Free resource · Cybersecurity

NIS2 Compliance Gap Analysis

A self-assessment checklist to determine whether your organisation is in scope of the NIS2 Directive (EU) 2022/2555 and which cybersecurity measures you still need to comply. Based on the text of the Directive and its Spanish transposition.

What the NIS2 gap-analysis checklist includes

Applicability test: find out whether you are an essential or important entity based on the 18 sectors and size thresholds in Directive (EU) 2022/2555.
Gap analysis of the Article 21 measures: risk management, incident handling, business continuity, supply-chain security and encryption.
Incident reporting obligations (early warning, notification and final report) and management-body responsibilities.
Prioritised list of gaps cross-referenced to the Directive, ready to inform your roadmap and your conversation with a consultant.

Resource built from official sources: Directive (EU) 2022/2555 (NIS2) and its transposition in Spain. It does not replace legal advice; it is an initial orientation tool.

Back to the NIS2 compliance service

Get the NIS2 checklist

Complete the form and we will send you the self-assessment resource. No commitment.

By submitting this form you accept our privacy policy.