Label

To support this new method, ANSSI wanted to give users a clear way to identify software solutions available on the market that comply with the published method.
With this in mind, ANSSI has established an EBIOS Risk Manager compliance label, open to any vendor wishing to develop a software solution compliant with the principles and concepts of the EBIOS Risk Manager method.
Submitting a solution for the EBIOS Risk Manager label
The labeling framework specifies the terms and requirements to be met for a software solution implementing the EBIOS Risk Manager method to be labeled. It consists of the "Procedure for obtaining the EBIOS Risk Manager label" and the "Specifications".
The "Procedure for obtaining the EBIOS RM label" sets out the terms to be met to obtain the EBIOS Risk Manager label. As for the specifications, they detail the Agency's expectations regarding the project and describe the functional and non-functional requirements.
Interested vendors are invited to contact ANSSI (contact: ebios [at] ssi.gouv.fr)
Ebios Risk Manager
The EBIOS method, developed and actively maintained by ANSSI, is an effective approach for assessing information security risks. It incorporates a compliance-based approach before looking at scenarios, and takes the overall ecosystem into account. Dedicated to cyber risks, EBIOS uses a likelihood assessment method specific to cyberattacks.
