+33 6 72 86 04 26
gerard.levicki@mobhitech.com

24 hours a day, 7 days a week

APPOINTMENT

Converting bonds into real security

IT risk management & compliance

Make an appointment

In two minutes, discover how EBIOS RM analysis and the NIS2, DORA, GDPR, and ISO 27001 frameworks can become a simple management tool for executives.

Risk management and compliance links regulatory requirements to your operational reality. UsingEBIOS RM risk analysis, I identify what needs to be protected as a priority and develop a coherent plan: GDPR, ISO 27001, NIS2, DORA, PCI-DSS, HDS, or SecNumCloud.

The goal is not to produce paperwork, but to tangibly reduce your exposure while proving your compliance.

IT Risk Management – The Essentials

A structuring EBIOS RM risk analysis

Business-oriented cyber risk management

Pragmatic GDPR compliance

Gradual ISO 27001 compliance

Preparation for NIS2 requirements

Compliance with the DORA regulation

PCI-DSS support

HDS procedures

SecNumCloud Alignment

What you actually get

A prioritized risk map

Usable documentary evidence

An appropriate ISO 27001 system

Monitoring of measures

Credible threat scenarios

A realistic NIS2/DORA trajectory

Third-party control

Preparation for audits

A detailed treatment plan

GDPR-compliant policies

Clear contractual requirements

Compliance that is useful to the business

Schedule a compliance exchange

Let's take five minutes to identify the obligations that apply to you and define a realistic scope.

Make an appointment

EBIOS RM analysis: making decisions methodically

The EBIOS RM risk analysis links threats, vulnerabilities, and business impacts. It provides a simple answer: what to protect, against whom, and at what acceptable cost?

Cyber risk management is becoming a common language between management, IT departments, and business units, preventing investments driven by fear.

GDPR & ISO 27001: structuring without bureaucracy

GDPR compliance secures personal data: register, subcontractors, incident management, individual rights.

ISO 27001 compliance establishes a lightweight management system: policies, processes, continuous improvement, audit evidence.

Schedule an appointmentSee all services

NIS2 & DORA: anticipating new frameworks

The NIS2 and DORA requirements impose governance, incident management, and third-party control. I provide support in:

  • the initial gap analysis

  • remediation plan

  • the formalization of evidence

  • preparation for inspections

Industry standards: PCI-DSS, HDS, SecNumCloud

  • PCI-DSS: payment data protection

  • HDS: requirements for health data

  • SecNumCloud: alignment with trusted repositories

Each step is integrated into your overall strategy to avoid silos.

A clear method

Scope → evidence gathering → risk analysis → action plan → follow-up.

The deliverables are designed for both the Executive Committee and the IT department, with justified priorities and an estimated budget.

Cybersecurity Risk Management and Compliance: Who is it for?

My experience adapts to a variety of contexts:

SME

Proportionate compliance that protects the business without overburdening it.

Startups

A clear framework to convince customers and investors.

Companies

An integrated approach linking risks and digital projects.

ETI

Structured preparation for NIS2/DORA audits.

Organizations

An approach compatible with service continuity and sectoral rules.

Start collaborating

My other services:

Can't find what you're looking for? Please take a look at the pages describing my other services:

Learn more