NIS2 directive
Consulting & implementation
Clear assessment of your starting position and need for action
Identify gaps and create a foundation for next steps
Translate requirements into measures, roles, and processes
Based in Düsseldorf
Consulting & software from a single source
Dedicated personal contacts
Starting position
The requirements are out there – but internally, clarity, structure, and prioritisation are often lacking.
Many companies are unsure whether and to what extent they are affected.
Requirements are present, but internally there is a lack of time, structure, or clear responsibilities.
It is often unclear which measures are most relevant and should be addressed first.
Requirements are understood, but not translated into robust processes and structures.
Services
Clear entry points instead of a mammoth project – we start with what makes sense for you right now.
We help you assess your starting position and better understand the concrete need for action.
Learn moreWe evaluate your current status, identify gaps, and create a solid foundation for next steps.
Learn moreWe support you in translating requirements into prioritised measures, roles, processes, and structures.
Learn moreTopic areas
No legal commentary – just implementation logic from practice.
Roles and responsibilities
Organisational measures
Policies and requirements
Awareness and internal anchoring
Documentation and traceability
Emergency and reporting processes
Connection to existing security structures
Alignment with ISMS or ISO 27001
Why NICA
We start with a realistic entry point, e.g. an applicability check or gap analysis.
We prioritise measures so that they can actually be implemented within the organisation.
We think not only in terms of policies, but also in terms of operational reality.
Where it makes sense, we can also support structures operationally and digitally.
NIS2 & ISO 27001
Many NIS2 requirements are organisationally compatible – existing ISMS structures can help.
NIS2 and ISO 27001 are not identical, but can be sensibly integrated – duplication of effort can be avoided.
We help make the most of existing structures rather than starting from scratch.
Overlap & compatibility
Companies with an existing ISMS often have a head start – but NIS2-specific requirements such as reporting obligations and governance structures require targeted additions.
If organisational measures, roles, documents, or emergency structures should be digitally available and usable, our software can provide additional support. The consulting engagement is also possible independently of the software.
Collaboration
Initial assessment of your situation, applicability, and internal resources.
Systematic analysis of the current status against NIS2 requirements.
Weigh effort against impact – what is relevant now, what can wait?
Build structures, roles, policies, and processes together.
Initial assessment of your situation, applicability, and internal resources.
Systematic analysis of the current status against NIS2 requirements.
Weigh effort against impact – what is relevant now, what can wait?
Build structures, roles, policies, and processes together.
Target group
Mid-sized companies with a concrete need to implement NIS2
Companies with limited internal IT security resources
Organisations with an existing ISMS that want to properly integrate NIS2
Companies that need to structure policies, roles, and processes
Companies that want to not just document NIS2, but implement it effectively
Do you have more questions? Contact us directly – we respond straightforwardly.
Whether your company is affected by NIS2 depends on factors such as sector, size, and role within the supply chain. This is exactly where an impact assessment helps: we support companies in evaluating their starting point and understanding the actual need for action.
A NIS2 gap analysis evaluates your current situation against relevant requirements. This typically includes organizational measures, roles and responsibilities, policies, processes, documentation, and the integration into existing security structures.
Yes. We support companies not only with initial assessment and analysis, but also with structured implementation. This includes prioritizing measures, improving roles, processes, and policies, and supporting organizational implementation steps.
NIS2 and ISO 27001 are not identical, but they overlap in many organizational and structural requirements. Existing ISMS structures can therefore be a valuable foundation. We help companies assess existing structures and avoid unnecessary duplication of work.
That depends on the scope, your current starting point, and the level of support required. An impact assessment or a clearly defined gap analysis can usually be completed much faster than broader implementation support. Together, we define a pragmatic scope.
The cost depends on the scope, complexity, and your specific needs. We offer both smaller entry services such as impact assessments or gap analyses and broader support for structured implementation.
This consulting is particularly relevant for mid-sized companies and organizations that want to better understand NIS2 requirements, implement them in a structured way, or further develop their existing security and organizational structures.
No. NIS2 consulting can be provided completely independently of our software. If helpful, organizational measures, emergency structures, or documentation can additionally be supported digitally, but the consulting itself does not depend on that.
The process usually starts with a non-binding conversation. We discuss your current situation, the perceived need for action, and the goal of the collaboration. Based on that, we define together whether an impact assessment, a gap analysis, or implementation support is the most sensible next step.
Contact
Please feel free to contact us with any questions or requests. We will get back to you as soon as possible.
In a no-obligation initial call we will clarify together where you currently stand and whether an applicability check, a gap analysis, or implementation support is the right next step.