logo

Label

logo ebios rm
Having software tools to carry out end-to-end risk analyses and manage them over time is an essential complement to the EBIOS Risk Manager method.
To support this new method, ANSSI wanted to give users a clear way to identify software solutions available on the market that comply with the published method.
With this in mind, ANSSI has established an EBIOS Risk Manager compliance label, open to any vendor wishing to develop a software solution compliant with the principles and concepts of the EBIOS Risk Manager method.

Submitting a solution for the EBIOS Risk Manager label

The labeling framework specifies the terms and requirements to be met for a software solution implementing the EBIOS Risk Manager method to be labeled. It consists of the "Procedure for obtaining the EBIOS Risk Manager label" and the "Specifications".
The "Procedure for obtaining the EBIOS RM label" sets out the terms to be met to obtain the EBIOS Risk Manager label. As for the specifications, they detail the Agency's expectations regarding the project and describe the functional and non-functional requirements.
Interested vendors are invited to contact ANSSI (contact: ebios [at] ssi.gouv.fr)


Ebios Risk Manager

What are the advantages of using the EBIOS method compared to other risk assessment methods?

The EBIOS method, developed and actively maintained by ANSSI, is an effective approach for assessing information security risks. It incorporates a compliance-based approach before looking at scenarios, and takes the overall ecosystem into account. Dedicated to cyber risks, EBIOS uses a likelihood assessment method specific to cyberattacks.