Free assessment
NIS2 readiness in 5 minutes.
15 questions across governance, incident handling, supply-chain and technical measures. Get a 0-100 score, maturity level, and a personalized PDF roadmap.
Question 1/15
Governance & Risk Management
Does your organization have a board-approved, written cybersecurity policy reviewed at least once a year?
0/15 answered
About the NIS2 Directive
The EU NIS2 Directive (effective from October 2024) raises the cybersecurity bar for medium and large organizations across 18 sectors — energy, transport, banking, health, water, digital infrastructure, public administration, and more. Article 21 lists ten mandatory risk-management measures. Article 23 sets the incident-reporting clock (24h / 72h / 1 month). Sanctions reach €10M or 2% of global turnover for essential entities, with potential personal liability for management.