~/Cedric

No monitoring of product certification Vulnerabilities

No use of norms or standards relating to information system development Vulnerabilities

No access control to information Vulnerabilities

The security policy does not include reminding all personnel of their obligations and responsibilities in civil, criminal and regulatory matters. Vulnerabilities

No climate of trust between individuals Vulnerabilities

No contractual clauses setting out the responsibilities of both parties Vulnerabilities

No instructions given to external personnel working on the premises Vulnerabilities

No monitoring of product origin Vulnerabilities

Personnel receive no communication or information concerning authorisation procedures Vulnerabilities

No contractual clauses relating to the protection of IT equipment Vulnerabilities