The NIS Regulations (Network and Information Systems Regulations 2018) apply to organisations that provide services essential to society. These organisations are broken into two groups: OES (operators of essential services) and DSPs (digital service providers).
This means that organisations offering such essential services must be prepared to effectively respond to and recover from disruptive incidents such as cyber attacks, ensuring that their service is available in all but the most severe circumstances.
Essential guides to get you started
Reflecting the different compliance requirements under the NIS Regulations for OES and DSPs, we are launching two pocket guides to help you better understand exactly which organisations are within scope, what the key requirements are and how you can meet them.
Understanding and implementing the NIS Regulations’ requirements is a comprehensive process, so it’s important to start preparations now.
An essential resource for any OES looking for an introduction to the NIS Regulations and a concise overview of the requirements that they must meet. This pocket guide also looks into the NCSC’s (National Cyber Security Centre) 14 principles and CAF (Cyber Assessment Framework).
A must-have resource for any DSP looking for an introduction to the NIS Regulations and the key requirements they must meet. It also details which DSPs are within scope and explains how the security objectives from ENISA’s Technical Guidelines and international standards can help achieve compliance.
Need help with your documentation?
If you are looking for help with creating your NIS Regulations documentation, take a look at this blog. Alternatively, take a free trial of our NIS Regulations Documentation Toolkit, a comprehensive set of policies, procedures and project tools to help you achieve full compliance.