IT Governance launches NIS Regulations Gap Analysis service


As the NIS Regulations (Network and Information Systems Regulations 2018) are now enforced in the UK, a new gap analysis service is available from IT Governance enabling organisations to assess their cyber security arrangements in conjunction with this landmark law.
The NIS Regulations, derived from the EU’s NIS Directive (Directive on security of network and information systems) into national law, took effect on 10 May 2018. The two groups of organisations within scope are OES (operators of essential services) and DSPs (digital service providers) offering their services within the EU.
For OES, this gap analysis is aligned with the 14 principles and CAF (Cyber Assessment Framework) published by the NCSC (National Cyber Security Centre). These principles strongly align to the requirements of ISO 27001, the international standard for information security, outlining the specifications of a best-practice ISMS (information security management system); IT Governance is regarded as an ISO 27001 pioneer, since its management team led the world’s first ISO 27001 certification project.   
For DSPs, which face a different set of compliance requirements, IT Governance’s gap analysis service follows ENISA’s (European Union Agency for Network and Information Security) recommended minimal security measures for DSPs. This technical guidance also aligns to ISO 27001’s requirements.
Alan Calder, founder and executive chairman of IT Governance, said: “The NIS Regulations require organisations within scope to take appropriate measures to secure their network and information systems; this latest product uses the guidance issued by the NCSC and ENISA as frameworks for assessment. As part of our work with organisations in all industries, we have managed hundreds of projects around the world and can assist with NIS Regulations compliance projects today.”
The gap analysis service will assess an organisation’s cyber security arrangements and provide a clear action plan to improve current levels of compliance with the NIS Regulations. IT Governance also has the expertise to assist organisations with remediation actions to enable them to achieve full compliance with the NIS Regulations.
For more information on the NIS Regulations, visit our website, email or call +44 (0)333 800 7000.
This website uses cookies. View our cookie policy