Graham Miranda logo
Graham MirandaNetwork
NIS2 · Graham Miranda Network

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling within the directive scope — gap assessment, risk management, supplier oversight, incident-reporting process. Designed for businesses that need to be ready without inventing an entire compliance department.

Открыть сервис ↗Контакт
NIS2 readiness · NIS2 Mittelstand · NIS2 BSI · NIS2 directive Germany
NIS2 directive readiness Graham Miranda service overview
IT consulting overview
IT consulting overview
Infrastructure overview
Infrastructure overview
Managed operations dashboard
Managed operations dashboard
Обзор

Что охватывает эта страница

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

  • Scope confirmation: are you actually in NIS2 scope (size + sector)?
  • Gap assessment against NIS2 obligations and BSI guidance
  • Risk management framework appropriate to your size
  • Supplier/supply-chain oversight process
  • Incident-reporting workflow within statutory timeframes
Как мы работаем

Как мы работаем

Прозрачная модель сотрудничества с чёткими этапами.

01

Scope check

First step: confirm whether your business is actually in NIS2 scope. Some businesses worry without basis; others miss obligations.

02

Gap assessment

Written gap report against the obligations: risk management, governance, incident handling, supply chain, awareness.

03

Lift & document

Build out the missing pieces over 8–16 weeks: policies, risk register, supplier oversight, incident playbook, evidence pack.

Ожидаемые результаты

Ожидаемые результаты

Практичные, честные ожидания — без преувеличений.

Clear scope

You know whether NIS2 applies to you — without ambiguity.

Defensible posture

Documented framework appropriate to your size.

Practiced incident process

Reporting flow tested at tabletop level.

Supplier oversight

Documented process for third-party risk.

Network depth

Связанные страницы сети

Специализированные страницы укрепляют экосистему и направляют к нужной услуге.

Graham Miranda company gatewayGerman IT services for modern businessesDigital infrastructure built for clarity and scaleWeb hosting, domains, servers and emaileSIM services and international digital connectivitySEO consulting and search-ready web architecture
FAQ

Частые вопросы

Краткие ответы для посетителей, сравнивающих услуги Graham Miranda.

Are we actually in NIS2 scope?

NIS2 covers essential and important entities above certain size and in specific sectors. We do the scope check first; many German SMEs assume they are in scope but are not — and vice versa.

Is this German NIS2-UmsuCG or EU NIS2 directive?

We work to the German transposition (NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz, NIS2UmsuCG). EU NIS2 underpins it. Implementation status is tracked.

Do you certify us?

No — NIS2 is not certification-based in the same way as ISO 27001. We help you build a defensible posture for regulator review.

Is this enough for a regulator?

We aim for a "demonstrably reasonable" posture appropriate to your size. Worst-case audit defence requires legal counsel; we provide the operational layer.

What about NIS2 + DORA?

For financial-sector entities, DORA may apply alongside or instead. We coordinate on overlap; specialised financial-sector compliance partners brought in for DORA-specific work.

How long does readiness take?

Typical: 3-6 months for an SME starting from a baseline IT setup. Compresses where existing ISO/BSI maturity is present.

Следующий шаг

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

Открыть сервис ↗Graham Miranda Network