GRC: a comprehensive and integrated cybersecurity approach throughout your organization

Be more efficient in your projects of governance, risk management and compliance with cybersecurity standards and regulatory requirements (DNSSI, Law 09-08, GDPR) thanks to:

  • Advanced expertise of our certified advisors
  • Unified approach

Implementation of a management system

Adopt an efficient management system owing to our consultants skills in various areas:

  • Implementation of a Business Continuity Management System (BCMS) in accordance with ISO 22301, and an Information Security Management System (ISMS) in accordance with ISO 27001. Benefit from a complete support: from analysis of the current situation and gaps to the certification assistance
  • Development of cybersecurity master plans
  • Setup of a cybersecurity policy
  • Data classification


Compliance with regulatory requirements and international ISO standards

   A team of consultants with over 100 Cybersecurity governance missions to their record (Compliance with DNSSI and Act 05-20, Risk analysis, Data classification, Security Policy, Formalization of security processes and procedures, Raising awareness, Cybersecurity Master Plan)
  20+  implementation projects of Information Security Management System (ISMS) under ISO 27001
  10+ implementations of Business Continuity Management System (BCMS) under ISO22301

Business continuity plan (BCP) definition

For a better post-crisis management and sustainability of your crucial and essential business, we help you set up a continuity process through:

  • Assistance in business impact studies
  • Assistance in developing continuity strategies
  • Formalization of Business Continuity Plans
  • Support in test projects and business continuity exercises

Cyberthreat management

With good practices, a cyberthreat management framework is implemented to mitigate risk exposure of your human, financial and technological resources.


Compliance with personal data protection regulations

   Qualified and DPO (Data Privacy Officer) certified resources to carry out compliance projects in accordance with the European legislation (Data Protection General Regulation, RGDP)
  50+  projects of compliance with Act 09-08 in personal data protection

Compliance with security standards of means of payment

As the first accredited qualified assessor for multiple PCI SSC standards in Africa, our qualified security assessors are trained and certified to support your organizations compliance and certification.

  • PCI QSA Accreditation for PCI DSS audit
  • 3DS Assessor Accreditation for PCI 3DS audit
  • QPA Accreditation for PCI PIN Security audit
  • PA QSA Accreditation for PA DSS audit
  • CPS Assessor Accreditation for PCI CP audit
  • SSF Assessor Accreditation for PCI SSF audit
  • PFI Accreditation for PCI Forensic Investigators

Compliance with the Customer Security Program SWIFT is adapted from the scoping step to the submission of the KYC self-attestation.

Regulatory compliance

Decrease your cyber-fraud risks and meet data protection challenges:

  • PASSI certified in 6 areas of qualification, we guide you in complying with the Law 05-20 and the System Information Security National Directive (DNSSI), for administrations, public bodies, as well as infrastructures of vital importance
  • Compliance with legislation regarding personal data protection (Law 09-08 and Data Protection General Regulation (RGPD)

Compliance with banking cybersecurity standards

  Highly skilled resources working on compliance E-money Cybersecurity projects (6 PCI QSA, 2 PA QSA, 2 PCI 3DS, 1 PCI QPA, 1 PCI CP)
  Over 200 support missions for compliance with PCI standards
  Extensive geographical coverage (Africa, Europe, Middle East and Asia-Pacific)

DATAPROTECT in figures

DATAPROTECT is a cybersecurity company. As a real international key player, DATAPROTECT is strategically positioned in the cybersecurity ecosystem, thanks to its pool of skills and unique expertise.









Security certifications







They trust us

Copyright 2022