On 10 May 2018, the NIS Directive (Directive on security of network and information systems) was transposed into UK law as the NIS Regulations (The Network and Information Systems Regulations 2018).
What are the compliance requirements?
The NCSC (National Cyber Security Centre) has published 14 high-level principles that OES are expected to implement in their compliance projects. A CAF (cyber assessment framework) has been developed from these principles that will be used during audits of OES to ensure they are meeting all the necessary requirements. OES can also use the CAF to self-asses their current compliance needs.
The NIS Regulations reinforce DSPs’ compliance with the Commission Implementing Regulation, which outlines the steps DSPs must take to comply with the NIS Regulations. Because of DSPs’ cross-border nature, the Commission Implementing Regulation applies to all DSPs across the EU.
Take part in the readiness survey
IT Governance has launched a survey that aims to explore the current compliance awareness and readiness for OES and DSPs that fall within the scope of the NIS Regulations.
This survey will help organisations assess their own general awareness and readiness to meet the NIS Regulations’ requirements and gain a clear picture of the NIS Regulations landscape.
By completing either of these surveys you stand a chance of winning a voucher worth £300 that can be used against any product or service purchased from IT Governance.