resources and tools ;
- benefit from an expertise and a field-tested methodology adapted to your needs, whose implementation is tailored to each project in a pragmatic approach;
- industrialize the ISP process, the method (criteria for taking charge of project security, catalog of security measures…) tools and deliverables;
- benefit from the right level of reporting and monitoring, both in terms of activity and performance.
As part of its implementation, we carry out an initial phase known as ISP diagnosis , which enables us to assess your level of maturity: what processes are in place? do control systems already exist? how is project security integrated into the company’s overall risk management? what is the level of sensitivity of the various players?
Armed with this information, we are launching the industrialization phase designed to adapt the ISP Services Center’s base to your needs and specificities, and are setting up an efficient run system : from project qualification to the delivery of risk analyses, via global management.
Our methodology is well developed, and we are committed to service levels.
Decide : Time-share RSSI
Decide: Crisis Management
The COVID-19 crisis has tested the resilience of your company… maybe you have observed a need to run, improve or even implement crisis-management processes COVID-19 put the spotlight on remote working. So, your people need new training and you need to update your workplace policies to take into account this new constraint and the new associated risks.
Synetis, with its operational experience in crisis management, can put its expertise and know-how at your disposal.
Our consultants have recognized Business Continuity Plan (BCP) expertise validated by several years of operational practices.
We assist you in defining or updating your crisis plan, prepare and carry out a simulation, doing so on the basis of a pre-defined scenario. Post simulation, we prepare a progress report.
For this service, our deliverables are composed of six steps:
- Scoping note for the mission, including the formalization of the macro-scenario
- Documentary package of the exercise composed of:
- Detailed timeline of the scenario
- Detailed Stimuli
- Briefing material for the parties involved (including information memo)
- Observer tool kit (including the analysis and observation grid)
3. Briefing support for coordinators and observers
4. General rehearsal
- Awareness-raising materials
- Facilitation of the awareness-raising session
5. Crisis-management simulation, followed by a hot debriefing
6. Yearly Review Report