Skip to content

The standard for a secure supply chain

According to the NIS2 Directive, essential and important entities must secure their supply chains. The NIS2 Quality Mark is a useful tool in this process. We are here to help you on your way to a secure digital future!

Why NIS2 QM?
Pre-register now
Trusted by 80+ organisations

Secure work environment
Acting consciously reduces risks.

Certification tailored to you
Three levels aligned with your risk.

Support at every step
One-on-one guidance and webinars.

Appropriate certification
Independent audit confirms your compliance.

Show your commitment
Pre-register and use the logo.

Take control of NIS2
Take the first step today.

scroll

Include NIS2 compliance requirements in your supplier contracts

According to the NIS2 Directive, essential and important entities are required to secure their supply chains. By including the NIS2 Quality Mark as a mandatory requirement in procurement terms, this can be arranged quickly and effectively. For your suppliers, it is an achievable and affordable certification. Ideal for NIS2 entities that want to be compliant without placing an excessive burden on their supply chain.

400k

European companies are directly subject to NIS2.

1.8 mln

European companies are indirectly affected by NIS2 (as suppliers).

80+

Affiliated Dutch and European partners for optimal support.

Why a uniform cybersecurity standard?

The NIS2 Directive requires essential and important entities — which we refer to as NIS2 companies — to assess the risks of their direct suppliers or service providers and, if necessary, specify cybersecurity measures. These measures are based on a comprehensive approach that covers all threats and aims to protect network and information systems, as well as their physical environment, from incidents.

The NIS2 Quality Mark: achievable and scalable

The NIS2 Quality Mark is a practical and scalable standard. With a modular system comprising three levels (QM10, QM20, and QM30), companies can implement the appropriate level of security measures tailored to their risk.

QM10 BASIC

For SMEs with a limited risk that supply directly to NIS2-obligated entities.

QM10 (Full version)
QM10 (Short version)

QM20 SUBSTANTIAL

For companies with increased risks due to their role or access to sensitive data, and that supply directly to NIS2-obligated entities.

QM20 (Full version)
QM20 (Short version)

QM30 HIGH

For critical companies in the supply chain that pose a significant risk of disruption in the event of cyber incidents and that supply directly to NIS2-obligated entities.

QM30 (Full version)
QM30 (Short version)

The importance of the NIS2 Quality Mark

Companies that obtain the NIS2 Quality Mark demonstrate compliance with the stricter requirements of the NIS2 Directive. They build greater trust with customers and partners and reduce the risk of digital incidents. Additionally, they can more easily obtain cybersecurity insurance by showing that the proper measures are in place. This clearly signals that these companies take cybersecurity seriously — a strong message in an increasingly demanding digital world.

For companies