Club de la Sécurité de l’Information Français
Bienvenue au Clusif !
Accès membres | Evénements en région | Informations légales | Version française
logo Clusif
Club de la Sécurité de l’Information Français

clusif@clusif.asso.fr / +33 1 53 25 08 80 / 11, rue de Mogador 75009 Paris
Adresse de cette page : http://www.clusif.asso.fr/en/clusif/present/index.asp

Welcome to CLUSIF website

CLUSIF (Club de la Sécurité de l'Information Français), created in 1984, is a not for profit organization allowing professionals dealing with information security (including IT security) to meet, exchange their opinions, work and progress together.

CLUSIF, based in France, is open to contributions and membership from all over the world.

CLUSIF's objective is to welcome IT security staff (CISO, etc.) together with security product and service suppliers and other interested parties. The spirit of CLUSIF is based on mutual exchanges between its members irrespective of their professional role (supplier or “user”). CLUSIF adds contacts on information security with similar organizations , either cross-national (e.g. the CLUSIx in Europe) or regional instances (CLUSIR)

CLUSIF contributes to Information Security education, improvements and awareness via publications resulting from the activity of its work groups, market studies or public conferences and meetings. Most of the documents resulting from these actions are offered to public on this site, including some technical studies translated to English.

CLUSIF also initiates regularly public studies on Cybercrime and security policies.


An important contribution of CLUSIF to the management of Information related risks is provided by the information risk assessment and management method MEHARI, built around a comprehensive set of modules, tools and questionnaires. MEHARI is distributed under the Open Source principles.

MEHARI 2010 answers to ISO/IEC 27005:2008 guidelines for risk management and allows further checking of the compliance of organizations for an ISO 27001 ISMS process. It includes, directly in the knowledge bases, the formulas of the method for the direct assessment of the risks and valuation of the ways to treat and reduce them.

MEHARI 2010 knowledge base and documentation are provided by CLUSIF in French and English, translations to other languages are also available thanks to voluntary contributions.

For more information or comment, contact: clusif@clusif.asso.fr


Technical studies

CONFERENCES - INTERVENTIONS EXTERNES
Cybercrime exposures in a Digital Society
2011
EN PDF  PDF
Responding to Data Breaches
2009
EN PDF  PDF
CYBERCRIME
Cybercrime Overview - 2009
2010
EN PDF  PDF
Cybercrime Overview - 2008
2009
EN PDF  PDF
Cybercrime Overview - 2007
2008
EN PDF  PDF
Cybercrime Overview - 2006
2007
EN PDF  PDF
Cybercrime Overview - 2005
2006
EN PDF  PDF
Cybercrime Overview - 2004
2005
EN PDF  PDF
Cybercrime Overview - 2003
2004
EN PDF  PDF
Cybercrime Overview - 2002
2003
EN PDF  PDF
Cybercrime Overview - 2001
2002
EN PDF  PDF
WHITE PAPERS
Cyber Security of Industrial Control Systems
2014
EN PDF  PDF
Web application security: managing web application security risks
2010
EN PDF  PDF
Business Continuity Plan - I.S. Strategy and recovery solutions
2004
EN PDF  PDF
TXT  Abstract
Wireless networks: threats, advantages and safeguards - english version
2003
EN PDF  PDF
RISK MANAGEMENT
Risk Management, Concepts and Methods
2009
EN PDF  PDF
INFORMATION SYSTEMS THREATS AND SECURITY PRATICES IN FRANCE
Information Systems Threats and Security Pratices in France - Year 2008
2008
EN PDF  PDF
Losses Study - Year 2003
2003
EN PDF  PDF
METHODS
МЕХАРИ 2010: Преглед
2014
MK PDF  PDF
MEHARI 2010: Knowledge bases (FA)
2014
FA zip  ZIP
MEHARI 2010: Overview (FA)
2014
FA PDF  PDF
MEHARI 2010: Pregled (HR)
2013
HR PDF  PDF
MEHARI 2010: Pregled (RS)
2013
RS PDF  PDF
MEHARI 2010: Pregled (BA)
2013
BA PDF  PDF
MEHARI 2010: Analiza mizelor de securitate si ghidul de clasificare
2011
RO PDF  PDF
MEHARI 2010: Ghid de prelucrare pentru analiza si managementul riscului
2011
RO PDF  PDF
MEHARI 2010: Resumo (Português)
2011
PT PDF  PDF
Seminar: MEHARI 2010 ISO/IEC 27005 compliant Information risk management method
2011
EN PDF  PDF
TXT  Abstract
MEHARI 2010: Ghid de Evaluare pentru Serviciile de Securitate
2011
RO PDF  PDF
MEHARI 2010: Knowledge bases
2011
EN zip  ZIP
TXT  Abstract
MEHARI 2010: Overzicht
2011
NL PDF  PDF
MEHARI 2010 : Privire Generala
2010
RO PDF  PDF
MEHARI 2010: Introduzione alla metodologia
2010
IT PDF  PDF
MEHARI 2010: Risk analysis and treatment Guide
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2010: Changes from previous versions
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2010: Processing guide for risk analysis and management
2011
EN PDF  PDF
TXT  Abstract
MEHARI 2010: Security Stakes Analysis and Classification Guide
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2010: Fundamental concepts and functional specifications
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2010 : Overview (Arabic)
2010
AR PDF  PDF
MEHARI 2010 : Overview (Chinese)
2010
CN PDF  PDF
MEHARI 2010 : Przeglad
2010
PL PDF  PDF
MEHARI 2010: Überblick
2010
DE PDF  PDF
MEHARI 2010 : Introduccion
2010
ES PDF  PDF
MEHARI 2010: Evaluation Guide for security services
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2010 : Overview (English)
2010
EN PDF  PDF
TXT  Abstract
MEHARI 2007 : Ghid de analiza a riscului
2008
RO PDF  PDF
MEHARI 2007 : Privire Generală
2008
RO PDF  PDF
MEHARI 2007 : Ghid de serviciile de securitate
2008
RO PDF  PDF
MEHARI 2007 : Analiza mizelor de joc
2008
RO PDF  PDF
MEHARI 2007 : Concepte si mecanisme
2008
RO PDF  PDF
MEHARI 2007 : Handbuch Risikoanalyse
2007
DE PDF  PDF
MEHARI : Flier
2005
EN PDF  PDF
Club de la Sécurité de l'Information Français
Association loi de 1901
11, rue de Mogador 75009 Paris
+33 1 53 25 08 80