the pitfall of the “one-shot” project for the audit
In many organisations, compliance resembles a well-oiled machine:a few months of intense mobilisation before the audit… then a long silence until the nextepisode.On paper, the company “passes its audits”.In reality, it has never really stabilised its trajectory. The classic scenario: everything for the audit, then we file away the documents. It all starts with a […]
ISO 27001, NIS2, TISAX… let’s talk about what we really expect.
Executive committee meeting.On the agenda: ISO 27001, NIS2, TISAX.Around the table, reactions vary: some hear ‘constraint’, others “necessary step‘, a few ’IT jargon”. Yet behind the acronyms, the underlying issue is much simpler: What should the company be accountable for ? Behind each standard lies the same logic: to demonstrate Whether it is ISO 27001, […]
Three months before the audit, and still no clear vision…
90 days before an ISO 27001 audit: everyone is working, but no one really knows wherethe company stands.It’s not a problem of goodwill, it’s a problem of management. « Where are we at ? » Monday morning meeting, 9am. The CIO asks a trivial question : « In practical terms, what is the current status […]
