Risk Management

Compliance

+ 2000 employees

Industries

Decathlon: Building a Unified, Risk-Driven Cybersecurity Approach

To support its rapid growth and the increasing complexity of its global supply chain, Decathlon implemented an integrated cybersecurity governance model, anchored in risk analysis and powered by the Egerie platform.

Gaëtan Damman

Information Security Risk Manager

Watch

The challenge

Key objectives included:

- Defining a common methodology

- Prioritizing cybersecurity investments based on risk

- Centralizing strategic risk consolidation

- Ensuring rigorous tracking of mitigation plans across a complex, international ecosystem

The solution

To meet these goals, Decathlon deployed a robust implementation plan centered on the Egerie platform:

- Definition of a shared methodological framework (Risk Management Framework)

- Custom configuration of the platform and team training

- Progressive rollout across the group

‍

The results

Key results:

- A customized risk model built from business-specific catalogs: 42 assets, 84 vulnerabilities, 59 security measures

- A 360° view of security controls: over 10,000 controls assessed via a single interface

- Centralized risk management: 220 risk analyses completed or underway, with full visibility over inherent, current, and residual risks

- Clear visibility into mitigation plans: 2,000 security actions scheduled, with real-time impact assessment on risk reduction

Gaëtan Damman

Information Security Risk Manager

Key figures

500+ risk analyses performed per year

4,996 assets and 5,702 security measures modeled

1,769 risk scenarios designed and evaluated

TESTIMONIES

You may be interested in this content

Every business has its challenges. Learn how our solutions have helped our customers overcome them and strengthen their cybersecurity.

Discover the use cases

“

Founder and CEO @Enteprise

“

We all know there’s no business without risk. But we must be able to give business teams the right information so they can make the right decisions. And that’s exactly what we’re doing with Egerie.

François Sopin

Founder and CEO @Enteprise

“

The tool allowed us to industrialize an approach that had previously been very manual. More importantly, it helped us get business teams involved in risk management.

Béatrice Berard

Founder and CEO @Enteprise

“

What’s great about Egerie is how everything is connected. If we change something at the beginning of the analysis, the whole chain updates automatically. It saves us a huge amount of time and makes our work much more relevant.

Florian Bourdon

Founder and CEO @Enteprise

Leader européen des services multi-techniques, SPIE a industrialisé sa démarche de conformité et renforcé sa résilience cyber en s’appuyant sur la plateforme EGERIE pour piloter efficacement ses risques et ses vulnérabilités.

A leading financial institution in France, La Banque Postale serves individuals, businesses, and the public sector with a strong commitment to security and compliance. The organization overhauled its risk analysis methodology to improve efficiency, transparency, and its overall risk culture.

How do you turn a regulatory constraint into a driver for cybersecurity performance? That’s the challenge the Hospices Civils de Lyon (HCL) successfully met, with Egerie’s support, through a project that aligned their cybersecurity practices with the requirements of the ISO 27001 standard—making it much more than just a compliance exercise.

As a major player in social protection, MGEN has transformed its cyber risk management strategy by adopting Egerie as its core GRC platform. The days of complex, rigid Excel files are gone — replaced by a streamlined, continuous approach that benefits both internal teams and external auditors, particularly in the context of ISO 27001 certification.

Discover our platform

Lorem Ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod temporincididunt ut labore and Dolore Magna aliqua.

Request a demo