The new guide, which is available in both English and French was launched at the FERMA Forum 2019 in Berlin

The French National Cybersecurity Agency (ANSSI) and the Association for Corporate Risks and Insurance Management (AMRAE) have published a new guide to digital risk management.

The publication, which is called “Controlling the digital risk - the trust advantage”, is a 15-step guide to help managers of organisations of all sizes to construct a digital risk management policy.

digital risk

The guide is available in English and French and was launched to over 600 risk managers, gathered at the Ferma Forum, the congress of the European Risk Management Associations, in Berlin

Digital risk is growing in importance for organisations as attacks can jeopardise their survival.

It is no longer just the business of technical experts, digital risk has become strategic and must be dealt with at the highest level of a business.

The complementary expertise of ANSSI, the national authority for cybersecurity, and AMRAE, the risk managers’ professional association, have helped to build a comprehensive and realistic guide that can help managers tackle this thorny issue.

This guide is intended for managers and risk managers of public and private organisations of all sizes, including digital risk committees, business teams and boards of directors. 

Steps one to six deal with understanding digital risks and getting organised, steps seven to 11 focus on building and security baseline, while the final four steps tackle managing digital risk and enhancing cybersecurity.

“Where to start? What are the different steps to follow? How to stay efficient? How to promote your security investments? The guide provides a rational approach to follow in order to establish and maintain progressively a successful organisation of cyber risk management” explained Guillaume Poupard, director general of ANSSI.

“With this guide, our common goal is to ensure that the entire ecosystem implements the conditions for digital trust. If the company always has an eye on its vulnerabilities, it can anticipate the scenarios with the strongest impact, assessing their financial or reputational consequences, and thus reduce the cyber risk” added Brigitte Bouquot, AMRAE’s president.

The approach outlined in the guide explains how to involve all the stakeholders of an organisation and develop essential capacities to fight cyber threats. It is based on the risk analysis method EBIOS Risk Manager, which helps to understand exposure to digital risks in order to prevent interruptions.

The guide “Controlling the digital risk – the trust advantage” is available in French and English on ANSSI’s website: https://www.ssi.gouv.fr/guide-controlling-digital-risk–trust-advantage and AMRAE’s website: https://www.amrae.fr/guide-amrae-anssi.