Ateliers Firmann

atelier firmann logo

nLPD Assessment & Cybersecurity Maturity Assessment
Strengthening Compliance and Cybersecurity in the Manufacturing Sector

 

 

About Ateliers Firmann: 

Founded in 1906 by Jean Firmann and now led by fourth-generation owner Julien Firmann, Ateliers Firmann SA is a family-owned company based in Epagny (Canton of Fribourg), Switzerland, specializing in metal fabrication. From traditional Swiss cowbells and bells to guardrails, civil protection shelters, road infrastructure equipment, and custom metal plates, the company has preserved its craftsmanship and expertise for more than a century, remaining deeply rooted in the industrial and local communities of French-speaking Switzerland. 

Like many traditional SMEs, Ateliers Firmann SA does not have the in-house resources needed to navigate the growing complexity of new regulatory requirements. With the introduction of the Swiss Federal Act on Data Protection (nLPD), the company partnered with keyIT to assess its compliance, evaluate its cybersecurity maturity, and identify the priority actions required to strengthen its security posture

 

« Our main concern was ensuring compliance with the Swiss nLPD... We didn't know how to approach it, so we decided to seek support from your company.»

Julien Firmann
Director of Ateliers Firmann SA

 

 

The Challenge

Ateliers Firmann SA, a family-owned metal fabrication company with more than a century of history, needed to comply with Switzerland's new Federal Act on Data Protection (nLPD). Without dedicated in-house IT resources, the company turned to keyIT for expert guidance and a structured approach to achieving compliance.

The key challenges included:

  • nLPD Compliance: Limited visibility into the company's level of compliance with the new Swiss data protection requirements.
  • Cybersecurity Maturity: No clear understanding of its overall cybersecurity posture or potential vulnerabilities.
  • Structured Methodology: The need for an experienced partner to conduct a thorough assessment and translate the findings into a clear, prioritized action plan.

 

The solution

Following the assessment, keyIT provided Ateliers Firmann SA with a comprehensive set of deliverables, giving the company a clear understanding of its current compliance and cybersecurity posture, along with a practical roadmap to achieve compliance.

Key deliverables

  • Comprehensive Assessment Report: A detailed overview of the organization's current data protection and cybersecurity posture.
  • Compliance & Cybersecurity Maturity Score: A quantified assessment of the company's nLPD compliance and cybersecurity maturity, providing an objective benchmark.
  • Prioritized Action Plan: A structured roadmap outlining the concrete actions required to meet regulatory requirements and strengthen the organization's security posture.

How keyIT Supported the Project

  • Remediation Support: Expert guidance throughout the implementation of the recommended actions, with tailored follow-up and ongoing support.
  • Centralized Documentation in Dastra: All responses, evidence, and analyses were consolidated within Dastra, ensuring full traceability, governance, and audit readiness.
  • Clear Executive Reporting: Well-structured deliverables that enabled management and key stakeholders to easily understand the findings, priorities, and next steps.

 

The results

Thanks to keyIT's assessment, Ateliers Firmann SA now has a clear and objective view of its nLPD compliance and cybersecurity maturity. This assessment provides the foundation for a structured and prioritized remediation strategy, enabling the company to strengthen both its regulatory compliance and overall security posture.

  • Clear Visibility & Compliance: A quantified nLPD compliance and cybersecurity maturity score, providing an objective benchmark and helping prioritize improvement efforts.
  • Actionable Remediation Roadmap: A structured, prioritized action plan with practical recommendations aligned with Swiss regulatory requirements and recognized cybersecurity frameworks.
  • Reduced Risk Exposure: A clear roadmap to address identified gaps, significantly reducing both cybersecurity and regulatory risks while supporting long-term resilience.

 

Why work with an external expert for your nLPD Assessment?

By partnering with keyIT, Ateliers Firmann SA established the foundations for a sustainable approach to data protection and cybersecurity. The assessment not only provided a clear picture of the company's current compliance and security maturity but also delivered a practical roadmap for continuous improvement.

Implementing the recommended remediation plan will enable the company to meet the requirements of the Swiss nLPD while progressively strengthening its cybersecurity posture.

keyIT continues to support Ateliers Firmann SA throughout this journey by helping implement the identified measures, monitoring compliance over time, and adapting the strategy to evolving regulatory requirements and emerging cyber threats.