{"id":955,"date":"2024-07-16T13:33:18","date_gmt":"2024-07-16T13:33:18","guid":{"rendered":"https:\/\/nis2compliant.org\/?p=955"},"modified":"2024-08-14T19:52:06","modified_gmt":"2024-08-14T19:52:06","slug":"how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001","status":"publish","type":"post","link":"https:\/\/nis2compliant.org\/fr\/comment-mettre-en-oeuvre-les-mesures-de-cybersecurite-nis-2-avec-iso-27001\/","title":{"rendered":"Comment mettre en \u0153uvre les mesures de cybers\u00e9curit\u00e9 NIS 2\u00a0: cartographie avec ISO 27001"},"content":{"rendered":"<div data-elementor-type=\"wp-post\" data-elementor-id=\"955\" class=\"elementor elementor-955\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-31ee495 elementor-section-boxed elementor-section-height-default elementor-section-height-default tf-sticky-section tf-sticky-no\" data-id=\"31ee495\" data-element_type=\"section\" data-settings=\"{&quot;tf_sticky&quot;:&quot;no&quot;}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-f5e6b28\" data-id=\"f5e6b28\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c5c2f41 elementor-widget elementor-widget-heading\" data-id=\"c5c2f41\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.22.0 - 26-06-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">Comment mettre en \u0153uvre les mesures de cybers\u00e9curit\u00e9 NIS 2\u00a0: cartographie avec ISO 27001\n<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1ba9bbc elementor-widget elementor-widget-image\" data-id=\"1ba9bbc\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.22.0 - 26-06-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"800\" height=\"448\" src=\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-1024x573.png\" class=\"attachment-large size-large wp-image-956\" alt=\"\" srcset=\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-1024x573.png 1024w, https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-300x168.png 300w, https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-768x430.png 768w, https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-1536x860.png 1536w, https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3-18x10.png 18w, https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png 1879w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3b7beef elementor-widget elementor-widget-text-editor\" data-id=\"3b7beef\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.22.0 - 26-06-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p><span style=\"font-weight: 400;\">Si vous devez vous conformer \u00e0 la directive NIS 2, vous vous demandez peut-\u00eatre comment proc\u00e9der. La directive d\u00e9crit les objectifs \u00e0 atteindre, mais ne fournit aucune indication sur la mani\u00e8re de proc\u00e9der.<\/span><\/p><p><span style=\"font-weight: 400;\">L&#039;une des meilleures fa\u00e7ons de s&#039;attaquer \u00e0 cette t\u00e2che de conformit\u00e9 est de suivre un cadre de cybers\u00e9curit\u00e9 \u00e9tabli. Dans cet article, je vais examiner si la norme ISO 27001, la principale norme internationale de cybers\u00e9curit\u00e9, peut aider \u00e0 r\u00e9pondre \u00e0 ces exigences.<\/span><\/p><p><span style=\"font-weight: 400;\">La norme ISO 27001 peut couvrir la plupart des exigences de cybers\u00e9curit\u00e9 de la norme NIS 2, \u00e0 l\u2019exception des rapports d\u2019incidents.<\/span><\/p><h3><b>Quelles sont les exigences en mati\u00e8re de cybers\u00e9curit\u00e9 et de reporting dans NIS 2\u00a0?<\/b><\/h3><p><span style=\"font-weight: 400;\">Examinons ce que les entreprises doivent mettre en \u0153uvre. Il est int\u00e9ressant de noter que seuls trois articles de l&#039;ensemble de la directive NIS 2 sont particuli\u00e8rement pertinents pour les organisations essentielles et importantes qui doivent se mettre en conformit\u00e9.<\/span><\/p><p><b>\u00a0\u00a0\u00a0\u00a0Article 20 \u2013 Gouvernance<\/b><\/p><p><b>\u00a0\u00a0\u00a0\u00a0Article 21 \u2013 Mesures de gestion des risques de cybers\u00e9curit\u00e9<\/b><\/p><p><b>\u00a0\u00a0\u00a0\u00a0Article 23 \u2013 Obligations de d\u00e9claration<\/b><\/p><p><span style=\"font-weight: 400;\">Tous les autres articles du NIS 2 sont essentiellement destin\u00e9s aux organismes gouvernementaux qui doivent appliquer le NIS 2.<\/span><\/p><p><span style=\"font-weight: 400;\">Vous trouverez une description d\u00e9taill\u00e9e des exigences des articles 20 et 21 dans le tableau ci-dessous.