Will your company be covered by the obligations under the Directive on measures for a high common level of cybersecurity across the Union, the so-called NIS 2 Directive?
Wondering how to check what you need to do and how to get started?
- Our CyberClue team will be happy to help you!
- We will carry out an opening audit
- We will jointly prepare an implementation plan and timetable with the required resources
- We will support the implementation of the necessary processes, procedures, technical, technological and educational elements
Opening audit
For whom?
Companies and organisations that have information security documentation and processes in place at least partially. However, they require updates that take into account the objectives of the NIS 2 Directive.
Companies that already have some technical safeguards in place that need to be structured (configurations, analytics, reporting) to meet security monitoring, information safety and incident handling and reporting requirements
Audit Objective:
Identify the compliance level of existing documents, processes and technical means with the requirements of the Directive. Identification of elements to be updated, added or modified, together with a description of how the above aspects can be addressed.
Scope and method of implementation:
- Workshops with the client, where we review the client’s existing situation, processes and infrastructure, as well as existing safeguards
- Interviews with employees
- Analysis of existing documentation
- Preparation of an assessment of compliance with the NIS 2 Directive: identification of non-conformities with recommendations for the implementation of appropriate measures
- Follow-up meeting with presentation of audit results, discussion of recommendations and possible solutions
NIS 2 pre-implementation workshop
For whom?
Companies and organisations that have not previously developed information security documentation and processes (ISMS), a.o. risk analysis, business continuity plans, incident handling procedures. Do not have an SOC (Security Operation Centre) or another structured form of security monitoring.
Workshop objective:
Development of an implementation plan for NIS 2 at the client’s site, with timelines and implementation models.
Scope and method of implementation:
- Workshops with the client, where we review the client’s existing situation, processes and infrastructure, as well as existing safeguards
- Analysis of the existing Information Security Management System (if any)
- Preparation of an implementation plan for the NIS 2 Directive: outlining the next steps and elements to be prepared with a proposal for staging the activities over time (timeline)
- Follow-up meeting with presentation of the plan and discussion of the proposed schedule and possible implementation models
Tailor-made consulting
For whom?
Companies and organisations that are after a pre-audit or have a framework plan for the implementation of NIS 2 in place and only want to consult some selected areas, e.g. dynamic risk analysis, supply chain risk management or incident handling and reporting processes.
Form of consultation
The standard is a package of 10 hours to be used over the next 3 months. The duration of one consultation is tailored to the breadth of the topic under discussion. A consultation can last for 1h or take the form of a full-day workshop.
Support in the implementation of NIS 2 requirements
At CyberClue, we have domain experts to help implement the various elements of the Directive’s requirements. From processes and procedures, trainings, audits to technical and technological solutions.
Scope of support
The extent of support depends on the needs of the client and the areas requiring support.
Do you need more information? Would you like to get a quote?
Write to us! info@cyberclue.tech