NIS Directive Training

The EU Directive on Security of Network and Information Systems (NIS Directive) requires operators of essential services and digital service providers to implement “appropriate and proportionate technical and organisational measures” to manage the risks posed to the security of the network and information systems they use in their operations.

The Directive calls for “effective, proportionate and dissuasive” penalties for infringements, as does the General Data Protection Regulation, which stipulates fines of up to €20 million or 4% of annual global turnover (whichever is greater) for non-compliance. Some member states have already stated that they intend to implement a similar penalty regime.IT Governance can teach you how to implement and maintain the measures you need to ensure the security and continuity of your systems, in compliance with the new law.

Speak to an expert


How we can help you comply with the NIS Directive

Operators of essential services and digital service providers can demonstrate that they have applied the measures required by the Directive by implementing an organisational cyber resilience programme that combines information security and business continuity best practice.

Article 19 of the Directive states that member states should “encourage the use of European or internationally accepted standards and specifications relevant to the security of network and information systems”.

There are two relevant international standards that we recommend: ISO/IEC 27001:2013, the international standard for an information security management system (ISMS), and ISO 22301:2012, the international standard for a business continuity management system (BCMS).

An integrated management system (IMS) based on these two best-practice standards will protect your networks and information systems from the majority of threats, and help you recover quickly and efficiently if and when an incident occurs.


IT Governance training overview

The IT Governance training programme is built on the foundations of our extensive practical experience designing and implementing management systems based on ISO standards, best practice and regulations.

Our training courses offer a structured learning path from Foundation to Advanced level for all IT practitioners, helping them develop the skills needed to deliver best practice and compliance in organisations of all sizes.

Information security and ISO 27001 training

We are responsible for the world’s first accredited programme of ISO 27001 education and currently offer the largest portfolio of ISO 27001 classroom and Live Online training courses in the world.

Discover our full range of information security and ISO 27001 training courses.

Business continuity management and ISO 22301 training

Our ISO 22301 courses lead attendees through a structured learning pathway that covers all aspects of the Standard.

Get in touch with us to find out more about our business continuity and ISO 22301 training courses.

Incident response management

Learn how to manage and respond to a disruptive incident and take appropriate steps to limit the damage of a potential disruption to network availability and information security on this one-day course.


Why choose IT Governance for your training needs?

  • Train with the creators of the world’s first accredited ISO 27001 education curriculum
  • Work your way up from Foundation level to Advanced by following our ISO 27001 and ISO 22301 certification learning pathway
  • We are the global pioneers of ISO 27001: our team led the world’s first successful certification of an ISO 27001-certificated ISMS
  • Experienced practitioners equip you with the practical knowledge and skills required to plan, implement, maintain, and audit an ISO 27001-compliant ISMS
  • Achieve industry-recognized ISO 17024-certificated qualifications awarded by IBITGQ
  • Take advantage of a wealth of free resources and affordable tools and support once you have completed your training.

Speak to an expert

Please contact our team for advice and guidance on our products and services.