<\/span><\/p><p><b>La norme ISO 27001 est-elle pertinente pour NIS 2\u00a0?<\/b><\/p><p><span style=\"font-weight: 400;\">Bien que la norme NIS 2 ne mentionne pas explicitement la norme ISO 27001, elle encourage l\u2019utilisation de \u00ab normes europ\u00e9ennes et internationales pertinentes \u00bb. En outre, le pr\u00e9ambule de la norme NIS 2 sugg\u00e8re d\u2019utiliser la s\u00e9rie de normes ISO\/IEC 27000 pour la mise en \u0153uvre de mesures de cybers\u00e9curit\u00e9.<\/span><\/p><p><span style=\"font-weight: 400;\">La norme ISO 27001 est bien consid\u00e9r\u00e9e par l&#039;ENISA, l&#039;Agence de l&#039;Union europ\u00e9enne pour la cybers\u00e9curit\u00e9 :<\/span><\/p><p><span style=\"font-weight: 400;\">Outil de cartographie de l&#039;ENISA : l&#039;ENISA a d\u00e9velopp\u00e9 un outil qui met en correspondance les clauses et les contr\u00f4les de la norme ISO 27001 avec les exigences de la directive NIS d&#039;origine (le pr\u00e9d\u00e9cesseur de NIS 2).<\/span><\/p><p><span style=\"font-weight: 400;\">Rapport 2017 : Dans le rapport \u00ab Cartographie des exigences de s\u00e9curit\u00e9 des OES pour des secteurs sp\u00e9cifiques \u00bb, l&#039;ENISA a identifi\u00e9 la norme ISO 27001 comme la norme la plus couramment suivie par les op\u00e9rateurs de services essentiels (OES) devant se conformer \u00e0 l&#039;ancienne directive NIS.<\/span><\/p><p><span style=\"font-weight: 400;\">Rapport 2021 : Le rapport \u00ab Investissements NIS \u00bb a not\u00e9 qu&#039;une majorit\u00e9 d&#039;organisations (51.1%) conformes \u00e0 l&#039;ancienne directive NIS ont certifi\u00e9 leurs syst\u00e8mes et processus sur la base de la certification ISO 27001.<\/span><\/p><p><span style=\"font-weight: 400;\">Compte tenu de ces points, ainsi que de l\u2019acceptation mondiale de la norme ISO 27001 en tant que norme ISO et de sa pr\u00e9dominance dans la s\u00e9rie ISO 27000, la norme ISO 27001 est un choix logique pour atteindre la conformit\u00e9 NIS 2.<\/span><\/p><h2><b>Carte des articles NIS 2 avec clauses et contr\u00f4les ISO 27001<\/b><\/h2>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4352d58 elementor-widget elementor-widget-text-editor\" data-id=\"4352d58\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>\u00a0<\/p><div><div dir=\"ltr\" style=\"margin-left: 0pt;\" align=\"left\"><table style=\"border: none;\"><colgroup> <col width=\"170\" \/> <col width=\"134\" \/> <col width=\"152\" \/> <col width=\"144\" \/><\/colgroup><tbody><tr style=\"height: 38.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; background-color: #44b3e1; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; text-align: center; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 12pt; font-family: Arial, sans-serif; color: #ffffff; background-color: transparent; font-weight: bold; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Exigence NIS 2<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; background-color: #44b3e1; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; text-align: center; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 12pt; font-family: Arial, sans-serif; color: #ffffff; background-color: transparent; font-weight: bold; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article NIS 2<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; background-color: #44b3e1; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; text-align: center; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 12pt; font-family: Arial, sans-serif; color: #ffffff; background-color: transparent; font-weight: bold; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Clause ou contr\u00f4le ISO 27001<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; background-color: #44b3e1; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; text-align: center; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 12pt; font-family: Arial, sans-serif; color: #ffffff; background-color: transparent; font-weight: bold; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Document sugg\u00e9r\u00e9<\/span><\/p><\/td><\/tr><tr style=\"height: 68.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Les organes de gestion doivent approuver les mesures de gestion des risques de cybers\u00e9curit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 20, paragraphe 1<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">6.1.3 Traitement des risques li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de traitement des risques<\/span><\/p><\/td><\/tr><tr style=\"height: 85.