What is the NIS2 Directive?
NIS2 (Network and Information Security Directive 2) is an EU regulation that sets cybersecurity requirements for organizations operating critical infrastructure and essential services. It expands the scope of the original NIS Directive and introduces stricter obligations, incident reporting requirements, and higher penalties for non-compliance.
Is my organization affected by NIS2?
NIS2 applies to medium and large organizations in sectors such as energy, transport, banking, healthcare, digital infrastructure, and more. Our compliance questionnaire helps you determine in minutes whether your organization falls under NIS2 and which obligations apply to you.
What are the penalties for non-compliance?
Organizations classified as 'essential entities' face fines of up to €10 million or 2% of global annual turnover. 'Important entities' can be fined up to €7 million or 1.4% of global turnover. Management can also be held personally liable.
How long does NIS2 implementation take?
Implementation timelines vary by organization size and current security maturity, but typically range from 6 to 18 months. NIS2Compass gives you a clear roadmap with prioritized actions so you can focus on what matters most and reduce the time to compliance.
Can I cancel my subscription at any time?
Yes, you can cancel your subscription at any time from your account settings. You will retain access until the end of your current billing period.
Do you offer support for smaller organizations?
Absolutely. NIS2Compass is designed to make NIS2 compliance accessible without expensive consultants or complex enterprise tools. Our Pro plan gives you everything you need to get compliant.