Compliance & Standards

Regulatory frameworks, certifications, and cybersecurity best practices

This section gathers articles focused on security standards, regulatory frameworks (GDPR, NIS2, LPM, etc.), and compliance requirements for public and private organizations.

📋 My objective: Provide an operational and contextualized understanding of legal and normative obligations — enriched with concrete examples, critical analysis, and field-proven feedback.

📌 Topics covered:

  • GDPR compliance & personal data security
  • ISO/IEC standards: 27001, 27002, 27701
  • PCI DSS: payment security and audit practices
  • Compliance frameworks for CERTs (SIM3, FIRST, PRIS, InterCERT…)
  • Legal impacts of NIS2, LPM, DORA, CRA directives
  • Embedding compliance in DevSecOps workflows

📚 Available articles:

2025