NEW: The NIS 2 Risk Management Measures Playbook.
Published in draft on June 4, 2025.
The European Commission has adopted an Implementing Regulation regarding cybersecurity risk management measures. These cybersecurity risk management measures are applicable to essential and important entities. The requirement for each risk management measure (RMM) in the Playbook derive directly from the upcoming Irish National Cybersecurity Bill giving effect to the NIS 2 Directive (EU)2022/2555).
The NIS 2 Risk Management Measures Playbook addresses the following:
- Registration
- Governance – Management board commitment and accountability
- Network and Information Security Policy
- Risk Management Policy
- Continuous improvement - assess effectiveness and improve cybersecurity risk management measures
- Basic Cyber Hygiene Practices and Security Training
- Asset Management
- Human Resources Security
- Access Control
- Environmental and physical security
- Cryptography, Encryption and Authentication
- Supply chain policy
- Security in network and information systems acquisition, development and maintenance
- Incident Handling
- Incident Reporting
- Business Continuity and Crisis Management
.png?width=81&height=37&name=Back%20(Small2).png){kind=small}