PDIS qualification
What is PDIS qualification?
The PDIS qualification (Prestataire de Détection d'Incidents de Sécurité - Security Incident Detection Service Provider) is a security visa issued by ANSSI, recognizing an organization's ability to provide high-quality cyber detection services. It applies to entities operating Security Operations Centers (SOCs) for themselves or their customers. Assessment by LSTI Certification ensures that the service provider meets a set of essential requirements covering organization, governance, service quality and staff competence (event and incident management). By validating these criteria, PDIS qualification guarantees clients a continuous, impartial monitoring service that complies with legislative, regulatory and information protection rules.
The challenges of PDIS qualification
LSTI's PDIS-qualified service provider is essential for proactive defense:
- 24/7/365 monitoring: Guaranteed continuous, high-quality incident detection service, ensuring constant vigilance against threats.
- Sharpened technical skills: Assurance that SOC staff have the minimum knowledge and skills required by ANSSI for event analysis.
- Robust governance: Confirmation of solid organization and governance, including impartiality rules, essential for a reliable monitoring service.
- Contractual and regulatory compliance: Evidence of compliance with contractual requirements and legislative frameworks applicable to cyber detection activity.
- Early detection: Optimizing the ability to identify the warning signs of a cyber attack before it causes major damage.
- Quality of Service (QoS): Commitment to documented and verified levels of quality and service, enabling effective management of security alerts.
How does the PDIS qualification process work?
This qualification is aimed at all types of companies that provide security incident detection services on their own behalf or on behalf of their customers.
Certification attests to the service provider's compliance with :
- contractual, legislative and regulatory requirements applicable to this activity, and impartiality
- The minimum levels of knowledge and skills of personnel involved in the detection service (incident, event and notification management)
- information protection rules
- organization and governance rules
- Quality and service level requirements
Qualification is issued by ANSSI on the basis of the assessment report produced by LSTI, for a period of three years, subject to inspection of a surveillance audit 18 months after initial certification or renewal.
Why choose LSTI?
Recognized expertise
With over twenty years' experience, LSTI supports more than 300 organizations in France and Europe as a certification body and benchmark assessment center in the fields of cybersecurity, digital trust and information security.assessment center, working in the fields of cybersecurity, digital trust and information security.
Specialized auditors
Our teams of auditors are made up of experienced professionals who are fully conversant with the ANSSI's cybersecurity standards, information security management practices and European digital trust frameworks.curity standards, information security management practices and European digital trust frameworks. Their approach guarantees assessments that are demanding, balanced and adapted to the operational contexts of each organization.
Independent third party and dedicated support
Authorized by ANSSI, LSTI guarantees impartiality, transparency and consistency throughout the entire cycle: preparation, audits, monitoring and renewals. A dedicated contact ensures continuity and clarity throughout the certification process.