The objective of this guide is to support organisations in the implementation of security measures in order to ensure the protection ofpersonal data that they treat. It is aimed in particular at data protection officers (DPO), chief information security officer (CISO) and computer scientists. Privacy lawyers will also be able to find useful elements.
This guide is a living tool that is enriched by state-ofthe-art practices and doctrine elements of the French data protection authority (CNIL) on the issue of data
security. A changelog is available on the CNIL website to help actors identify the evolutions that need to be taken into account in order to adapt their level of security.
