127 indexed
COMPLIANCECompliance controls
127 controls across 14 compliance frameworks, grouped by framework. For cross-framework Jaccard overlap see /explore/crosswalk. Authored by Adam Lundqvist.
10 in NIS2 · 127 total
| ID | Title | Summary |
|---|---|---|
| NIS2-Art21a | Policies on risk analysis and information system security NIS2pentest:high | Essential and important entities must take appropriate and proportionate technical, operational and organisational measures to manage the risks posed to the se… |
| NIS2-Art21b | Incident handling NIS2pentest:high | Essential and important entities must implement incident handling measures, covering detection, analysis, containment, eradication, recovery, and post-incident… |
| NIS2-Art21c | Business continuity and crisis management NIS2pentest:medium | Essential and important entities must implement business continuity measures, such as backup management and disaster recovery, and crisis management arrangemen… |
| NIS2-Art21d | Supply chain security NIS2pentest:high | Essential and important entities must implement supply chain security measures, including security-related aspects concerning the relationships between each en… |
| NIS2-Art21e | Security in network and information systems acquisition, development and maintenance NIS2pentest:high | Essential and important entities must implement security in the acquisition, development, and maintenance of network and information systems, including vulnera… |
| NIS2-Art21f | Policies and procedures to assess the effectiveness of cybersecurity risk-management measures NIS2pentest:high | Essential and important entities must establish policies and procedures to assess the effectiveness of cybersecurity risk-management measures. This includes re… |
| NIS2-Art21g | Basic cyber hygiene practices and cybersecurity training NIS2pentest:medium | Essential and important entities must implement basic cyber hygiene practices and cybersecurity training. This includes user awareness programs, secure passwor… |
| NIS2-Art21h | Policies and procedures regarding the use of cryptography NIS2pentest:high | Essential and important entities must implement policies and procedures regarding the use of cryptography and, where appropriate, encryption. This includes key… |
| NIS2-Art21i | Human resources security, access control policies and asset management NIS2pentest:high | Essential and important entities must implement human resources security measures, access control policies, and asset management. This covers identity and acce… |
| NIS2-Art21j | The use of multi-factor authentication or continuous authentication solutions NIS2pentest:high | Essential and important entities must implement the use of multi-factor authentication or continuous authentication solutions, secured voice, video and text co… |