Content library
NIS2

Requirements included in the framework

Policy
Linked frameworks
Framework
Tasks
Top management commitment
20.1
NIS2 Directive
6
Top management monitoring for training
20.2
NIS2 Directive
3
Risk management and information system security
21.2.a
NIS2 Directive
7
Incident management
21.2.b (incidents)
NIS2 Directive
6
Logging and detection
21.2.b (logs)
NIS2 Directive
8
Business continuity and backups
21.2.c
NIS2 Directive
6
Supply chain security
21.2.d
NIS2 Directive
8
Secure system acquisition and development
21.2.e
NIS2 Directive
11
Assessing effectiveness of security measures
21.2.f
NIS2 Directive
7
Cyber hygiene practices and training
21.2.g
NIS2 Directive
7
Encryption
21.2.h
NIS2 Directive
8
Human resource security
21.2.i (HR)
NIS2 Directive
3
Access control
21.2.i (access)
NIS2 Directive
9
Asset management
21.2.i (assets)
NIS2 Directive
7
Multi-factor authentication (MFA)
21.2.j
NIS2 Directive
6
Defining and monitoring required supply chain security measures
21.3
NIS2 Directive
2
Non-conformities and corrective actions
21.4
NIS2 Directive
2
Incident notifications to CSIRT and recipients of services
23.1
NIS2 Directive
3
Threat notifications to recipients of services
23.2
NIS2 Directive
1