NIS Directive

The EU Directive on security of network and information systems (NIS Directive) requires operators of essential services (OES) and digital service providers (DSPs) to implement “appropriate and proportionate technical and organisational measures” to manage the risks posed to the security of the network and information systems they use in their operations. IT Governance can help you implement and maintain a cyber resilience programme to ensure the security and continuity of your systems, based on international standards, in compliance with Article 19 of the Directive.

Starting your NIS compliance journey?

Our expert consultants will help you to assess your compliance needs and outline a clear roadmap for meeting the requirements of the NIS Regulations.

How we can help with your NIS compliance journey

Manage security risk

14 high-level compliance principles (NCSC)

  • Risk management
  • Governance
  • Asset management
  • Supply chain management

How we can help

  • Implement an ISMS aligned with ISO 27001.
  • Incorporate controls from:
    • ISO 27002
    • ISO 27035 (incident response management)
    • ISO 27036 (supply chain security)

Protect against cyber attacks

14 high-level compliance principles (NCSC)

  • Data security
  • Identity and access control
  • System security
  • Resilient networks
  • Service protection policies
  • Staff training

How we can help

Detect cyber security events


14 high-level compliance principles (NCSC)

  • Security monitoring
  • Proactive security event discovery

How we can help

Minimise the impact of incident

14 high-level compliance principles (NCSC)

  • Lessons learnt
  • Response and recovery planning

How we can help

Why use IT Governance for your NIS Regulations compliance needs?

  • Our consultants are all experienced information security/cyber security specialists, possessing detailed knowledge of global frameworks and standards such as ISO 27001, ISO 27035, ISO 22301, ISO 27036, etc.
  • Our unique combination of technical expertise and solid track record in international management system standards means we can deliver a complete solution for NIS Regulations compliance and manage the project from start to finish.
  • We have managed hundreds of projects across all industries, including healthcare, energy, transport, water, defence and aerospace.
  • We deliver practical advice and work according to your budget and organisational needs.
  • We deliver the entire suite of consultancy, training, tests and tools needed for NIS Regulations compliance.
  • Our team of experts can attend your site to support your organisation during an audit by a competent authority. We are also available to conduct mock compliance inspections and audits.

“Having IT Governance on hand to guide our swift adoption of the ISO 27001 standard and provide ongoing expert support has been invaluable. They really understood the needs of a technology enterprise like ours.”

- Paul Green, Wirefast


“I would have no hesitation in recommending IT Governance to others. The main advantage was their flexibility. IT Governance tailored their services, (whether it be training or consultancy) to our specific needs.”

- Paul Berry, Senior Project Manager, Martin Dawes Solutions


“On behalf of myself and colleagues, a sincere thank you for all your input helping us achieve certification to the ISO 27001 standard. Here we are, just 6 months after we started the project and the outcome has been described by the auditor as ‘a delight to audit’. Much of this has been down to the mentoring and coaching style IT Governance has used to steer us to our goal.”

- David Gilbert, Global Business Development Manager, Goal Group of Companies

Our credentials

IT Governance is widely recognised as a leading consultancy by certification bodies such as BSI, NQA, LRQA and DNV.

Speak to a NIS Regulations expert

Please contact our NIS Regulations team for advice and guidance on our products and services.

SAVE 25%