WhatsApp

NIS 2 – We will assess your company’s readiness to meet NIS 2 requirements

With us, you will adept your organization to the NIS 2 directive and effectively protect it against cyberattacks

  • Checkmark infrastructure audit
  • Checkmark documentation audit
  • Checkmark recommendations
  • Checkmark the possibility of implementing the recommendations after the audit
Google icon 4.8 Star Star Star Star Star based on 25 reviews

Get in touch with us



    Save data icon Your data is secure.
    More about data protection

    Free consultation Fill out the form and schedule a meeting with our expert.

    Infrastructure audit Verification of applied security measures, adopted processes, and prectices.

    Recommendations A report listing the identified sources of the problem and recommendations for change.

    NIS 2

    Presentation of the offer Decision of the cooperation.

    Documentation audit Verification of the status of policies and documentation.

    Implementation of recommendations after the audit The possibility of implementing recommendations aimed at improving cybersecurity ub the irganization. The scope of work and implementation time depend on the audit results.

    Info grafika

    Fill aout the form and schedule a meeting with our expert.

    Info grafika

    Verification of applied security measures, adopted processes, and practices.

    Info grafika

    A raport listing the identified sources of the problem and recommendations for change.

    Info grafika

    Decision of the cooperation.

    Info grafika

    Verification of the status of policies and documentation.

    Info grafika

    The possibility of implementing recommendations aimed at improving cybersecurity in the organization. The scope of work and implementation time depend on the audit results.

    What is the NIS 2 directive?

    The NIS 2 Directive is an amendment to the existing European Union law that defines security requirements and the incident reporting process. The new regulation aims to enhance network security.

    Learn more

    the NIS 2 requirements

    1

    Development and implementation of an information system security policy and risk assessment methodology.

    2

    Development and implementation of business continuity plans and emergency policies.

    3

    Ensuring security in the process of acquiring, developing, and maintaining networks and systems.

    4

    Ensuring basic cyber hygiene practices.

    5

    Preparing the organization to collect information about cyber threats and vulnerabilities to incidents.

    6

    Development and implementation of an incydent management process and other thematic policies.

    7

    Development and implementation of supply chain security documentation for products, services and processes.

    8

    Introduction of policies and procedures to evaluate the effectiveness of risk management measures.

    9

    Introduction of policies and procedures for the use of encryption and cryptography.

    10

    Continuous monitoring of the security of ICT systems.

    Who is NIS 2 applicable to?

    The NIS 2 directive applies to operators of key services and important entities
    from the public and private sectors, operating in areas such as energy, banking and healthcare.

    iconimportant entities
    • Energy
    • Transportation
    • Banking
    • Financial market infrastructure
    • Health care
    • Drinking water
    • Wastewater
    • Digital infrastructure
    • ICT service management
    • Public administration entities
    • Space
    iconkey entities
    • Postal and courier services
    • Waste management
    • Production, manufacturing and distribution of chemicals
    • Production, processing and distribution of food
    • Production of:
        1. medical devices
        2. computers, electronic and optical products
        3. computers, electronic and optical products
        4. Manufacturing of machinery and equipment not elsewhere classified
        5. Manufacturing of motor vehicles, trailers, and semi-trailers
        6. Manufacturing of other transport equipment
    • Digital service providers
        1. providers of online trading platforms
        2. providers of internet search engines
        3. providers of social network services
    • scientific research

    Obligations resulting from NIS 2

    Ikonarisk analysis
    Ikonaincident management
    Ikonacryptography
    and encryption
    Ikonahuman resources
    security
    Ikonabusiness continuity
    and crisis management
    Ikonasupply chain security
    Ikonanetwork
    and information systems
    security
    IkonaBasic cyber hygiena
    practices and trainings

    What do we offer?

    summ-it offers NIS 2 compliance audit, ensuring comprehensive support in the field of IT security. Our team of experts has an extensive experience and expertise to support your organization in meeting all regulatory requirements.
    You minimize the risk of cyber threats and increase your resilience to hacking attacks with our services.

    Audit elements

    info grafika

    Verification of applied security measures
    The audit includes a comprehensive assessment of the technical protection measures in place, such as firewalls, intrusion detection and prevention systems (IDS/IPS), encryption and identity management. It verifies that current security measures effectively protect against modern cyber threats and meet the standards required by NIS2. Verification also includes the regularity of security updates and their adaptation to changing risks.
    Verification of adopted processes and practices
    Auditors analyze the extent to which the organization follows established procedures for incident management, access control, security monitoring and employee training. This process includes assessing the compliance of operational processes with NIS2 guidelines, as well as the organization’s ability to respond to incidents in an efficient and timely manner. It also verifies that implemented procedures are regularly tested and updated.
    Verifying the status of policies and documentation
    This step involves reviewing security policies, incident response plans, risk management strategies and other key documents for their compliance with NIS2 requirements. The assessment includes whether these documents are up-to-date, properly implemented and accessible to employees. It is also important that policies are reviewed regularly to reflect changing threats and regulations.
    Verification of infrastructure and systems
    The audit includes a detailed analysis of the IT infrastructure, including networks, operating systems, servers and applications for their security features. It also assesses whether the technologies in place are adequate for current NIS2 requirements, and whether the infrastructure is adequately managed and monitored. Identifying vulnerabilities and areas in need of modernization is also an important aspect.

    Audit report

    info grafika

    Identify points where the organization is not compliant with NIS2
    The report identifies areas where the organization is not compliant with NIS2 regulations, pointing out gaps in security, processes or documentation. It provides detailed descriptions of the deficiencies and the consequences of not meeting them, allowing for a better understanding of the risks. This allows the organization to focus its corrective actions on the most critical areas.
    A list of technical safeguards and procedures needed to be implemented
    The report provides detailed recommendations for technical measures, such as implementing new security systems, updating software or introducing additional layers of security. It also provides suggestions for improving incident management procedures so that the organization can better respond to threats. It is also key to identify priorities for implementing the recommendations.
    A list of changes to be completed in processes or processes to be implemented
    The audit identifies which internal processes need to be modified or completely transformed to be NIS2 compliant. The report provides detailed guidance on changes to existing procedures and recommendations for introducing new processes, such as incident monitoring and reporting. It also verifies that the organization is effectively integrating security policies into daily operations.
    List of documentation to be prepared / corrections to documentation
    The report identifies documents that need to be prepared, updated or adjusted to meet NIS2 requirements. Auditors recommend creating or updating documentation related to risk management, business continuity plans and incident response plans. It is also important to ensure that the documents are clearly written and available to all employees who are required to comply with them.

    Don’t know what solutions you need to implement to meet the above requirements?
    Contact us for detailed information.

    Contact us

    Why summ-it?

    Info grafika

    Choose security

    Certified iso 27001Certified iso 27001

    To avoid high fines for non-compliance, it is worth checking now whether your organization meets the directive’s requirements.

    Compliance assessment with NIS 2 will help identify gaps or areas in policies and processes that require updating or creating them from scratch. Entities currently encompassed by NIS 1 should also verify their solutions, especially in the area of risk management.

    A compliance audit and gap analysis will help develop a comprehensive asrategy to adapt to NIS 2.

    Łukasz Turbański
    COO

    Get a free quote!

    Consult your company’s needs with our experts. Find out about solutions that will help your company improve business processes and ensure data security.