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Les organes de gestion doivent superviser la mise en \u0153uvre des mesures de gestion des risques en mati\u00e8re de cybers\u00e9curit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 20, paragraphe 1<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">9.1 Suivi, mesure, analyse et \u00e9valuation 9.2 Audit interne 9.3 Revue de direction<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Rapport de mesure + Rapport d&#039;audit interne + Proc\u00e8s-verbal de la revue de direction<\/span><\/p><\/td><\/tr><tr style=\"height: 101pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Les membres des organes de direction sont tenus de suivre des formations et doivent proposer r\u00e9guli\u00e8rement des formations similaires \u00e0 leurs salari\u00e9s<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 20, paragraphe 2<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">7.2 Comp\u00e9tence A.6.3 Sensibilisation, \u00e9ducation et formation \u00e0 la s\u00e9curit\u00e9 de l&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de formation et de sensibilisation<\/span><\/p><\/td><\/tr><tr style=\"height: 116.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Les entit\u00e9s doivent prendre des mesures techniques, op\u00e9rationnelles et organisationnelles appropri\u00e9es et proportionn\u00e9es pour g\u00e9rer les risques<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 1<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">6.1.3 Traitement des risques li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l&#039;information 6.2 Objectifs de s\u00e9curit\u00e9 de l&#039;information et planification pour les atteindre 8.1 Planification et contr\u00f4le op\u00e9rationnels<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Tableau de traitement des risques + Plan de traitement des risques + diverses politiques et proc\u00e9dures mentionn\u00e9es ci-dessous<\/span><\/p><\/td><\/tr><tr style=\"height: 181.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Lors de l&#039;\u00e9valuation de la proportionnalit\u00e9 des mesures, il convient de tenir d\u00fbment compte du degr\u00e9 d&#039;exposition de l&#039;entit\u00e9 aux risques, de sa taille et de la probabilit\u00e9 d&#039;occurrence des incidents et de leur gravit\u00e9, y compris de leur impact soci\u00e9tal et \u00e9conomique.<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 1<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">6.1.2 \u00c9valuation des risques li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">M\u00e9thodologie d&#039;\u00e9valuation des risques + Tableau d&#039;\u00e9valuation des risques<\/span><\/p><\/td><\/tr><tr style=\"height: 44pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique d&#039;analyse des risques<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point a)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">6.1.2 \u00c9valuation des risques li\u00e9s \u00e0 la s\u00e9curit\u00e9 de l\u2019information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">M\u00e9thodologie d&#039;\u00e9valuation des risques<\/span><\/p><\/td><\/tr><tr style=\"height: 44pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 des syst\u00e8mes d&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point a)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">5.2 Politique<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 des syst\u00e8mes d&#039;information<\/span><\/p><\/td><\/tr><tr style=\"height: 164.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Gestion des incidents<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point b)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.24 Planification et pr\u00e9paration de la gestion des incidents de s\u00e9curit\u00e9 de l&#039;information A.5.25 \u00c9valuation et d\u00e9cision sur les \u00e9v\u00e9nements de s\u00e9curit\u00e9 de l&#039;information A.5.26 R\u00e9ponse aux incidents de s\u00e9curit\u00e9 de l&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Proc\u00e9dure de gestion des incidents + Journal des incidents<\/span><\/p><\/td><\/tr><tr style=\"height: 53pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Continuit\u00e9 de l&#039;activit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point c)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.29 S\u00e9curit\u00e9 de l\u2019information en cas de perturbation<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de continuit\u00e9 des activit\u00e9s<\/span><\/p><\/td><\/tr><tr style=\"height: 44pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Gestion des sauvegardes<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point c)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.8.13 Sauvegarde des informations<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de sauvegarde<\/span><\/p><\/td><\/tr><tr style=\"height: 85.