NIS2

The application of the NIS2 European directive affects nearly 3000 companies in Hungary.

Phase 1
Risk Assessment and Risk Analysis

As the first steps in preparing for NIS2 compliance, we conduct risk assessment and risk analysis in the examined organization, involving the following areas:

  • management of hardware devices
  • management of software
  • record keeping of processes
  • management of external systems
  • authorization management
  • business continuity
  • information security
  • monitoring
  • network
  • physical security
  • environmental separation
  • developments
  • updates
  • backup
  • artificial intelligence
  • contractual relationships
  • management of workstations
  • server management
  • data protection

Phase 2
GAP Analysis

Following the risk assessment, a GAP analysis is conducted, revealing issues within the company and providing suggestions for managing and reducing identified risks. The GAP analysis is a result intended for executives.

Phase 3
Action Plan

Based on the findings in the GAP analysis, the experts of the audited company need to create an action plan for managing the identified risks. This action plan includes the risk to be addressed, the method of management, the associated cost, the responsible parties, and the completion deadline.

Phase 4
NIS2 Preparedness Audit

After the completion of developments, the organization can optionally undergo a preparedness audit for NIS2, simulating the questions and areas discussed in the NIS2 audit, preparing the organization for a successful NIS2 audit.