Graham Miranda logo
Graham MirandaNetwork
NIS2 · Graham Miranda Network

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling within the directive scope — gap assessment, risk management, supplier oversight, incident-reporting process. Designed for businesses that need to be ready without inventing an entire compliance department.

打开服务 ↗联系
NIS2 readiness · NIS2 Mittelstand · NIS2 BSI · NIS2 directive Germany
NIS2 directive readiness Graham Miranda service overview
IT consulting overview
IT consulting overview
Infrastructure overview
Infrastructure overview
Managed operations dashboard
Managed operations dashboard
概览

本页涵盖的内容

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

  • Scope confirmation: are you actually in NIS2 scope (size + sector)?
  • Gap assessment against NIS2 obligations and BSI guidance
  • Risk management framework appropriate to your size
  • Supplier/supply-chain oversight process
  • Incident-reporting workflow within statutory timeframes
我们如何工作

我们如何工作

透明的合作模式,里程碑清晰。

01

Scope check

First step: confirm whether your business is actually in NIS2 scope. Some businesses worry without basis; others miss obligations.

02

Gap assessment

Written gap report against the obligations: risk management, governance, incident handling, supply chain, awareness.

03

Lift & document

Build out the missing pieces over 8–16 weeks: policies, risk register, supplier oversight, incident playbook, evidence pack.

可期待的成果

可期待的成果

务实、诚实的预期 — 无夸大承诺。

Clear scope

You know whether NIS2 applies to you — without ambiguity.

Defensible posture

Documented framework appropriate to your size.

Practiced incident process

Reporting flow tested at tabletop level.

Supplier oversight

Documented process for third-party risk.

Network depth

相关网络页面

专项页面强化生态系统,并将访客引导至合适的服务。

Graham Miranda company gatewayGerman IT services for modern businessesDigital infrastructure built for clarity and scaleWeb hosting, domains, servers and emaileSIM services and international digital connectivitySEO consulting and search-ready web architecture
FAQ

常见问题

为比较 Graham Miranda 服务的访客提供简明回答。

Are we actually in NIS2 scope?

NIS2 covers essential and important entities above certain size and in specific sectors. We do the scope check first; many German SMEs assume they are in scope but are not — and vice versa.

Is this German NIS2-UmsuCG or EU NIS2 directive?

We work to the German transposition (NIS2-Umsetzungs- und Cybersicherheitsstärkungsgesetz, NIS2UmsuCG). EU NIS2 underpins it. Implementation status is tracked.

Do you certify us?

No — NIS2 is not certification-based in the same way as ISO 27001. We help you build a defensible posture for regulator review.

Is this enough for a regulator?

We aim for a "demonstrably reasonable" posture appropriate to your size. Worst-case audit defence requires legal counsel; we provide the operational layer.

What about NIS2 + DORA?

For financial-sector entities, DORA may apply alongside or instead. We coordinate on overlap; specialised financial-sector compliance partners brought in for DORA-specific work.

How long does readiness take?

Typical: 3-6 months for an SME starting from a baseline IT setup. Compresses where existing ISO/BSI maturity is present.

下一步

NIS2 directive readiness

Pragmatic NIS2 preparation for medium-sized German businesses falling into scope — gap assessment, risk management, supplier oversight and incident-reporting process.

打开服务 ↗Graham Miranda Network