WhatsApp

NIS 2 – We will assess your company’s readiness to meet NIS 2 requirements

With us, you will adept your organization to the NIS 2 directive and effectively protect it against cyberattacks

  • infrastructure audit
  • documentation audit
  • recommendations
  • the possibility of implementing the recommendations after the audit

Get in touch with us

Save data icon Your data is secure.
More about data protection

Free consultation Fill out the form and schedule a meeting with our expert.

Infrastructure audit Verification of applied security measures, adopted processes, and prectices.

Recommendations A report listing the identified sources of the problem and recommendations for change.

NIS 2

Presentation of the offer Decision of the cooperation.

Documentation audit Verification of the status of policies and documentation.

Implementation of recommendations after the audit The possibility of implementing recommendations aimed at improving cybersecurity ub the irganization. The scope of work and implementation time depend on the audit results.

Info grafika

Fill aout the form and schedule a meeting with our expert.

Info grafika

Verification of applied security measures, adopted processes, and practices.

Info grafika

A raport listing the identified sources of the problem and recommendations for change.

Info grafika

Decision of the cooperation.

Info grafika

Verification of the status of policies and documentation.

Info grafika

The possibility of implementing recommendations aimed at improving cybersecurity in the organization. The scope of work and implementation time depend on the audit results.

What is the NIS 2 directive?

The NIS 2 Directive is an amendment to the existing European Union law that defines security requirements and the incident reporting process. The new regulation aims to enhance network security.

Learn more

the NIS 2 requirements

1

Development and implementation of an information system security policy and risk assessment methodology.

2

Development and implementation of business continuity plans and emergency policies.

3

Ensuring security in the process of acquiring, developing, and maintaining networks and systems.

4

Ensuring basic cyber hygiene practices.

5

Preparing the organization to collect information about cyber threats and vulnerabilities to incidents.

6

Development and implementation of an incydent management process and other thematic policies.

7

Development and implementation of supply chain security documentation for products, services and processes.

8

Introduction of policies and procedures to evaluate the effectiveness of risk management measures.

9

Introduction of policies and procedures for the use of encryption and cryptography.

10

Continuous monitoring of the security of ICT systems.

Who is NIS 2 applicable to?

The NIS 2 directive applies to operators of key services and important entities
from the public and private sectors, operating in areas such as energy, banking and healthcare.

iconimportant entities
  • Energy
  • Transportation
  • Banking
  • Financial market infrastructure
  • Health care
  • Drinking water
  • Wastewater
  • Digital infrastructure
  • ICT service management
  • Public administration entities
  • Space
iconkey entities
  • Postal and courier services
  • Waste management
  • Production, manufacturing and distribution of chemicals
  • Production, processing and distribution of food
  • Production of:
      1. medical devices
      2. computers, electronic and optical products
      3. computers, electronic and optical products
      4. Manufacturing of machinery and equipment not elsewhere classified
      5. Manufacturing of motor vehicles, trailers, and semi-trailers
      6. Manufacturing of other transport equipment
  • Digital service providers
      1. providers of online trading platforms
      2. providers of internet search engines
      3. providers of social network services
  • scientific research

Obligations resulting from NIS 2

Ikonarisk analysis
Ikonaincident management
Ikonacryptography
and encryption
Ikonahuman resources
security
Ikonabusiness continuity
and crisis management
Ikonasupply chain security
Ikonanetwork
and information systems
security
IkonaBasic cyber hygiena
practices and trainings

What do we offer?

summ-it offers NIS 2 compliance audit, ensuring comprehensive support in the field of IT security. Our team of experts has an extensive experience and expertise to support your organization in meeting all regulatory requirements.
You minimize the risk of cyber threats and increase your resilience to hacking attacks with our services.

Audit elements

info grafika

Verification of applied security measures
The audit includes a comprehensive assessment of the technical protection measures in place, such as firewalls, intrusion detection and prevention systems (IDS/IPS), encryption and identity management. It verifies that current security measures effectively protect against modern cyber threats and meet the standards required by NIS2. Verification also includes the regularity of security updates and their adaptation to changing risks.
Verification of adopted processes and practices
Auditors analyze the extent to which the organization follows established procedures for incident management, access control, security monitoring and employee training. This process includes assessing the compliance of operational processes with NIS2 guidelines, as well as the organization’s ability to respond to incidents in an efficient and timely manner. It also verifies that implemented procedures are regularly tested and updated.
Verifying the status of policies and documentation
This step involves reviewing security policies, incident response plans, risk management strategies and other key documents for their compliance with NIS2 requirements. The assessment includes whether these documents are up-to-date, properly implemented and accessible to employees. It is also important that policies are reviewed regularly to reflect changing threats and regulations.
Verification of infrastructure and systems
The audit includes a detailed analysis of the IT infrastructure, including networks, operating systems, servers and applications for their security features. It also assesses whether the technologies in place are adequate for current NIS2 requirements, and whether the infrastructure is adequately managed and monitored. Identifying vulnerabilities and areas in need of modernization is also an important aspect.

Audit report

info grafika

Identify points where the organization is not compliant with NIS2
The report identifies areas where the organization is not compliant with NIS2 regulations, pointing out gaps in security, processes or documentation. It provides detailed descriptions of the deficiencies and the consequences of not meeting them, allowing for a better understanding of the risks. This allows the organization to focus its corrective actions on the most critical areas.
A list of technical safeguards and procedures needed to be implemented
The report provides detailed recommendations for technical measures, such as implementing new security systems, updating software or introducing additional layers of security. It also provides suggestions for improving incident management procedures so that the organization can better respond to threats. It is also key to identify priorities for implementing the recommendations.
A list of changes to be completed in processes or processes to be implemented
The audit identifies which internal processes need to be modified or completely transformed to be NIS2 compliant. The report provides detailed guidance on changes to existing procedures and recommendations for introducing new processes, such as incident monitoring and reporting. It also verifies that the organization is effectively integrating security policies into daily operations.
List of documentation to be prepared / corrections to documentation
The report identifies documents that need to be prepared, updated or adjusted to meet NIS2 requirements. Auditors recommend creating or updating documentation related to risk management, business continuity plans and incident response plans. It is also important to ensure that the documents are clearly written and available to all employees who are required to comply with them.

Don’t know what solutions you need to implement to meet the above requirements?
Contact us for detailed information.

Contact us

Why summ-it?

Info grafika

Choose security

Certified iso 27001Certified iso 27001

To avoid high fines for non-compliance, it is worth checking now whether your organization meets the directive’s requirements.

Compliance assessment with NIS 2 will help identify gaps or areas in policies and processes that require updating or creating them from scratch. Entities currently encompassed by NIS 1 should also verify their solutions, especially in the area of risk management.

A compliance audit and gap analysis will help develop a comprehensive asrategy to adapt to NIS 2.

Jakub Mazerant
Head of Sales

Get a free quote!

Consult your company’s needs with our experts. Find out about solutions that will help your company improve business processes and ensure data security.