CCNet

CCNet

Dec 4, 2023   •  1 min read

Navigating The NIS2 Directive - who determines wether your company falls under its purview?

Navigating the NIS2 Directive: Who determines whether your company falls under its purview?

The NIS2 Directive, with its expansive scope, has far-reaching implications for companies within the EU. But who decides whether your company falls under its purview? Understanding the scope of this directive is essential for navigating the complex landscape of compliance. This article highlights the process and identifies those responsible for making this important decision regarding the directive's scope and applicability to your business.

The decision-making process

The determination of whether a company is affected by the NIS2 Directive lies in the hands of the national supervisory authorities of the EU member states. These authorities are responsible for monitoring and enforcing compliance with the NIS2 Directive, a task that determines a company’s obligations under the law.

Step 1: Self-assessment

Companies must undertake a self-assessment based on NIS2 criteria, focusing on aspects like company size and the importance of their critical infrastructure.

Step 2: Professional advice

For assistance, companies may seek guidance from consultants and legal experts to gain a comprehensive assessment of their position concerning the NIS” Directive.

Step 3: Exchange with the supervisory authority

To gain additional clarity, companies should directly engage with the relevant nation supervisory authority.

Step 4: Formal decision

The national authority, after evaluating the company’s provided information and other pertinent factors, will issue a formal decision regarding the NIS2 Directive’s applicability.

Step 5: Registration and Compliance

Companies falling under the NIS2 Directive are registered accordingly and undergo regular audits to verify compliance.

Conclusion

It is essential that companies act proactively and, if in doubt, contact the relevant authorities or qualified advisors. By seeking early clarification and ensuring compliance, companies can meet all legal requirements and safeguard themselves against potential risks.

NIS2-Compliant RACI Model: Clear Assignment of Cybersecurity Tasks for More Efficiency and Security

NIS2-Compliant RACI Model: Clear Assignment of Cybersecurity Tasks for More Efficiency and Security

The NIS2 Directive has significantly increased the requirements for cybersecurity measures in companies. To meet these requirements, it is essential to define clear responsibilities within the organization. One method that has proven effective in this regard is the RACI Model. It helps assign cybersecurity tasks precisely and ensures that all ...

CCNet

CCNet

Dec 20, 2024   •  2 min read

NIS2-Compliant Security Measures: How an External IT Security Officer Strengthens Your Cybersecurity

NIS2-Compliant Security Measures: How an External IT Security Officer Strengthens Your Cybersecurity

Companies subject to the NIS2 Directive face the challenge of strengthening their IT security measures to meet the growing threats of the digital world. The role of an external IT Security Officer offers a flexible and cost-efficient solution for companies that cannot or do not want to create an internal ...

CCNet

CCNet

Dec 18, 2024   •  3 min read

NIS2-Compliant Risk Management Strategy: How an External Risk Manager Secures Your Company from Cyber Threats

NIS2-Compliant Risk Management Strategy: How an External Risk Manager Secures Your Company from Cyber Threats

The role of an external IT Security Officer offers a flexible and cost-efficient solution for companies that cannot or do not want to create an internal IT security position. But how exactly does an external IT Security Officer contribute to strengthening cybersecurity and help you meet legal requirements? What You ...

CCNet

CCNet

Dec 16, 2024   •  3 min read