Methods and safety standards of systems

The information is an essential resource in the daily activities of our socioeconomic life. The information is mainly collected, treated, protected and distributed in a digital format. This exposes it to the problems related to the use of information technologies and communication. The presence of vulnerability in a computer system can have an impact on the information security: loss, theft modification, forgery ... To prevent these situations, there are few methods of analysis of the security risks allowing to make a complete audit of the information system and to emit recommendations of correctives. On the other hand, safety standards were focusing to establish precise safety rules and give a certification to the systems which respect all these rules. However, the current methods of risk management try to help to estimate them, to implant appropriate controls, to be conforming to the regulations and to the laws of protection of the information and the private life, without being completely compatible with the current standards. This document aims to present, on the basis of certain criteria, the results of a study on various methods and safety standards of information systems, used in Europe and in North America.