FOUNDED 2025 · INDEPENDENT UK PRACTICE

NIS 2 Field Notes

Practitioner notes from NIS 2 national transposition across IE, NL and DE.

Practitioner notes from supporting NIS 2 readiness across multiple Member States. Each Member State has transposed differently and at a different pace. This paper covers the cross-border patterns: sector tiering, supplier obligations, incident reporting and board accountability.

Download the paper · PDF · 12 pp Related service · Cyber GRC & Regulatory Alignment
02Use this paper when

Scenarios where this paper earns its place on the desk.

  1. 01Operating across multiple EU Member States with different transposition status
  2. 02Building a single NIS 2 control set that works for all jurisdictions
  3. 03Designing the supplier oversight programme under Article 21
  4. 04Preparing for a board attestation under Article 20
03What you'll find inside

Artefacts and templates included with the paper.

  • ARTEFACT
    Sector-tier classifier
  • ARTEFACT
    Article 21 control set
  • ARTEFACT
    Supplier oversight register
  • ARTEFACT
    Board attestation template
04If this is on your desk
RELATED SERVICE

Cyber GRC & Regulatory Alignment

Open service  →
RELATED TOOLKIT

NIS 2 Toolkit

Open toolkit  →
RELATED READING

The Seventy-Two Hour Clock (dispatch)

Open  →
Paul Jolliffe, Founder of InfoSecAI
AUTHOR

Paul Jolliffe

FOUNDER · INFOSECAI · MBA · CISSP · ISO 27001:2022 LA / LI / IA · PRINCE2 Practitioner

Twenty years of senior security leadership across financial services, healthcare, government, telecoms and technology. Independent UK practice founded 2025. Author of the InfoSecAI insights library.

Book a 30-minute working consultation About the practice

Get The Brief: practitioner notes on what is changing.

Weekly. No tracking pixels, no marketing automation. Unsubscribe in one click.