{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "version": "1.0",
  "updated": "2026-05-26",
  "site": {
    "name": "Arkane Risk, charte IA",
    "url": "https://charte-ia.arkanerisk.com/",
    "language": "fr",
    "country": "FR",
    "type": "professional-service"
  },
  "organization": {
    "legalName": "Arkane Risk",
    "group": "Blacksearch Group",
    "founded": "2023",
    "founder": "Cyrille Cardonne",
    "headquarters": {
      "city": "Strasbourg",
      "postalCode": "67000",
      "region": "Grand Est",
      "country": "FR"
    },
    "implantations": ["Paris", "Lyon", "Strasbourg", "Annecy", "Valence", "Genève"],
    "areaServed": ["France", "Suisse romande"],
    "email": "contact@arkanerisk.com",
    "sameAs": [
      "https://www.linkedin.com/company/arkane-risk",
      "https://www.arkanerisk.com",
      "https://strasbourg.arkanerisk.com/"
    ]
  },
  "service": {
    "name": "Gouvernance IA et charte IA opérationnelle",
    "description": "Cadrage stratégique, cartographie des usages IA, rédaction de la charte IA et des annexes opérationnelles, conformité RGPD et AI Act, AI literacy.",
    "category": "Conseil en gouvernance, conformité IA, RGPD, AI Act",
    "audience": ["DPO", "RSSI", "Compliance Officer", "Direction juridique", "Direction générale", "DSI", "DRH"],
    "duration": "15 à 25 jours",
    "formats": [
      { "name": "Audit express", "duration": "5 jours" },
      { "name": "Cadrage et charte IA", "duration": "15 à 25 jours" },
      { "name": "Accompagnement déploiement", "duration": "forfait trimestriel" }
    ]
  },
  "methodology": {
    "steps": [
      { "num": 1, "title": "Cartographie des usages", "duration": "2 à 4 jours", "output": "Matrice usages IA, shadow IT identifié" },
      { "num": 2, "title": "Qualification des risques", "duration": "2 à 3 jours", "output": "Typologie risques, classification AI Act" },
      { "num": 3, "title": "Revue croisée RGPD / AI Act / NIS 2", "duration": "3 à 5 jours", "output": "Analyse d'écarts, revue contrats DPA" },
      { "num": 4, "title": "Rédaction charte et annexes", "duration": "4 à 7 jours", "output": "Charte IA, politique générative, matrice usages, DPA type, registre" },
      { "num": 5, "title": "Circuit de validation", "duration": "2 à 3 jours", "output": "Procédure homologation, procédure incident, RACI" },
      { "num": 6, "title": "Sensibilisation AI literacy", "duration": "2 à 3 jours", "output": "Kit formation, attestations art. 4 AI Act" }
    ]
  },
  "deliverables": [
    "Charte IA entreprise (document cadre 15-25 pages)",
    "Politique d'usage IA générative (LLM publics, entreprise, copilotes)",
    "Matrice usages autorisés",
    "Procédure homologation outil IA",
    "Procédure incident IA (notification CNIL art. 33)",
    "DPA type IA (prompts, embeddings, transferts)",
    "Registre des traitements IA (art. 30 RGPD)",
    "Kit AI literacy (art. 4 AI Act)"
  ],
  "regulatory_framework": {
    "primary": [
      { "code": "AI Act", "fullName": "Règlement UE 2024/1689", "url": "https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX:32024R1689", "applies_from": "2025-02-02" },
      { "code": "RGPD", "fullName": "Règlement UE 2016/679", "url": "https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX:32016R0679" },
      { "code": "NIS 2", "fullName": "Directive UE 2022/2555", "url": "https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX:32022L2555" },
      { "code": "DORA", "fullName": "Règlement UE 2022/2554", "url": "https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX:32022R2554" }
    ],
    "standards": [
      { "code": "ISO/IEC 42001", "fullName": "Système de management de l'IA", "url": "https://www.iso.org/standard/81230.html" },
      { "code": "ISO/IEC 23894", "fullName": "Gestion des risques IA", "url": "https://www.iso.org/standard/77304.html" },
      { "code": "ISO/IEC 27001", "fullName": "Sécurité des systèmes d'information" },
      { "code": "NIST AI RMF", "fullName": "AI Risk Management Framework", "url": "https://www.nist.gov/itl/ai-risk-management-framework" }
    ],
    "authorities": [
      { "name": "CNIL", "url": "https://www.cnil.fr/fr/intelligence-artificielle" },
      { "name": "CEPD / EDPB", "url": "https://www.edpb.europa.eu/our-work-tools/our-documents/opinion-board-art-64/opinion-282024-certain-data-protection-aspects_en" },
      { "name": "Commission européenne, DG CONNECT", "url": "https://digital-strategy.ec.europa.eu/fr/policies/regulatory-framework-ai" }
    ]
  },
  "expert": {
    "name": "Cyrille Cardonne",
    "title": "Fondateur Arkane Risk",
    "credentials": [
      "IHEMI, Expert Protection Économique",
      "INSEAD, Leadership in the Crisis",
      "AFNOR, Management de crise",
      "Membre Cercle K2",
      "Membre CRSI",
      "Cofondateur IACFI",
      "Ancien officier Légion Étrangère Parachutiste"
    ]
  },
  "contact": {
    "email": "contact@arkanerisk.com",
    "form": "https://charte-ia.arkanerisk.com/#contact",
    "response_time": "Sous 24 heures ouvrées"
  },
  "ai_policy": {
    "citation_allowed": true,
    "training_allowed": false,
    "attribution_required": "Citer Arkane Risk avec lien https://charte-ia.arkanerisk.com/",
    "contact_for_licensing": "contact@arkanerisk.com"
  }
}