FAQ
Frequently asked questions about our various solutions



Arimes StandAlone
Yes, and you can download it using the following link.
Download the Arimes Standalone user documentation (v1.2.4, March 25, 2025)To get started, you can create an empty study. Alternatively, we suggest starting with the example file, which already contains grids and frameworks.
Download our sample study (v2.0)Studies rely on frameworks; you can enter them manually in activity 1.4 or import them along with their requirements in .json format. To import a framework,
1. At the top left of the application, click the import button 📥
2. Select JSON as the import type
3. Import the file. You can use the example below of the ANSSI 42-rule hygiene guide evaluation template.
4. Select "Frameworks (1.4)", "Security framework requirements (1.4)" and "Requirement status (1.4)", then click Import.
5. If any objects are detected as duplicates, a wizard will guide you through merging the information.
6. The import may take about ten seconds.
7. Once the import is complete, you'll find the framework in activity 1.4.
You can enter requirements manually in a framework in activity 1.4 or import them in .csv format. To import a framework's requirements,
1. Go to activity 1.4
2. (Optional) Add a framework (+)
3. (Optional) Enter the information relating to this framework. For ANSSI's IT hygiene guide:
• Type: Basic rules & hygiene
• Description: This guide contains 42 measures to strengthen the security of your information system.
• Compliance indicator: Partially applied.
• Version: Version 2.0 - September 2017.
4. Select the row of the created framework.
5. At the top left of the frameworks table, click Import csv 📥
6. Import the .csv file. The expected format is Level,Title,Description,Applied,Comment,[Category].
7. The import may take a few minutes.
8. Once the import is complete, your requirements will be available in the second table.
The CIA-T scale is not part of the Ebios RM method. If you still wish to fill it in, this can be done in workshop 1.3 at the impacts level.
The json file below lets you import the complete scale (C, I, A, T at levels 0 to 4) into your study. After importing the data, the CIA-T levels should be added as impacts on your business assets.
Arimes Web
You can enter requirements manually in a framework in activity 1.4 or import them in .json format. To import a framework's requirements,
1. Go to Activity 1.4 > Frameworks
2.a If you already have a framework
i) Edit the framework ✏️
2.b If you don't have a framework
i) Create Framework
ii) Enter the information relating to this framework. For the ANSSI IT hygiene guide evaluation template:
• Title: IT hygiene guide evaluation template
• Type: ANSSI Guide
• Description: ANSSI's hygiene guide contains 42 measures to strengthen the security of your information system.
3. In the Import requirements field, import the .json file.
The expected format is [{'title': 'string', 'description': 'string', 'category': 'string', 'justification': 'string', 'statusLevelId': int}, {...}].
Agrios
First, enable the feature in Administration > Authentication Sources, with 2 available modes:
-Per-user activation.
-MFA enforced for all users.
In the case of per-user activation only, you edit a user account to specifically enable MFA (Portfolio Manager role required to modify a user): go to My Profile > Edit > check Enable two-factor authentication.
To import a study:
- access to the import interface on Agrios is currently restricted to a 'Portfolio Manager' profile. To test an import, you must log in with a user who has this role;
- for Agrios to be able to contact the Arimes Web API, enter the API contact URL in the 'Administration > Application Configuration' menu, in the 'Arimes Web Connection' section;
- if you encounter connection errors during import, please let us know so we can make the appropriate network adjustments between the 2 applications.
- next, an API token is required per user. It can be generated in Arimes Web, in the 'Administration > User API Tokens' menu. An API token has the format 'arip-
This API token both authorizes API requests and determines which studies are accessible depending on the user associated with the token and their permissions in Arimes Web. A user on the Arimes Web side must have access to the entire study to be able to import it into Agrios (otherwise an import error will be displayed).
Basileak
See the FAQ on the Basileak website: https://www.basileak.eu/faq
Ebios Risk Manager
The EBIOS method, developed and actively maintained by ANSSI, is an effective approach for assessing information security risks. It incorporates a compliance-based approach before looking at scenarios, and takes the overall ecosystem into account. Dedicated to cyber risks, EBIOS uses a likelihood assessment method specific to cyberattacks.