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Reprise apr\u00e8s sinistre<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point c)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.30 Pr\u00e9paration des TIC pour la continuit\u00e9 des activit\u00e9s A.8.14 Redondance des installations de traitement de l&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de reprise apr\u00e8s sinistre<\/span><\/p><\/td><\/tr><tr style=\"height: 56pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Gestion de crise<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point c)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">(ne dispose pas d&#039;une clause ni d&#039;un contr\u00f4le directement pertinents dans la norme ISO 27001)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de gestion de crise<\/span><\/p><\/td><\/tr><tr style=\"height: 229.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">S\u00e9curit\u00e9 de la cha\u00eene d&#039;approvisionnement, y compris les aspects li\u00e9s \u00e0 la s\u00e9curit\u00e9 concernant les relations entre chaque entit\u00e9 et ses fournisseurs directs ou prestataires de services<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point d)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.19 S\u00e9curit\u00e9 de l&#039;information dans les relations avec les fournisseurs A.5.20 Gestion de la s\u00e9curit\u00e9 de l&#039;information dans les accords avec les fournisseurs A.5.21 Gestion de la s\u00e9curit\u00e9 de l&#039;information dans la cha\u00eene d&#039;approvisionnement des TIC A.5.22 Suivi, examen et gestion des changements des services aux fournisseurs A.5.23 S\u00e9curit\u00e9 de l&#039;information pour l&#039;utilisation des services cloud<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 des fournisseurs + Clauses de s\u00e9curit\u00e9 pour les fournisseurs et partenaires + D\u00e9claration de confidentialit\u00e9<\/span><\/p><\/td><\/tr><tr style=\"height: 414.5pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">S\u00e9curit\u00e9 dans l&#039;acquisition, le d\u00e9veloppement et la maintenance des r\u00e9seaux et des syst\u00e8mes d&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point e)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.8.6 Gestion de la capacit\u00e9 A.8.7 Protection contre les logiciels malveillants A.8.8 Gestion des vuln\u00e9rabilit\u00e9s techniques A.8.9 Gestion de la configuration A.8.25 Cycle de vie du d\u00e9veloppement s\u00e9curis\u00e9 A.8.26 Exigences de s\u00e9curit\u00e9 des applications A.8.27 Principes d&#039;architecture et d&#039;ing\u00e9nierie des syst\u00e8mes s\u00e9curis\u00e9s A.8.28 Codage s\u00e9curis\u00e9 A.8.29 Tests de s\u00e9curit\u00e9 en cours de d\u00e9veloppement et d&#039;acceptation A.8.30 D\u00e9veloppement externalis\u00e9 A.8.31 S\u00e9paration des environnements de d\u00e9veloppement, de test et de production A.8.32 Gestion des changements A.8.33 Informations sur les tests<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de d\u00e9veloppement s\u00e9curis\u00e9 + Sp\u00e9cification des exigences du syst\u00e8me d&#039;information<\/span><\/p><\/td><\/tr><tr style=\"height: 149pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politiques et proc\u00e9dures visant \u00e0 \u00e9valuer l\u2019efficacit\u00e9 des mesures de gestion des risques en mati\u00e8re de cybers\u00e9curit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point f)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">9.1 Suivi, mesure, analyse et \u00e9valuation 9.2 Audit interne 9.3 Revue de direction<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">M\u00e9thodologie de mesure + Rapport de mesure + Proc\u00e9dure d&#039;audit interne + Liste de contr\u00f4le d&#039;audit interne + Rapport d&#039;audit interne + Proc\u00e9dure de revue de direction<\/span><\/p><\/td><\/tr><tr style=\"height: 260.