SHADOWCORE_
GOVERNANCE & COMPLIANCE

NIS2
Compliance

Gap analysis, entity classification, and implementation planning for NIS2 obligations across governance, risk management, incident reporting, and supply chain controls.

Engagement snapshot

What a NIS2 engagement includes

Entity classification

Determine whether your organization qualifies as an Essential or Important Entity under NIS2 based on sector, size, and economic role.

  • Essential
  • Important
  • 18 sectors

Gap analysis

Assessment of current controls against NIS2 obligations for risk management, incident handling, business continuity, and supply chain security.

Reporting readiness

Workflows for the 24-hour early warning, 72-hour incident notification, and final report — including evidence trails and decision logs.

  • 24h warning
  • 72h report

Roadmap & accountability

Prioritized implementation plan with owners, evidence requirements, timelines, and management-body briefings for personal-liability obligations.

Capabilities

NIS2 Compliance Services

A practical compliance program built for evidence, accountability, and audit readiness.

NIS2 Gap Analysis

Comprehensive assessment of your current posture against NIS2 requirements with a prioritized remediation roadmap.

Scope & Entity Classification

Determine whether your organization qualifies as an Essential or Important Entity under the directive.

Risk Management Measures

Map current controls against NIS2 obligations for incident handling, business continuity, and supply chain security.

Management Accountability

Prepare leadership for governance duties, approval workflows, evidence trails, and supervisory expectations.

Incident Reporting Readiness

Build the processes required for 24-hour early warnings, 72-hour notifications, and final incident reporting.

Remediation Roadmap

Prioritized implementation plan with owners, evidence requirements, timelines, and audit-ready deliverables.

Interactive Tool

NIS2 Entity Check

Determine if your organization falls under NIS2 as an Essential or Important Entity.

Comparison

NIS1 vs NIS2

Key changes and escalated requirements under the NIS2 directive.

Aspect NIS1 NIS2
Scope OES + DSP (limited sectors) Essential + Important Entities (18 sectors)
Fines Member state defined EUR 10M or 2% worldwide turnover (Essential)
Management Liability No personal liability Personal liability for management bodies
Incident Reporting Undue delay 24h early warning, 72h full report
Supply Chain Not addressed Mandatory supply chain risk management
Enforcement Reactive Proactive audits + on-site inspections

Start your NIS2 roadmap

Free initial consultation. We'll assess your current posture and map a remediation plan.

Contact Us