👉 Breakfast @Lyon March 4, 2026

CISO & CIO: strategic duo or tense partnership?

Logistics

Automate compliance and risk management for a group operating across 4 continents

How does Asendia manage cybersecurity for 15 international subsidiaries without increasing resources?

“It's definitely a huge time-saver compared to sending out an Excel spreadsheet and manually collecting responses.”

Thierry Jeanneret

Group CISO at Asendia

The challenge

Automate compliance and risk management for a group operating across 4 continents

The Asendia Group, the result of a joint venture between La Poste and Swiss Post, is one of the world leaders in e-commerce and international mail, delivering to more than 200 destinations worldwide.

‍

With more than 2,000 employees across four continents, the group manages massive volumes of personal data on a daily basis and guarantees the continuous availability of its logistics services.

‍

Thierry Jeanneret has been Group CISO at Asendia for 11 years. Based in Switzerland, he oversees the cybersecurity strategy and governance for the entire group, covering between 12 and 15 subsidiaries across four regions. The central team has only two ISS advisors—including Thierry—supported by security correspondents in each region.

‍

Asendia's cyber team operated in a fragmented manner, with disparate tools that did not communicate with each other.

Information was scattered and compartmentalized.

The reference documents were stored in Word or PDF format, and evaluations were managed using Excel, with no direct link to the action plans to be implemented.

There was a lack of coordination between risks, compliance, and actions.

The team lacked an overview to coordinate the identified risks, the existing standards, and the actions to be taken.

Lack of time and limited staff

The geographical distance between teams also complicated monitoring, reinforcing the need for clear processes and a centralized tool.

The objective

Having a single platform that allows you to manage all issues in one environment.

The solution

Why did you choose Tenacy?

Comprehensive risk and compliance coverage

‍

Responsive, high-quality support

both during demonstrations and in everyday use.

An English-speaking platform

essential for an international group such as Asendia.

Table of Contents

This is some text inside a div block.

Discover how Tenacy structures your cybersecurity

Schedule a demo

1/ Compliance: aligning standards with international benchmarks

Follow-up of 8 Golden Rules issued by the parent company (GeoPost) to comply with mandatory measures and minimize the impact of ransomware
Construction of the PSSI aligned with ISO 27001 & 27002 to enable the certification process in certain markets
Anticipating the NIS2 directive to prepare for future compliance
Management of customer requirements and evaluation of suppliers in terms of compliance

Covered objective:

Have benchmarks linked to action plans, with centralized and consistent monitoring .

‍

2/ Risks: a structured and educational analysis

Identification of major risks
Definition of business values and supporting assets
Link between risks, controls, measures, and actions

Covered objective:

Establish clear links between risks, standards, actions, measures, and controls.

" The module really provides visibility in a fairly educational way and makes it easy to manage risk analysis with the various contributors. I think interconnectivity is the strength of this tool. "
Thierry Jeanneret, Group CISO at Asendia

‍

3/ Action plans: an everyday tool

Global visibility across the entire scope
Real-time progress tracking
Automated dashboards and metrics

Covered objective:

Manage effectively by providing the second line of defense with a structured working basis, while assigning tasks to the first line.

‍

4/ Vulnerabilities: procedures integrated into the tool

Configuration of each vulnerability detected
Assigning tasks to contributors and generating action plans
Time savings compared to manual management in Excel

Covered objective:

Optimize resources and enable a small team to effectively cover a growing number of entities.

" We managed to get it adopted and implemented across all the procedures that are part of our policy. "
Thierry Jeanneret, Group CISO at Asendia

‍

5/ Reporting: an up-to-date view for all levels

Data aggregation and centralization
Real-time dashboards and reporting
Audit tracking and simplified presentations for management

Covered objective:

Dashboards tailored to each stakeholder and editable in just a few clicks.

" We saw the difference with Tenacy in terms of audit follow-up. Once we had put in place the action plan for all vulnerability-related actions, we followed up with the management board on a weekly basis. It's this kind of thing that makes follow-up much easier. "
Thierry Jeanneret, Group CISO at Asendia

‍

Centralization and automation for unified governance

Single point of entry

for all cyber governance: compliance, risks, supplier assessments, incidents, reporting.

Automation

controls, workflows, and recurring tasks.

Effective management

a growing number of entities with a limited workforce.

Ultimately, Tenacy became the operational hub and the sole governance tool for Asendia’s cybersecurity team, addressing specific business needs on a daily basis.

Download the full case study

Are you responsible for cybersecurity across a multi-entity group with a small team? The Asendia case study details how to structure cybersecurity governance across 15 international subsidiaries, featuring real-world use cases, quantified results, and feedback from the Group CISO.

Download the full case study

Results

Centralized and effective cyber governance

4 times faster

On risk analyses, assessments, data collection, and reporting.

"The online support with chat is very responsive and always of a high standard. That's what I appreciate; it's important and sets it apart from other solutions." Thierry Jeanneret, Group CISO

Visibility and control

A comprehensive view and better control of cyber assets.

Effectiveness

The ability to manage more entities with the same team, reducing the workload associated with manual tasks.

Conclusion

For international organizations with limited resources, Tenacy is the ideal solution for transforming fragmented management into unified, efficient, and scalable governance.

Do these issues resonate with you?

Schedule a demo

You may be interested in

Glossary

ReCyF 2.5 (Cyber France Reference Framework)

ReCyF is the French cybersecurity framework based on the European NIS 2 Directive. It sets out 20 mandatory security objectives for critical and essential entities and specifies the acceptable means for demonstrating compliance.

April 10, 2026

News

CESIN Barometer 2026: analysis of cyber threats and cybersecurity trends in France

The CESIN 2026 barometer reveals a paradoxical trend in corporate cybersecurity: while the number of significant cyberattacks is decreasing, their consequences are becoming considerably more severe.

This annual study by the Club des Experts de la Sécurité de l'Information et du Numérique (Club of Information and Digital Security Experts) is an essential reference for understanding the evolution of cyber threats in France.

January 29, 2026

Compliance

Cyber Resilience Act: everything you need to know about the new European regulation

The purpose of this article is to provide you with a clear and practical overview of the Cyber Resilience Act.

At the end of the document, you will also find advice on how to structure your approach and facilitate compliance.

January 27, 2026

Regain Control of Your Cybersecurity

Schedule My Personalized Demo

30 minutes with no obligation