ElkazaElkaza

NIS2 / Compliance Readiness

Don't fear the audit. Pragmatic compliance without the paper monster.

Typical timeline: 4-12 weeks 6 Deliverables
Check Compliance Status

Who it's for

  • Companies falling under NIS2 or DORA
  • Suppliers needing to provide security proof
  • Executives wanting to minimize personal liability
  • Organizations preparing for ISO 27001

What you get

  • Clear overview of compliance gaps (Gap Analysis)
  • Fulfillment of legal reporting obligations
  • Reduced liability risk for management
  • Competitive advantage through demonstrable security

What we do

  • Legal & technical gap analysis (with partner lawyers)
  • Creation of risk management policy
  • Setting up incident reporting process
  • Supply chain security assessment
  • Implementation of technical measures (MFA, encryption)

Deliverables

  • Gap Analysis Report & Action Plan
  • ISMS Handbook (Light version for SMBs)
  • Updates to Record of Processing Activities
  • Emergency contact list and reporting forms
  • Training records for employees

Tools & Stack

  • Compliance Manager (Microsoft Purview)
  • ISMS Tools (or structured wikis)
  • Vulnerability Scanners
  • Evidence Collection Repositories

Example outcomes (illustrative)

Based on typical project scenarios.

Manufacturer, affected by NIS2
Before: Uncertainty about what exactly to do
After: Clear plan, 80% of measures technically implemented
Result: Management liability minimized.
Software Supplier for Bank
Before: Customer threatening to cancel due to missing certs
After: Security concept presented, measures proven
Result: Customer satisfied, contract renewed.

Process

1

Check

Gap analysis against standard.

2 weeks
2

Fix

Write policies, harden tech.

4-8 weeks
3

Audit

Internal mock audit.

1-2 weeks

FAQ

Do you provide legal advice?

No. We focus on technical/organizational implementation. We refer partner lawyers for legal aspects.

Do we need ISO 27001?

Not always. Often a lean ISMS or following CIS Controls is enough. We advise pragmatically.

How much internal effort is required?

Compliance requires cooperation. Expect weekly jour fixes during the project phase.

Compliance is not a one-time project, but a process. We build structures that remain maintainable.

Turn from a risk factor into a trusted partner.

Check Compliance Status