NIS Regulations Gap Analysis
The NIS Regulations Gap Analysis is suitable for both operators of essential services (OES) and digital service providers (DSPs), and will assess your organisation’s current level of compliance against the NIS Regulations’ requirements, in line with the guidance issued:
- For OES, the analysis will be based on the ‘indicators of good practice’ (IGPs) in the Cyber Assessment Framework (CAF) developed by the National Cyber Security Centre (NCSC).
- For DSPs, the analysis will be based on the security requirements outlined in the European Commission’s Implementing Regulation for DSPs, and ENISA’s “Technical Guidelines for the implementation of minimum security measures for Digital Service Providers”.
What your NIS Regulations gap analysis will deliver
A NIS Regulations specialist will interview key managers and individuals within your organisation to assess your current cyber security arrangements, as well as your existing policies and procedures to analyse and pinpoint any areas of non-compliance against the NIS Regulations’ requirements.
Our NIS Regulations gap analysis will provide you with an informed assessment of:
- Gaps in your current cyber security arrangements against the requirements of the NIS Regulations;
- The proposed scope of your NIS Regulations compliance project;
- Internal resource requirements for successfully deploying a compliance project; and
- A potential timeline for achieving compliance
The gap analysis report includes:
- An analysis of the overall state and maturity of your cyber security and resilience arrangements;
- Specific details of the gaps between the requirements of the NIS Regulations and your current cyber security arrangements in accordance with either the CAF (for OES) or ENISA’s guidance (for DSPs;
- An action plan that outlines and indicates the level of internal management effort required to implement and maintain a compliance project;
- Recommendations for compliance solutions, including resource requirements and proposed timelines.
Download the full service description >>
What makes a customised gap analysis more effective?
A gap analysis performed by one of our specialist consultants provides you with a high level of expert analysis and detailed insights that you would not receive by self-assessing against the requirements of the CAF or recommendations by ENISA.
With an in-person gap analysis, you will:
- Have a clear idea of the proposed requirements for achieving compliance;
- Be able to set informed and realistic project expectations based on the specific requirements of your organisation; and
- Obtain detailed and customised information necessary to develop a strong business case for securing the necessary investment required for your compliance project.