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Pratiques de base en mati\u00e8re d\u2019hygi\u00e8ne informatique<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point g)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.6.8 Rapports d&#039;\u00e9v\u00e9nements de s\u00e9curit\u00e9 de l&#039;information A.7.7 Bureau et \u00e9cran clairs A.7.9 S\u00e9curit\u00e9 des actifs hors site A.7.10 Supports de stockage A.8.1 Terminaux utilisateurs A.8.5 Authentification s\u00e9curis\u00e9e A.8.7 Protection contre les logiciels malveillants A.8.13 Sauvegarde des informations A.8.19 Installation de logiciels sur les syst\u00e8mes op\u00e9rationnels A.8.24 Utilisation de la cryptographie<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 informatique<\/span><\/p><\/td><\/tr><tr style=\"height: 68.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Formation en cybers\u00e9curit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point g)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">7.2 Comp\u00e9tence A.6.3 Sensibilisation, \u00e9ducation et formation \u00e0 la s\u00e9curit\u00e9 de l&#039;information<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Plan de formation et de sensibilisation<\/span><\/p><\/td><\/tr><tr style=\"height: 68.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politiques et proc\u00e9dures concernant l&#039;utilisation de la cryptographie et du cryptage<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point h)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.8.24 Utilisation de la cryptographie<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique sur l&#039;utilisation du chiffrement<\/span><\/p><\/td><\/tr><tr style=\"height: 164.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">S\u00e9curit\u00e9 des ressources humaines<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point (i)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.6.1 Contr\u00f4le A.6.2 Conditions d&#039;emploi A.6.3 Sensibilisation, \u00e9ducation et formation \u00e0 la s\u00e9curit\u00e9 de l&#039;information A.6.4 Processus disciplinaire A.6.5 Responsabilit\u00e9s apr\u00e8s la cessation ou le changement d&#039;emploi<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 des ressources humaines<\/span><\/p><\/td><\/tr><tr style=\"height: 44pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politiques de contr\u00f4le d&#039;acc\u00e8s<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point (i)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.15 Contr\u00f4le d&#039;acc\u00e8s<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de contr\u00f4le d&#039;acc\u00e8s<\/span><\/p><\/td><\/tr><tr style=\"height: 149pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Gestion d&#039;actifs<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point (i)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.9 Inventaire des informations et autres actifs associ\u00e9s A.5.10 Utilisation acceptable des informations et autres actifs associ\u00e9s A.5.11 Restitution des actifs A.7.9 S\u00e9curit\u00e9 des actifs hors site<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Proc\u00e9dure de gestion des actifs + Inventaire des actifs<\/span><\/p><\/td><\/tr><tr style=\"height: 85.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">L&#039;utilisation de solutions d&#039;authentification multifactorielle ou d&#039;authentification continue<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point j)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.16 Gestion des identit\u00e9s A.5.17 Informations d&#039;authentification A.8.5 Authentification s\u00e9curis\u00e9e<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique d&#039;authentification<\/span><\/p><\/td><\/tr><tr style=\"height: 68.75pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Communications vocales, vid\u00e9o et texte s\u00e9curis\u00e9es<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point j)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.14 Transfert d&#039;informations A.8.21 S\u00e9curit\u00e9 des services r\u00e9seau<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de transfert d&#039;informations + Politique de communication s\u00e9curis\u00e9e<\/span><\/p><\/td><\/tr><tr style=\"height: 53pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Syst\u00e8mes de communication d&#039;urgence s\u00e9curis\u00e9s au sein de