Skip to main content

La Loi sur la Securité Financière (LSF)

What is the LSF?

The French Financial Security Law (Loi sur la Securité Financière), which in many respects is the French equivalent to the Sarbanes-Oxley Act, requires among other provisions that each issuer must publish a report on internal control (similar to the internal control report required by Section 404 of the Sarbanes-Oxley Act) and that such report must be made publicly available in France.

Improve your understanding of the issues raised by this French mandate for the Internal Controls that affect the IT function within your organization. Click&DECiDE 's interactive Training workshops cover the key issues and challenges and advise on the related internal control frameworks: COSO, COBIT, ISO/IEC 27002 (17799)and the relationship and alignment between them.

LSF Challenges

The LSF includes the need for:

  • Defining the scope of the systems affected
  • Access control and user management
  • Maintaining compliance with configuration policies across all their systems
  • Collecting and analyzing audit logs
  • Transparency
  • Regular monitoring activities
  • Policies and Best Practices to control and mitigate operational risk
  • Regular review of risks and controls
  • Modification and optimization of risk management as necessary
  • Improved Data Storage and management
     

Click&DECiDE 's Solution

To address certain of the specific Internal Control requirements of the LSF, Click&DECiDE 's Solutions can help companies deal with the following issues:

  • Security Event Log Archival
  • Access Control
  • Malicious Code Detection
  • Policy Enforcement
  • User Monitoring & Management
  • Vulnerability Management
  • Real-Time Reporting
  • Forensic Analysis

Le t Click&DECiDE help you comply with these regulations and automate this International necessity

Your Logs: the compliance regulations are clear concerning the need for log analysis and retention. If companies have a running record of all the events occuring on their networks, they can easily discover what went wrong. This can also aid in following and prosecuting perpetrators.

Your Risk: are you under attack? When a security breach occurs, such as a virus, a worm, a disgruntled employee or even a hacker, Click&DECiDE will pinpoint the breach and distinguish a virus from a hacker and so on.

Your Shared Reports: security is a shared concern. By constantly analyzing logged evnts and keeping a stock of logged events, all your departments, including the IT Security department can generate reports on network activity and security to share the information with Senior Management.