 |
Club de la Sécurité de l’Information Français
Bienvenue au Clusif !
Accès membres |
Evénements en région |
Informations légales |
|
ClusifClub de la Sécurité de l’Information Français
clusif@clusif.asso.fr / +33 1 53 25 08 80 / 11, rue de Mogador 75009 Paris
Adresse de cette page : http://www.clusif.fr/en/clusif/present/index.asp
Le Clusif
Productions
Services
- Cybervictime ?
- Forum Mehari.info
- Prestataires
- Formations SSI
- Call For Paper
- Master SSI
- CLUSIR (régions)
- CLUSI (international)
- Liens
- Liste de diffusion
RSS/docs CLUSIF
Welcome to CLUSIF website
CLUSIF (Club de la Sécurité de l'Information Français), created in 1984, is a not for profit organization allowing professionals dealing with information security (including IT security) to meet, exchange their opinions, work and progress together.
CLUSIF, based in France, is open to contributions and membership from all over the world.
CLUSIF's objective is to welcome IT security staff (CISO, etc.) together with security product and service suppliers and other interested parties. The spirit of CLUSIF is based on mutual exchanges between its members irrespective of their professional role (supplier or “user”). CLUSIF adds contacts on information security with similar organizations , either cross-national (e.g. the CLUSIx in Europe) or regional instances (CLUSIR)
CLUSIF contributes to Information Security education, improvements and awareness via publications resulting from the activity of its work groups, market studies or public conferences and meetings. Most of the documents resulting from these actions are offered to public on this site, including some technical studies translated to English.
CLUSIF also initiates regularly public studies on Cybercrime and security policies.
An important contribution of CLUSIF to the management of Information related risks is provided by the information risk assessment and management method MEHARI, built around a comprehensive set of modules, tools and questionnaires. MEHARI is distributed under the Open Source principles.
MEHARI 2010 answers to ISO/IEC 27005:2008 guidelines for risk management and allows further checking of the compliance of organizations for an ISO 27001 ISMS process. It includes, directly in the knowledge bases, the formulas of the method for the direct assessment of the risks and valuation of the ways to treat and reduce them.
MEHARI 2010 knowledge base and documentation are provided by CLUSIF in French and English, translations to other languages are also available thanks to voluntary contributions.
For more information or comment, contact: clusif@clusif.asso.fr
Technical studies
| CONFERENCES - INTERVENTIONS EXTERNES | ||
|---|---|---|
Cybercrime exposures in a Digital Society 
2011 | EN |  PDF |
|
Responding to Data Breaches
2009 | EN | PDF |
| CYBERCRIME | ||
|
Cybercrime Overview - 2009
2010 | EN | PDF |
|
Cybercrime Overview - 2008
2009 | EN | PDF |
|
Cybercrime Overview - 2007
2008 | EN | PDF |
|
Cybercrime Overview - 2006
2007 | EN | PDF |
|
Cybercrime Overview - 2005
2006 | EN | PDF |
|
Cybercrime Overview - 2004
2005 | EN | PDF |
|
Cybercrime Overview - 2003
2004 | EN | PDF |
|
Cybercrime Overview - 2002
2003 | EN | PDF |
|
Cybercrime Overview - 2001
2002 | EN | PDF |
| WHITE PAPERS | ||
|
Web application security: managing web application security risks
2010 | EN | PDF |
|
Business Continuity Plan - I.S. Strategy and recovery solutions
2004 | EN | PDF Abstract |
|
Wireless networks: threats, advantages and safeguards - english version
2003 | EN | PDF |
| RISK MANAGEMENT | ||
|
Risk Management, Concepts and Methods
2009 | EN | PDF |
| INFORMATION SYSTEMS THREATS AND SECURITY PRATICES IN FRANCE | ||
|
Information Systems Threats and Security Pratices in France - Year 2008
2008 | EN | PDF |
|
Losses Study - Year 2003
2003 | EN | PDF |
| METHODS | ||
MEHARI 2010: Analiza mizelor de securitate si ghidul de clasificare 
2011 | RO | PDF |
|
MEHARI 2010: Ghid de prelucrare pentru analiza si managementul riscului
2011 | RO | PDF |
MEHARI 2010: Resumo (Português) 
2011 | PT | PDF |
|
Seminar: MEHARI 2010 ISO/IEC 27005 compliant Information risk management method
2011 | EN | PDF Abstract |
|
MEHARI 2010: Ghid de Evaluare pentru Serviciile de Securitate
2011 | RO | PDF |
|
MEHARI 2010: Knowledge bases
2011 | EN |  ZIP Abstract |
MEHARI 2010: Overzicht 
2011 | NL | PDF |
|
MEHARI 2010 : Privire Generala
2010 | RO | PDF |
MEHARI 2010: Introduzione alla metodologia 
2010 | IT | PDF |
|
MEHARI 2010: Risk analysis and treatment Guide
2010 | EN | PDF Abstract |
|
MEHARI 2010: Changes from previous versions
2010 | EN | PDF Abstract |
|
MEHARI 2010: Processing guide for risk analysis and management
2011 | EN | PDF Abstract |
|
MEHARI 2010: Security Stakes Analysis and Classification Guide
2010 | EN | PDF Abstract |
|
MEHARI 2010: Fundamental concepts and functional specifications
2010 | EN | PDF Abstract |
MEHARI 2010 : Overview (Arabic) 
2010 | AR | PDF |
MEHARI 2010 : Overview (Chinese) 
2010 | CN | PDF |
MEHARI 2010 : Przeglad 
2010 | PL | PDF |
MEHARI 2010: Überblick 
2010 | DE | PDF |
MEHARI 2010 : Introduccion 
2010 | ES | PDF |
|
MEHARI 2010: Evaluation Guide for security services
2010 | EN | PDF Abstract |
|
MEHARI 2010 : Overview (English)
2010 | EN | PDF Abstract |
|
MEHARI 2007 : Ghid de analiza a riscului
2008 | RO | PDF |
|
MEHARI 2007 : Privire Generală
2008 | RO | PDF |
|
MEHARI 2007 : Ghid de serviciile de securitate
2008 | RO | PDF |
|
MEHARI 2007 : Analiza mizelor de joc
2008 | RO | PDF |
|
MEHARI 2007 : Concepte si mecanisme
2008 | RO | PDF |
|
MEHARI 2007 : Handbuch Risikoanalyse
2007 | DE | PDF |
|
MEHARI : Flier
2005 | EN | PDF |
Association loi de 1901
11, rue de Mogador 75009 Paris
+33 1 53 25 08 80