You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
David LarboniDL

David Larboni

Supermalter

RSSI, ISO 27001 LI, NIS2, GRC, HDS

€750/day
6 projects
Paris, FR
15+ years

Average response time: A few days

Freelancer profile translated to English.
Back to original language

About David

I have practical and proven experience in the following two areas:

- ISO/IEC 27001:2022 -> I have led the complete implementation of ISO/IEC 27001:2022 for six clients, with a 100% certification success rate.

- Transitional RSSI -> Experienced, intervening rapidly to secure organizations, stabilize their security posture, foster compliance, and enable business resilience.

Ready for NIS2 -> Combining proven ISO/IEC 27001 expertise with up-to-date NIS2 readiness, I provide strategic guidance for regulatory alignment and cyber-resilience.
  • English

    Native or bilingual

  • German

    Fluent

Can work on-site
Paris (up to 20km), Marseille (up to 10km), Lyon (up to 10km)

Experience

  • KOESIO
    ISO 27001 Lead Implementer
    SOFTWARE PUBLISHING
    September 2025 - June 2026 (9 months)
    Valence, France
    Assisted in the ISO/IEC 27001:2022 certification of two entities within the KOESIO Group: Certifications obtained in April 2026 by one and July 2026 by the other.

    One entity is a publisher/operator of a document digitalization solution (PDF): indexing, electronic signature, safe, multichannel sending, tracking, and archiving — with strong requirements for availability, data security, and traceability, in order to be eligible for PDP (Partner Dematerialization Platform).

    Objective achieved: an ISMS implemented in 8 months, auditable and operational.

    Another entity, whose project directly linked ISO 27001 / ISO27002 requirements with very concrete operational challenges: availability, monitoring, support, incident management, preventive maintenance, backups, reporting, and adherence to service commitments.

    The goal was not only to produce a compliant ISMS but to make existing practices auditable, controllable, and consistent with customer expectations.
    ISMS ISO 27001 Governance, Risk & Compliance (GRC) Top Management Audit
  • RYDGE CONSEIL
    ISO27001 Lead Implementer
    CONSULTING AND AUDITS
    June 2025 - February 2026 (8 months)
    Courbevoie, France
    Assisted in the ISO/IEC 27001:2022 certification -> Certification obtained in February 2026 by RYDGE upon completion of the mission.

    Project scope: 150 people, 3 sites, Directorate of Information Systems and Innovation (DS2i), Digital Directorate (Rydge Platform).
    • Assisted in identifying the certification scope and prepared/led the project kickoff.
    • Created the non-existent documentation corpus (policies, procedures, and control points) to establish the ISMS and ensure its continued compliance (35 documents created).
    • Supported operational teams (IT, business) in aligning processes to meet the requirements of ISO/IEC 27001:2022.
    • Conducted a mock audit based on the ISO/IEC 27001:2022 compliance framework to verify adherence to requirements and prepare for certification (3 audit days).
    • Monitored and resolved outstanding non-conformities with the help of operational teams (98 actions taken), and led a project committee to track ISMS actions.
    • Planned and supported all interviews during the internal audit and certification audit with the external auditor and operational teams (12 audit days).
    ISO 27001 Lead Implementer ISMS EBIOS RM Project Management Stakeholder Engagement
  • CHU Reims
    ISO27001 Implementer
    MEDICAL
    April 2024 - June 2025 (1 year and 1 month)
    Reims, France
    Assisted in ISO/IEC 27001:2022 & HDS v2 2024 (Health Data Hosting) certification -> Certifications obtained by the CHU de Reims upon completion of the mission.
    • Project scope: 150 people, 4 sites, Electronic Patient Record (EPR), Centre 15, Digital Services Directorate (DSD).
    • Updated all policies, procedures, and control points to ensure continued ISMS compliance (40 documents reviewed).
    • Supported operational teams (IT, business) in aligning processes to meet the requirements of ISO/IEC 27001:2022 & HDS v2 2024.
    • Conducted a mock audit based on the ISO/IEC 27001:2022 & HDS v2 2024 compliance framework to verify adherence to requirements and prepare for certification (5 audit days).
    • Monitored and resolved outstanding non-conformities with the help of operational teams (74 actions taken).
    • Planned and supported all interviews during the internal audit and certification audit with the external auditor and operational teams (10 audit days).
    ISO 27001 Lead Implementer ISMS Project Management Leadership Stakeholder Engagement

Reviews

5.0

Out of 5 ratings

G

Gregory

Préparation audit Interne ISO 27001 - BASOM CONSULTING

Several months project

-

Reviewed on 4/7/2026

We worked with David Larboni to finalize our ISO 27001 documentation and prepare for our audit. He demonstrated a good command of the certification process and provided useful advice throughout the mission. His approach is pragmatic and focused on concrete progress. We also appreciated his ability to adapt to the size and functioning of our organization, which facilitated collaboration. An effective intervention that we recommend for similar projects.
W

William

CENTRE HOSPITALIER UNIVERSITAIRE DE REIMS

Reviewed on 6/25/2025

We had the pleasure of working with David for over a year as part of our ISO 27001 and Health Data Host certification process. His support was crucial to the success of our project, which has just concluded with a very positive certification audit. David demonstrates great professionalism, remarkable pedagogical skills, and knows how to share his knowledge with clarity and patience. His ability to remain calm and composed, even under high pressure, greatly facilitated our collaboration. I recommend David to any organization seeking a competent and reliable expert to support them in their information system security projects.

Recommendations

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Master in Management
    ESCP Europe
    1997

Certifications

Skill set

Categories