1. 1 Introduction
  2. 2 Questions
  3. 3 Results
1 of 3 (0%)
Theme 1: Inventory and Analysis

In order to properly protect his castle and put up the right defence lines in the Middle Ages, a lord first had to delineate a protection perimeter and compile an inventory of the property and the people to be protected. He would then analyse the strengths at his disposal, the potential threats to his estate and the best ways to minimise the impact of an enemy attack.

It's the same for your business. To protect yourself effectively, you first need to know your environment well. Don't wait for an external expert to understand your organisation better than you do!

Start by making an inventory of your assets and important data. Remember also to thoroughly understand the legal obligations incumbent on your company , and make sure you offer complete reliability to your customers, to ensure your e-reputation.

image illustrative

With a well-conducted inventory, you can now perform two types of assessment:

  • o Risk assessment : Ask yourself if you can identify the risks to your business and consider how you can mitigate them to an acceptable level. Do you know which penalties may apply to your business if you have not taken the necessary precautions required by the GDPR ?
  • Impact assessment : We can't mention computers without mentioning data processing, sometimes personal data . So ask yourself the following question: do you know the impact of your activities on the rights and freedoms of the people whose data you process? And how could you prove to the Data Protection Authority that you have thought about taking the necessary and proportionate precautions?
image illustrative

Keep in mind

  • Castle in the Middle Ages
    • Drawing up an inventory: what to protect?;
    • Analysis of needs and the enemy's tactics to adapt the defences and protect yourself effectively;
    • In order to foster trade, it was also necessary to know of the customers’ needs in other cities.
  • Cybersecurity for your business :
    • Draw up an inventory: what do I need to protect?
    • Analysis:
      • Risk assessment : what/who should I protect myself against? Are my tools adapted to my needs?
      • Impact assessment : what impact does my data processing have on the rights and freedoms of the concerned persons?
    • Respect all legal obligations and guarantees of reliability : does my website comply with and show all the mandatory information for the public?