logo-phinasoft
Menu
Menu

Case studies

A few case studies from our clients’ experience.

Discover our solution

Interview of Stéphane Gomez, ISS France’s CISO

LOGO_ISS
ISS France is the French subsidiary of ISS World, the global leader in “Facility Services.” It brings its clients services for their premises: cleaning, technical maintenance, food, posting, workplace.

611 M€

of turnover

200

applications

30

ongoing projects

ISS France trusts Phinasoft to make their Cyber-Risk Analyses Management easier. We asked Stéphane Gomez about his experience with our services.

Can you describe your context and in particular what led you to look for a software to manage Risk Analyses?

In order to raise the maturity level of our Security, Risk Management and Documentation, we engaged in the following projects:
  • Security by Design
  • Enriched documentation on GDPR, data, applications and third parties
  • ISO27001 compliance

A major issue was being able to cope with the continuous flow of new projects to secure. And we had very limited time for that. We then needed some simple and collaborative tools giving as much autonomy as possible to the projects’ teams.

What wasn’t right with your current solutions at the time?

Broadly two things: their inadequacy with the quantity of Security Assessments and with a limited Cyber-Risk Management culture in the firm. To conduct our Security Assessments, we started to use excel sheets that showed several drawbacks on the following needs:
  • Large scale use,
  • Change Management over time on a given perimeter,
  • Flexibility and User Experience,
  • Ability to use different methodologies according to our needs.
Regarding Risk and Action Plans acceptance, the simple use of emails didn’t allow us to implement the right workflows correctly and to monitor validations.

Why did you choose Phinasoft?

First of all, for the quality of the team: we really appreciated their expertise, their agility and their availability all along. They gave us training and provided consulting resources, which is a real asset for busy security teams. Regarding the platform itself, its main assets are its adaptability, collaborativity and simplicity. We could implement into the platform our own methodologies, frameworks and workflows. And Phinasoft also adapts it to the evolutions of our needs over time with news features. Being able to log in with Single-sign-on is also a very valuable advantage along with Multi Factor Authentication. The platform is also filled with explanations that helps project leaders be autonomous when they answer the Security questions. Finally, Phinasoft’s technical roadmap was in line with our future projects, which made it a strong ally on the long run.

What are the results of the use of the platform?

Risk Analyses (or Security Assessments) can now have their full impact on the organization thanks to the validation process supported by Phinasoft. IT and Business Managers now cannot ignore the identified risk and have to commit to apply the recommendations. The projects leaders really like that it’s user friendly and testify that it’s really useful to them. It helps build easily some documentation around our applications. It’s also useful to architect compliance or purchase teams.   On the Security team side, Phinasoft brings us a global vision on all the projects and allows us to manage more easily the actions plans.

Contact

contact@phinasoft.com
+33 6 38 37 19 49

Follow our news
on social networks

Linkedin Twitter

Others

Menu

Credit : Freepik

Copyright © 2024 Phinasoft | Created by Phinasoft