👉 Breakfast @Lyon March 4, 2026

CISO & CIO: strategic duo or tense partnership?

Mutual insurance companies and insurance companies

Maintain and extend ISO 27001 certification to other sites

How did the Henner Group simplify its compliance management?

"The platform saves us a significant amount of time, and the centralization of data is invaluable."

Antoine Bajolet

CISO at Groupe Henner

The challenge

Overseeing ISO 27001 compliance for several international sites

In a highly regulated insurance sector, which aims to protect policyholders and guarantee the protection of their personal data, the Henner Group develops and operates innovative personal insurance solutions internationally.

‍

With an SSI team of four people, the rapidly growing group obtained ISO 27001 certification for its French sites and its Lisbon site. The challenge was to manage the process and accelerate compliance at its other sites.

Effectively maintaining ISO 27001 certification

already obtained on the sites in France and Lisbon

Multi-site compliance

Ensure compliance of new international sites.

Automation

Centralize data and save time every day.

The objective

Certify compliance with regulatory requirements regarding personal data protection and information system security, and streamline cybersecurity management processes.

The solution

Why did you choose Tenacy?

Organizational Mapping

Acomprehensive model where each entity is represented with its own security score.

ISO 27001 management

Anintegrated framework broken down into operational measures, action plans, and indicators that simplify management.

Automated workflows

Acompliance level that changes with each action, with a score that is automatically adjusted.

Table of Contents

This is some text inside a div block.

Discover how Tenacy structures your cybersecurity

Schedule a demo

1/ Centralize to gain visibility and productivity

By centralizing all its cybersecurity-related information in Tenacy, the SSI team was able to benefit from a 360° view, which could be shared with all stakeholders using dashboards created in just a few clicks.

This made it possible to monitor all cyber indicators in real time and save considerable time byautomating tasks and generating reports.

Covered objective:

Optimize visibility into the group's cybersecurity and eliminate time-consuming tasks.

‍

2/ Rely on cyber standards to drive multi-compliance

The ISO 27001 standard was one of the cyber security frameworks available in the Tenacy catalog, easily deployable on a site requiring security. For each measure in the framework, the security measures to be applied, recurring tasks, and monitoring indicators were pre-configured.

With Tenacy's organizational modeling feature, the Henner Group was able to apply and monitor each element of the ISO 27001 standard across its various sites requiring security measures.

Covered objective:

Simplify ISO 27001 maintenance and save time on compliance for new sites.

‍

3/ Simplify collaboration to strengthen cybersecurity management

By eliminating manual processes related to Excel files, the Henner Group has reduced the risk of errors and simplified its compliance management.

SSI teams now rely on a single platform: they can easily collaborate with all stakeholders, track assigned tasks, and record results in a centralized location.

Covered objective:

Optimized cyber management for better-protected organizations.

‍

Keep this story handy

How can you convince your management that you need a dedicated tool to maintain and expand your ISO 27001 certification? The Henner case study can help you build your case.

Download the case study

Results

Industrialized compliance management

Considerable time savings

on dashboard production.

A new goal: the removal of all Excel files.

Reliable, centralized data

with real-time tracking of evidence and actions reported.

Simplified collaboration

between the SSI team and stakeholders.

Conclusion

The case of the Henner Group shows how a complex organization can maintain its certifications and simplify compliance for different sites internationally while strengthening its cyber governance.

Do these issues resonate with you?

Schedule a demo

You may be interested in

Glossary

ReCyF 2.5 (Cyber France Reference Framework)

ReCyF is the French cybersecurity framework based on the European NIS 2 Directive. It sets out 20 mandatory security objectives for critical and essential entities and specifies the acceptable means for demonstrating compliance.

April 10, 2026

News

CESIN Barometer 2026: analysis of cyber threats and cybersecurity trends in France

The CESIN 2026 barometer reveals a paradoxical trend in corporate cybersecurity: while the number of significant cyberattacks is decreasing, their consequences are becoming considerably more severe.

This annual study by the Club des Experts de la Sécurité de l'Information et du Numérique (Club of Information and Digital Security Experts) is an essential reference for understanding the evolution of cyber threats in France.

January 29, 2026

Compliance

Cyber Resilience Act: everything you need to know about the new European regulation

The purpose of this article is to provide you with a clear and practical overview of the Cyber Resilience Act.

At the end of the document, you will also find advice on how to structure your approach and facilitate compliance.

January 27, 2026

Regain Control of Your Cybersecurity

Schedule My Personalized Demo

30 minutes with no obligation