NIS2

NIS2 Compliance audits

NIS2 Quality Mark has 3 levels: QM10, QM20 and QM30

The NIS2 directive designates key companies, known as NIS2 companies, as jointly responsible for the cybersecurity of their supply chain. Consequently, NIS2 companies will require their direct suppliers, primarily SMEs, to implement the necessary security measures.

The NIS2 Quality Mark enables suppliers to take the necessary security measures appropriate to the importance and size of their organization. Through the modular system of standards, which includes three levels (QM10, QM20, and QM30), companies can easily choose the right set of measures that is suitable for their specific situation.

NIS2-QM10
Basic
  • Organisational control measures
  • People-oriented management measures
  • Physical management measures
  • Technological management measures
NIS2-QM20
Substantial
  • Organisational control measures
  • People-oriented management measures
  • Physical management measures
  • Technological management measures
  • OT management measures
  • IT management measures
NIS2-QM30
High
  • Organisational control measure
  • People-oriented management measures
  • Physical management measures
  • Technological management measures
  • OT management measures
  • IT management measures

Five steps to NIS2 QM certification

1.

Risk
inventory

2.

Measurements

3.

Internal pre-audit

4.

External audit

5.

Official NIS2-QM
certificate

Scroll naar boven