Skip to content
NIS2 självskattning · 5 minuter · gratis · ingen inloggning

Var står ni i NIS2?

Bedöm er organisation över de 12 NIS2-säkerhetsdomänerna. Få en PDF med paragrafhänvisningar och en personlig 90-dagars åtgärdsplan direkt i inkorgen.

Steg 1 av 3

Välj sektor

Sektorn avgör vilken tillsynsmyndighet som granskar er och vilka åtgärder som prioriteras i rapporten.

Steg 2 av 3

12 säkerhetsdomäner

Skatta varje domän på en skala 1-5 där 1 = inte implementerat och 5 = optimerat och kontinuerligt förbättrat. Frågorna speglar NIS2 Artikel 21.

Skala
  • 1Inte implementerat
  • 2Ad hoc / informellt
  • 3Dokumenterat men inkonsekvent
  • 4Implementerat och underhållet
  • 5Optimerat och kontinuerligt förbättrat
  1. 01
    Art 21(2)(a)
    Risk analysis & security policies
    Does your organisation have formal, documented risk analysis and information security policies that are reviewed at least annually?
  2. 02
    Art 21(2)(b)
    Incident handling
    Do you have documented incident detection, response, and recovery procedures that are tested at least annually?
  3. 03
    Art 21(2)(c)
    Business continuity & disaster recovery
    Do you have business continuity and disaster recovery plans that are tested and maintained?
  4. 04
    Art 21(2)(d)
    Supply chain security
    Do you assess and manage cybersecurity risks from direct suppliers and service providers?
  5. 05
    Art 21(2)(e)
    Secure acquisition & development
    Do you have security requirements for acquiring, developing, and maintaining network and information systems?
  6. 06
    Art 21(2)(f)
    Effectiveness assessment
    Do you regularly assess the effectiveness of your cybersecurity measures through audits or penetration testing?
  7. 07
    Art 21(2)(g)
    Cyber hygiene & training
    Do all staff receive cybersecurity awareness training, with role-specific training for administrators and management?
  8. 08
    Art 21(2)(h)
    Cryptography
    Do you have policies on the use of cryptography and encryption for data at rest and in transit?
  9. 09
    Art 21(2)(i)
    Access control & asset management
    Do you maintain a complete asset inventory and enforce role-based access control with regular reviews?
  10. 10
    Art 21(2)(j)
    MFA & secured communications
    Is multi-factor authentication enforced for all remote access and administrative functions?
  11. 11
    Network segmentation
    Network segmentation
    Is your network segmented to isolate critical systems, with firewall rules reviewed regularly?
  12. 12
    Regulatory reporting
    Regulatory reporting readiness
    Do you have a process to report significant incidents to your national CSIRT within the required 24h/72h/30d timeline?
Steg 3 av 3

Ta emot er rapport

Vi mejlar er PDF-rapport med paragrafhänvisningar och en 90-dagars åtgärdsplan. Ingen avregistreringskö, inga säljmejl.

Er totalpoäng
av 60
Er mognadsnivå