Graham Miranda logo
Graham MirandaNetwork
NIS2 · Graham Miranda Network

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling within the directive scope — gap assessment, risk management, supplier oversight, incident-reporting process. Designed for businesses that need to be ready without inventing an entire compliance department.

Otwórz usługę ↗Kontakt
NIS2 readiness · NIS2 Mittelstand · NIS2 BSI · NIS2 directive Germany
NIS2 directive readiness Graham Miranda service overview
IT consulting overview
IT consulting overview
Infrastructure overview
Infrastructure overview
Managed operations dashboard
Managed operations dashboard
Przegląd

Co obejmuje ta strona

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

  • Scope confirmation: are you actually in NIS2 scope (size + sector)?
  • Gap assessment against NIS2 obligations and BSI guidance
  • Risk management framework appropriate to your size
  • Supplier/supply-chain oversight process
  • Incident-reporting workflow within statutory timeframes
Jak pracujemy

Jak pracujemy

Przejrzysty model współpracy z jasnymi kamieniami milowymi.

01

Scope check

First step: confirm whether your business is actually in NIS2 scope. Some businesses worry without basis; others miss obligations.

02

Gap assessment

Written gap report against the obligations: risk management, governance, incident handling, supply chain, awareness.

03

Lift & document

Build out the missing pieces over 8–16 weeks: policies, risk register, supplier oversight, incident playbook, evidence pack.

Oczekiwane rezultaty

Oczekiwane rezultaty

Praktyczne, uczciwe oczekiwania — bez przesadnych obietnic.

Clear scope

You know whether NIS2 applies to you — without ambiguity.

Defensible posture

Documented framework appropriate to your size.

Practiced incident process

Reporting flow tested at tabletop level.

Supplier oversight

Documented process for third-party risk.

Network depth

Powiązane strony sieci

Strony specjalistyczne wzmacniają ekosystem i kierują do właściwej usługi.

Graham Miranda company gatewayGerman IT services for modern businessesDigital infrastructure built for clarity and scaleWeb hosting, domains, servers and emaileSIM services and international digital connectivitySEO consulting and search-ready web architecture
FAQ

Najczęstsze pytania

Zwięzłe odpowiedzi dla osób porównujących usługi Graham Miranda.

Are we actually in NIS2 scope?

NIS2 covers essential and important entities above certain size and in specific sectors. We do the scope check first; many German SMEs assume they are in scope but are not — and vice versa.

Is this German NIS2-UmsuCG or EU NIS2 directive?

We work to the German transposition (NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz, NIS2UmsuCG). EU NIS2 underpins it. Implementation status is tracked.

Do you certify us?

No — NIS2 is not certification-based in the same way as ISO 27001. We help you build a defensible posture for regulator review.

Is this enough for a regulator?

We aim for a "demonstrably reasonable" posture appropriate to your size. Worst-case audit defence requires legal counsel; we provide the operational layer.

What about NIS2 + DORA?

For financial-sector entities, DORA may apply alongside or instead. We coordinate on overlap; specialised financial-sector compliance partners brought in for DORA-specific work.

How long does readiness take?

Typical: 3-6 months for an SME starting from a baseline IT setup. Compresses where existing ISO/BSI maturity is present.

Następny krok

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

Otwórz usługę ↗Graham Miranda Network