The NIS2 compliance checklist

The NIS2 Directive enhances cybersecurity and resilience and introduces updated measures to address emerging risks and strengthen the security of essential and important entities.

Preliminary steps for NIS2 compliance

Understand the NIS2 directive

☐ Assess whether your organization qualifies as an Essential or Important Entity under Article 2. 
• Essential Entities: Healthcare, Energy, Transportation, and other critical infrastructure sectors. 
• Important Entities: Digital Services, Manufacturing, and additional critical sectors.
☐ Review and modify internal policies (Article 18) to ensure existing security policies and business processes align with requirements.

Conduct a gap analysis

☐ Administer a gap analysis to evaluate current organizational cybersecurity policies, technologies, processes and measures against Article 21 requirements. 
☐ Modify workflows to include necessary security controls. 
☐ Update supply chain security practices to ensure your supply chain meets requirements and aligns with Article 19 of the NIS2 directive.