Diligent Launches NIS2 Compliance Toolkit

August 2024 by Marc Jacob

Diligent announced the launch of its Network and Information Security Directive (NIS2) Compliance Toolkit, designed to help organizations navigate the complexities of the European Union (EU) NIS2 Directive and bolster their cybersecurity resilience. The toolkit maps cybersecurity risk management obligations mandated by NIS2 against Cyber Risk Management Group’s (CRMG) leading controls library, which is based on international standards and best practices. This helps organizations demonstrate a clear commitment to NIS2 compliance requirements to drive trust with customers, partners, and investors.

Powered by CRMG’s leading controls library, Diligent’s NIS2 Compliance Toolkit aligns mandated NIS2 cybersecurity measures with international standards, and provides tailored content to help organizations implement new boardroom accountability, mandatory cybersecurity measures, and incident reporting requirements. Results are presented in a user-friendly dashboard, enabling boards, executives, and practitioners to easily understand and demonstrate their compliance status.

Key features of the NIS2 Compliance Toolkit include:

• A leading controls library backed by CRMG’s deep cybersecurity expertise, mapped against the cybersecurity risk-management measures and obligations mandated by NIS2 for essential and important entities and their supply chains.

• A summary dashboard that is easy to digest for both internal and external stakeholders, making it simple to assess and demonstrate maturity levels and compliance. The dashboard is updated whenever control testing is conducted, meaning that continual improvement of an IT compliance program has never been easier.

• Integration with Diligent’s applications covering internal controls, enterprise, and third-party risk and compliance, through the Diligent One Platform.

Risk practitioners can also gain access to the Diligent One Platform, the only AI-driven unified solution to centralize GRC and board management activities, giving them a single source of truth for risk management and decision making, and to act decisively when a significant cybersecurity incident takes place.

The NIS2 Directive took effect in January 2023 and requires EU member states to incorporate its measures into national law by October 17, 2024. NIS2 mandates security risk-management measures for applicable organizations and their supply chains to protect network and information systems, aiming to increase collective cybersecurity resilience for 18 critical sectors across the European Union.