NIS2 – Cybersecurity Audit

Service Objectives

• Evaluate your organization’s cybersecurity risk-management models.
  
• Ensure that your organization complies with the requirements in Article 21 of the NIS2 Directive.
  
• Help your organization identify and manage cybersecurity risks.
  
• Improve your organization’s overall level of cybersecurity.

1. Initial assessment: We examine your organization’s current cybersecurity practices and risk-management measures.
   
2. Risk analysis: We carry out a thorough risk analysis of your organization’s communications networks and information systems.
   
3. Audit: We verify that your organization’s controls correspond to the requirements of the NIS2 Directive. Both technical and operational audits are conducted, based on a technical cybersecurity audit foundation.
   
4. Reporting: We produce a detailed report of findings and recommend measures for improvement.
   
5. Follow-up (OPTIONAL): After the audit, we offer consulting services to implement the improvements identified and provide other additional services for enhancing cybersecurity.

Benefits

• Strengthens your organization’s cybersecurity and reduces the risk of security breaches.
  
• Helps you meet regulatory requirements and avoid potential penalty fees.
  
• Develops your organization’s cybersecurity management and documentation now and for the future.

Pricing

The minimum engagement lasts 4 days and may include additional audit components. Pricing depends on the customer’s current security posture, documentation quality, services in use, etc. Final pricing is agreed after an initial planning meeting with the lead consultant, during which the audit scope, current IT environment and the required audit extent are reviewed.

Read more NIS2-audit pricing

The final pricing of the service is determined through a planning meeting, during which the auditing consultant reviews the exact audit scope, the current state of the IT environment, and the required extent of the audit.