NIS2 - IT audit

NIS2 IT audit. The NIS1 Directive has not mitigated the cyber threat to the EU to the extent necessary. NIS2 will now remedy that.

Home page Digital Trust NIS2

NIS2 - ready for new cybersecurity requirements? 

The NIS2 Directive is the EU's legislation on network and information security. It imposes significantly stricter requirements on both private and public companies - and has a broader scope than ever before. 

From October 2024, you must be able to prove that your company is preventing, detecting and managing cyber threats effectively - and that management is taking responsibility. 

What is NIS2? 

NIS2 (Network and Information Security Directive) is an EU law that aims to strengthen digital security and resilience in critical and important sectors such as energy, health, transport, finance, IT and food. 

The directive expands both the requirements and target group compared to the previous NIS directive. 

Who is covered by NIS2? 

  • Critical infrastructure companies and key industries 
  • IT vendors, data centers and cloud services 
  • Private companies with more than 50 employees or EUR 10 million in turnover 
  • Suppliers to major NIS2 companies (indirect requirements) 

What do companies need to be able to document? 

  • Cybersecurity policy and governance 
  • Risk management and control environment 
  • Incident management and preparedness 
  • Awareness training and access management 
  • Supervision of suppliers and subcontractors 
  • Board and management responsibility and involvement 

Need help complying with NIS2? 

We help you assess your current security level, identify gaps and establish an action plan.

Our advice is tailored to your industry, risk profile and maturity. 

Read more about our consulting services here 

Do you need to prove that you are already NIS2 compliant? 

We prepare auditor's reports (ISAE 3000) based on NIS2 that can be used for customers, partners and authorities. 

Read more about our declarations here 

Tool: Lexoforms 

Lexoforms supports the work with NIS2 by gathering controls, policies and documentation in one place - and ensuring continuous follow-up.

Read more about Lexoforms here 

Frequently asked questions (FAQ) 

When does NIS2 come into effect? 

In Denmark, NIS2 is expected to come into force in October 2024 via national legislation. 

Does NIS2 only apply to large companies? 

No - smaller companies in selected sectors are also affected. And many others are affected indirectly as suppliers. 

Can we use ISO 27001 as a basis? 

Yes - ISO 27001 is a strong starting point for meeting the requirements of NIS2, but the directive also has organizational and documentation requirements. 

 

Contact us - we'll help you reach your goal with NIS2 

Do you need an overview, plan or documentation? We're here to help you every step of the way. 

Contact Simon

Contact Rasmus

We are always ready to meet

Let's have a no-obligation conversation about what you and your business need and what we can offer. Just fill in the fields in the form and we will contact you shortly.

You are also welcome to call us at +45 39 53 50 00 or send an email to

Employees
140

Customers
3900

Revenue
+150 million

Year of establishment
1986

Growth per year
10%