Your company will be covered by the obligations under the Directive on measures for a high common level of cyber security within the Union, the so-called NIS Directive 2?
Wondering how to check what you need to do and how to get started?
- Our CyberClue team will be happy to help you!
- We will carry out a zero audit
- We will jointly prepare an implementation plan and timetable with the required resources
- We will support the implementation of the necessary process-procedural, technical-technological and educational elements
Zero audit
For whom?
Companies and organisations that have information security documentation and processes in place at least partially. However, they require updates that take into account the objectives of the NIS Directive 2.
Companies that already have some technical safeguards in place that need to be structured (configurations, analytics, reporting) to meet security monitoring, information assurance and incident handling and reporting requirements
Audit Objective:
Identify the level of compliance of existing documents, processes and technical safeguards with the requirements of the Directive. Identification of elements to be updated, supplemented or modified, together with a description of how the above aspects can be addressed.
Scope and method of implementation:
- Workshops with the client, where we review the client’s existing situation, processes and infrastructure, as well as existing safeguards
- Interviews with employees
- Site visit
- Analysis of existing documentation
- Preparation of an assessment of compliance with the NIS 2 Directive: identification of non-conformities with recommendations for the implementation of appropriate measures
- Follow-up meeting with presentation of audit results, discussion of recommendations and possible solutions
NIS 2 pre-implementation workshop
For whom?
Companies and organisations that have not previously developed information security documentation and processes, processes and procedures related to risk estimation and handling, business continuity plans, incident handling, among others. They do not have an SOC (Security Operation Centre) or a structured form of security monitoring.
Workshop objective:
Development of an implementation plan for NIS 2 at the client’s site, with timelines and implementation models.
Scope and method of implementation:
- Workshops with the client, where we review the client’s existing situation, processes and infrastructure, as well as existing safeguards
- Analysis of the existing Information Systems Security Policy (if any)
- Preparation of an implementation plan for the NIS 2 Directive: outlining the next steps and elements to be prepared with a proposal for staging the activities over time (timetable)
- Follow-up meeting with presentation of the plan and discussion of the timetable and possible implementation models
Individual consultations
For whom?
Companies and organisations that are after a pre-audit or have a framework plan for the implementation of NIS 2 in place and only want to consult in selected areas, e.g. dynamic risk analysis, supply chain risk management or incident handling and reporting processes, etc., will be consulted.
Form of consultation
The standard is a package of 10 hours to be used over the next 3 months. The duration of one consultation is tailored to the breadth of the topic under discussion. A consultation can last for 1h or take the form of a full-day workshop.
Support in the implementation of NIS 2 requirements
At CyberClue, we have domain experts to help implement the various elements of the Directive’s requirements. From process and procedural, training, audits to technical and technological solutions.
Scope of support
The extent of support depends on the needs of the client and the areas requiring support.
Do you need more information? Would you like to get a quote?
Write to us! info@cyberclue.tech