What is the NIS regulations gap analysis?
Conducted by cyber security experts, the NIS Regulations gap analysis will highlight shortcomings in your overall security programme, helping you to prioritise objectives and establish a roadmap for achieving full compliance with the NIS Regulations.
This gap analysis service will enable you to establish your current level of compliance against the requirements of the NIS Regulations.
- For operators of essential services (OES), the analysis will be based on the Cyber Assessment Framework (CAF) developed by the National Cyber Security Centre (NCSC).
- For digital service providers (DSPs), the analysis will be based on the requirements of the Commission Implementing Regulation for DSPs and ENISA’s “Technical Guidelines for the implementation of minimum security measures for Digital Service Providers”.
Find out more about the NIS Regulations gap analysis service
An overview of the NIS Regulations gap analysis
What you can expect from a NIS Regulations gap analysis
A specialist cyber security consultant will work with you to interview key individuals in the organisation, assess your current cyber security arrangements and review your existing policies and procedures for relevancy, effectiveness and efficiency to determine any potential red flag areas that may indicate non-compliance with the NIS Regulations.
You will then receive a detailed gap analysis report that collates the findings of this assessment.
What will the NIS Regulations gap analysis report include?
- An analysis of the overall state and maturity of your cyber security and resilience arrangements;
- Specific details of the gaps between your current cyber arrangements and the requirements of the NIS Regulations, in accordance with either the CAF (for OES) or ENISA’s guidance (for DSPs);
- An action plan that outlines and indicates the level of internal management effort required to implement and maintain a cyber resilience programme in line with the NIS Regulations;
- A compliance status report against the individual elements of the requirements; and
- Recommendations for solutions, including resource requirements and proposed timelines.
Download the NIS regulations Gap analysis service description