NCSC’s 14 principles and the CAF
The CAF consists of the following compliance elements:
Managing security risk
- A.1 Governance
- A.2 Risk management
- A.3 Asset management
- A.4 Supply chain
Protecting against cyber attack
- B.1 Service protection policies and procedures
- B.2 Identity and access control
- B.3 Data security
- B.4 System security
- B.5 Resilient networks and systems
- B.6 Staff awareness and training
Detecting cyber security events
- C.1 Security monitoring
- C.2 Anomaly detection
Minimising the impact of cyber security incidents
- D.1 Response and recovery planning
- D.2 Improvements
NIS Regulations Gap Analysis
Start your NIS Regulations compliance programme now.
Contact us for a detailed NIS Regulations Gap Analysis and an outline of the steps you should take next.
Why choose IT Governance?
- All our consultants are all qualified ISO 27001 and cyber security specialists. We are also a CCSC (certified cyber security consultancy) for the NCSC’s audit and review service.
- We are pioneers in the implementation of ISO 27001-conformant ISMSs and have helped more than 600 clients with implementation and certification projects.
- Our unique combination of technical expertise and solid track record in international management system standards means we can deliver a complete solution for NIS Regulations compliance and manage the project from start to finish.
- We have managed hundreds of projects across all industries, including healthcare, energy, transport, water, defence and aerospace.
- We have multi-disciplinary teams that can undertake rigorous penetration testing of your systems and networks, project managers to roll out compliance implementation projects, and executive expertise to brief your board and develop a suitable risk mitigation strategy.
- We deliver practical advice and work according to your budget and organisational needs.
- Our team of experts can attend your site to support your organisation during an audit by a competent authority. We are also available to conduct mock compliance inspections and audits.