Last Updated on 29. October 2025 by mgm-marketing
The EU’s NIS2 Directive significantly increases cyber and information security requirements. Critical and essential facilities such as insurance companies, energy suppliers, parts of the healthcare sector and other systemically important industries are particularly affected.
Many organisations have already checked whether they fall under the scope of the Directive. But the real challenge begins afterwards: Where does my company stand in terms of implementation – and what gaps do we need to close in order to be compliant?
How does our NIS2 check help to assess the status quickly and accurately?
At the heart of the NIS2 assessment is the NIS2 assessment tool, which provides a 360° view of all relevant NIS2 requirements.
Our NIS2 assessment tool provides a well-founded inventory – flexible, efficient and tailored to your organisation. It consists of two levels:
- Compact questionnaire for a quick overview at management level.
- Detailed catalogue for in-depth analysis of the individual departments.
Your experts use the questions to create a comprehensive self-assessment, which we accompany with clear references and explanatory requirements. This quickly produces a meaningful result, which we present in graphic form. At a glance, you can see which topics are already well covered, where there is an urgent need for action, and which points need to be addressed and when.
What makes our consulting approach special?
We don’t stop at analysis. Together with you, we develop concrete measures to close the identified gaps. Our team combines in-depth expertise in governance, risk and compliance with practical implementation experience.
Whether technical measures, process optimisation or the development of guidelines – we accompany you from the initial assessment to the design and implementation.
The result: sustainable NIS2 compliance and significantly strengthened cyber resilience for your company.
FAQ – Frequently asked questions about NIS2 and our assessment
Which companies are affected by NIS2?
All organisations that are considered essential or important facilities – these include energy suppliers, financial service providers, healthcare and transport, and digital infrastructures.
How long does an NIS2 assessment take?
Depending on the size of the company and the desired level of detail, the time frame ranges from a few days for a management overview to several weeks for an in-depth analysis of specific areas.
What happens after the assessment?
We not only deliver a report, but also work with you to develop prioritised action plans to efficiently implement the compliance requirements.
What added value does our approach offer compared to internal audits?
Our external perspective, coupled with up-to-date expertise in governance and cybersecurity, ensures an objective assessment that can be directly translated into actionable measures.
Act now – talk to us!
Make your company NIS2-fit. Contact us and arrange a no-obligation consultation. Find out how we can strengthen your cyber resilience in the long term and help you avoid risks and damage to your company and your partners/customers.
Here you will find all the information about our services for insurance companies.