l&#039;entit\u00e9<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 2, point j)<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.8.20 S\u00e9curit\u00e9 des r\u00e9seaux<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de communication s\u00e9curis\u00e9e<\/span><\/p><\/td><\/tr><tr style=\"height: 181.25pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Prendre en compte les vuln\u00e9rabilit\u00e9s propres \u00e0 chaque fournisseur direct et prestataire de services ainsi que la qualit\u00e9 globale des produits et des pratiques de cybers\u00e9curit\u00e9 de leurs fournisseurs et prestataires de services, y compris leurs proc\u00e9dures de d\u00e9veloppement s\u00e9curis\u00e9es<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 3<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">A.5.19 S\u00e9curit\u00e9 de l&#039;information dans les relations avec les fournisseurs A.5.21 Gestion de la s\u00e9curit\u00e9 de l&#039;information dans la cha\u00eene d&#039;approvisionnement des TIC A.5.22 Suivi, examen et gestion des changements des services aux fournisseurs A.5.23 S\u00e9curit\u00e9 de l&#039;information pour l&#039;utilisation des services cloud<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Politique de s\u00e9curit\u00e9 des fournisseurs + Rapport d&#039;\u00e9valuation et de traitement des risques<\/span><\/p><\/td><\/tr><tr style=\"height: 56pt;\"><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Prendre des mesures correctives appropri\u00e9es et proportionn\u00e9es<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Article 21, paragraphe 4<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">10.2 Non-conformit\u00e9 et mesures correctives<\/span><\/p><\/td><td style=\"border-width: 0.416667pt; border-color: #000000; padding: 1pt 1pt 5pt; overflow: hidden; overflow-wrap: break-word;\"><p dir=\"ltr\" style=\"line-height: 1.38; margin-top: 0pt; margin-bottom: 0pt;\"><span style=\"font-size: 11pt; font-family: Arial, sans-serif; color: #000000; background-color: transparent; font-variant-numeric: normal; font-variant-east-asian: normal; font-variant-alternates: normal; font-variant-position: normal; vertical-align: baseline; white-space-collapse: preserve;\">Proc\u00e9dure de mesure corrective + Formulaire de mesure corrective<\/span><\/p><\/td><\/tr><\/tbody><\/table><\/div><\/div>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8f046ed elementor-widget elementor-widget-text-editor\" data-id=\"8f046ed\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h3><b>ISO 27001 et NIS 2 : couverture et mise en \u0153uvre<\/b><\/h3><p><span style=\"font-weight: 400;\">Parmi les 26 exigences de cybers\u00e9curit\u00e9 sp\u00e9cifi\u00e9es par la norme NIS 2, la norme ISO 27001 peut en traiter 25. La seule exception est la gestion de crise, qui n&#039;est pas enti\u00e8rement couverte par la norme ISO 27001.<\/span><\/p><h3><b>Respect des obligations de d\u00e9claration<\/b><\/h3><p><span style=\"font-weight: 400;\">L&#039;article 23 de la norme NIS 2 impose des exigences de reporting sp\u00e9cifiques qui ne peuvent pas \u00eatre enti\u00e8rement satisfaites \u00e0 l&#039;aide de la norme ISO 27001.<\/span><\/p><h3><b>Utilisation de la norme ISO 27001 pour la conformit\u00e9 NIS 2<\/b><\/h3><p><span style=\"font-weight: 400;\">Sur la base de la cartographie, voici les \u00e9tapes qui peuvent \u00eatre mises en \u0153uvre \u00e0 l\u2019aide de la norme ISO 27001\u00a0:<\/span><\/p><ol><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">R\u00e9aliser une formation initiale<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">R\u00e9diger une politique de haut niveau sur la s\u00e9curit\u00e9 des syst\u00e8mes d&#039;information<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">D\u00e9finir la m\u00e9thodologie de gestion des risques<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Effectuer une \u00e9valuation et un traitement des risques<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">R\u00e9diger et approuver le plan de traitement des risques<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Mettre en \u0153uvre des mesures de cybers\u00e9curit\u00e9<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Mettre en place la s\u00e9curit\u00e9 de la cha\u00eene d&#039;approvisionnement<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Mettre en place l&#039;\u00e9valuation de l&#039;efficacit\u00e9 de la