nisd2.eu

We walk you through NIS2. Point by point.

You know NIS2 applies to you and you would rather not carry the implementation alone. We sit down with you for 30 minutes once a week and work through the requirements in order. The platform stays free and open source, the guidance is optional.

Made in Cologne. Hosted in Germany.

Already know the steps and want to start on your own? Here is the roadmap.

How the guidance works

Weekly call, 30 minutes

One fixed slot a week. No project month, no endless alignment loops. We take the next item on your roadmap and get it done together.

We lead, your IT lead implements

Your personal effort as managing director is about three hours a year, then approval and oversight under Article 20 NIS 2 (in Germany § 38 BSIG) is done. Four obligations under Article 21 are fixed, the rest scales with your risk and is proportional. The operational part, the asset inventory, risk register, suppliers and the ten measures, is handled by your team.

You keep everything. No lock-in.

Your data, the audit trail and the evidence are yours. The platform is open source. If you want to continue without us, export everything and take it with you.

What each is for

We do not run anyone else down. Each option has its place. Here is the honest read so you know whether we fit you.

Consultants

A consultant does the work for you and takes real accountability. Worth it if you have the budget and no one in-house to own NIS2 long term. The knowledge does leave with the consultant, though.

Full-service GRC platform

Full-service GRC platforms cover many frameworks at once and are built for large organizations with their own GRC team. Strong if that is exactly what you need and the budget is there.

International platform

International platforms are polished and fast for common certifications. Strong if you certify internationally and English as the primary language fits.

nisd2.eu

nisd2.eu is free and open source, EU-hosted. One standard, done to depth. Everything exportable, no lock-in. What we do not do: no full-service hand-holding, no phone support walking you through it step by step. You need someone in-house who owns NIS2. That is exactly who this is built for.

What we work through with you

The obligations from Article 21 NIS2

Every duty broken into structured forms with clear instructions. No compliance background needed: you answer the questions, we do the mapping.

Evidence and audit trail

Documents, sign-offs and a tamper-evident audit trail build themselves from your work. Everything timestamped, ready for the audit.

Deadlines and reporting

Registration, the incident reporting cascade under Article 23 (24 hours, 72 hours, one month) and training renewals. Every deadline tracked, nothing slips.

Registration with the authority

Guided preparation for registration under Article 27, with all required documents and a pre-flight checklist.

Common questions

Book a free intro call

Prefer to write directly? contact@nisd2.eu

Sources and transparency: NIS2 Directive (EU) 2022/2555, BSIG, CIR 2024/2690, ENISA Technical Implementation Guidance. Open source, hosted in Germany, GDPR-compliant. This page is structured guidance and is not legal advice. Operational implementation is handled by your IT lead or CISO.