Infoguard also collaborates with Samen Digitall Veilig, a Dutch non-profit organization founded by the Dutch state and local employers’ associations. This agency has set up tools so that companies in the EEA can meet the requirements of NIS-2 both as critical infrastructure and as suppliers. With access to the agency’s website, Icelandic companies can assess their own status in relation to NIS-2 as well as assess the security of their supply chain.
Samen Digitall Veilig was specifically established as a resource for all companies in the EU and EEA, in order to comply with NIS-2 in the most efficient way possible. This applies regardless of whether the company needs to comply with the provisions of NIS-2 directly or because of its suppliers.
On the website you can get an overview of your own position with the NIS2 Cyber Score. It is possible to import all of your suppliers (Import management) and perform a risk assessment of them using (Suppliers/relations).
It is also possible to use educational material for employees regarding information security and monitor the progress of that training.
According to the provisions of NIS-2, companies covered by the directive must secure their supply chain. This means that for each and every supplier of the company, a risk assessment must be carried out
The results of that risk assessment can then be used to assess information security requirements for the suppliers in question. On the other hand, it is clear that if the supplier in question does not have an information security system and does not want to go into such a system, then the supplier’s contracts with the company in question must be terminated.
If you want to know more about how Together Digital Safe can help you manage your own NIS-2 compliance as well as your suppliers contact us at infoguard@infoguard.is