cybers\u00e9curit\u00e9<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Mettre en place une formation continue en cybers\u00e9curit\u00e9<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Effectuer des audits internes p\u00e9riodiques<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Effectuer des revues de gestion p\u00e9riodiques<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Ex\u00e9cuter des actions correctives<\/span><\/li><\/ol><p><span style=\"font-weight: 400;\">Les \u00e9tapes 1 et 2 ne sont pas r\u00e9pertori\u00e9es ici car elles se concentrent sur la gestion de projet. L&#039;\u00e9tape 11, \u00ab\u00a0Configurer les notifications d&#039;incident\u00a0\u00bb, est exclue pour les raisons \u00e9voqu\u00e9es pr\u00e9c\u00e9demment.<\/span><\/p><h3><b>Conclusion : NIS 2 contre ISO 27001<\/b><\/h3><p><span style=\"font-weight: 400;\">Pour r\u00e9sumer comment la norme ISO 27001 peut \u00eatre utilis\u00e9e pour la conformit\u00e9 NIS 2\u00a0:<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">La norme ISO 27001 peut r\u00e9pondre \u00e0 la plupart des exigences de cybers\u00e9curit\u00e9 de la norme NIS 2, \u00e0 l\u2019exception du signalement des incidents.<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">12 des 15 \u00e9tapes de mise en \u0153uvre peuvent \u00eatre r\u00e9alis\u00e9es gr\u00e2ce \u00e0 la norme ISO 27001.<\/span><\/li><\/ul><p><span style=\"font-weight: 400;\">Il s\u2019agit d\u2019un alignement fort, indiquant que la norme ISO 27001 est un choix solide pour la conformit\u00e9 NIS 2, d\u2019autant plus que NIS 2 et ENISA encouragent l\u2019utilisation de normes de cybers\u00e9curit\u00e9 \u00e9tablies.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"<p>Comment mettre en \u0153uvre les mesures de cybers\u00e9curit\u00e9 NIS 2 : mise en correspondance avec la norme ISO 27001 Si vous devez vous conformer \u00e0 la norme NIS 2, vous vous demandez peut-\u00eatre comment proc\u00e9der. La directive d\u00e9crit ce que vous devez accomplir, mais ne fournit pas d&#039;indications sur la mani\u00e8re de le faire. L&#039;une des meilleures fa\u00e7ons de s&#039;attaquer \u00e0 cette t\u00e2che de conformit\u00e9 [\u2026]<\/p>","protected":false},"author":4,"featured_media":956,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nis2compliant.org\/fr\/comment-mettre-en-oeuvre-les-mesures-de-cybersecurite-nis-2-avec-iso-27001\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org\" \/>\n<meta property=\"og:description\" content=\"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 If you need to comply with NIS 2, you might be wondering how to go about it. The directive outlines what you need to achieve but doesn&#8217;t provide guidance on how to do it. One of the best ways to tackle this compliance task [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nis2compliant.org\/fr\/comment-mettre-en-oeuvre-les-mesures-de-cybersecurite-nis-2-avec-iso-27001\/\" \/>\n<meta property=\"og:site_name\" content=\"Nis2Compliant.org\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-16T13:33:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-14T19:52:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1879\" \/>\n\t<meta property=\"og:image:height\" content=\"1052\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Matjaz Marin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Matjaz Marin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/\",\"url\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/\",\"name\":\"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org\",\"isPartOf\":{\"@id\":\"https:\/\/nis2compliant.org\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png\",\"datePublished\":\"2024-07-16T13:33:18+00:00\",\"dateModified\":\"2024-08-14T19:52:06+00:00\",\"author\":{\"@id\":\"https:\/\/nis2compliant.org\/#\/schema\/person\/2970b359513cc5166b5792397f560a2d\"},\"breadcrumb\":{\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage\",\"url\":\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png\",\"contentUrl\":\"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png\",\"width\":1879,\"height\":1052},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/nis2compliant.org\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/nis2compliant.org\/#website\",\"url\":\"https:\/\/nis2compliant.org\/\",\"name\":\"Nis2Compliant.org\",\"description\":\"The NIS 2 Directive Explained\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/nis2compliant.org\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/nis2compliant.org\/#\/schema\/person\/2970b359513cc5166b5792397f560a2d\",\"name\":\"Matjaz Marin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/nis2compliant.org\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/54a984366b70b8234bdbdcaef18066b0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/54a984366b70b8234bdbdcaef18066b0?s=96&d=mm&r=g\",\"caption\":\"Matjaz Marin\"},\"url\":\"https:\/\/nis2compliant.org\/fr\/author\/matjaz-maringmail-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nis2compliant.org\/fr\/comment-mettre-en-oeuvre-les-mesures-de-cybersecurite-nis-2-avec-iso-27001\/","og_locale":"fr_FR","og_type":"article","og_title":"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org","og_description":"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 If you need to comply with NIS 2, you might be wondering how to go about it. The directive outlines what you need to achieve but doesn&#8217;t provide guidance on how to do it. One of the best ways to tackle this compliance task [&hellip;]","og_url":"https:\/\/nis2compliant.org\/fr\/comment-mettre-en-oeuvre-les-mesures-de-cybersecurite-nis-2-avec-iso-27001\/","og_site_name":"Nis2Compliant.org","article_published_time":"2024-07-16T13:33:18+00:00","article_modified_time":"2024-08-14T19:52:06+00:00","og_image":[{"width":1879,"height":1052,"url":"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png","type":"image\/png"}],"author":"Matjaz Marin","twitter_card":"summary_large_image","twitter_misc":{"\u00c9crit par":"Matjaz Marin","Dur\u00e9e de lecture estim\u00e9e":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/","url":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/","name":"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001 - Nis2Compliant.org","isPartOf":{"@id":"https:\/\/nis2compliant.org\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage"},"image":{"@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage"},"thumbnailUrl":"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png","datePublished":"2024-07-16T13:33:18+00:00","dateModified":"2024-08-14T19:52:06+00:00","author":{"@id":"https:\/\/nis2compliant.org\/#\/schema\/person\/2970b359513cc5166b5792397f560a2d"},"breadcrumb":{"@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#primaryimage","url":"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png","contentUrl":"https:\/\/nis2compliant.org\/wp-content\/uploads\/2024\/07\/nis2articleimage3.png","width":1879,"height":1052},{"@type":"BreadcrumbList","@id":"https:\/\/nis2compliant.org\/how-to-implement-nis-2-cybersecurity-measures-mapping-with-iso-27001\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nis2compliant.org\/"},{"@type":"ListItem","position":2,"name":"How to implement NIS 2 cybersecurity measures: Mapping with ISO 27001"}]},{"@type":"WebSite","@id":"https:\/\/nis2compliant.org\/#website","url":"https:\/\/nis2compliant.org\/","name":"Nis2Compliant.org","description":"The NIS 2 Directive Explained","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nis2compliant.org\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/nis2compliant.org\/#\/schema\/person\/2970b359513cc5166b5792397f560a2d","name":"Matjaz Marin","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/nis2compliant.org\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/54a984366b70b8234bdbdcaef18066b0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/54a984366b70b8234bdbdcaef18066b0?s=96&d=mm&r=g","caption":"Matjaz Marin"},"url":"https:\/\/nis2compliant.org\/fr\/author\/matjaz-maringmail-com\/"}]}},"_links":{"self":[{"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/posts\/955"}],"collection":[{"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/comments?post=955"}],"version-history":[{"count":5,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/posts\/955\/revisions"}],"predecessor-version":[{"id":961,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/posts\/955\/revisions\/961"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/media\/956"}],"wp:attachment":[{"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/media?parent=955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/categories?post=955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nis2compliant.org\/fr\/wp-json\/wp\/v2\/tags?post=955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}