Stronger cyber resilience
The Security of Network & Information Systems Regulations (“NIS Regulations“) place legal obligations on providers to protect UK critical services by improving cyber-security.
The regulations aim to ensure UK operators in electricity, transport, water, energy, transport, health and digital infrastructure are prepared to deal with the increasing numbers of cyber threats. The regulations also cover other threats affecting IT, such as power failures, hardware failures and environmental hazards.
They came into force on 10th May 2018 and affect all Operators of Essential Services (OES) and Digital Service Providers (DSP).
The NationalCentre distilled the security principles that are required to implement NIS Regulations into 4 top-level objectives which include security management, system security, security monitoring, and response and improvements.
ISMS.online brings alive the security principles required for the NIS Regulations
And because ISO 27001 covers those requirements, you can future-proof your business by taking the remaining steps to an ISO 27001 certification that will offer real assurances to your powerful customers and stakeholders.
Linking the NIS Regulations and ISO 27001 is simple in ISMS.online and will prevent duplication of the many requirements that appear in both. You will also minimise the ongoing management of your Information Security Management System.
Use dynamic and interactive tools to manage and demonstrate the required work processes
- Policy management and governance
- Risk management tools
- Information Asset Register
- Supply chain/vendor management
- Incident management
- Staff communications, training and engagement
- Corrective actions and improvements
- Ability to link to ISO 27001:2013 Policies & Annex A controls
- Internal and external audit management
- KPIs, management reviews and reporting
- Full collaboration functionality for team working
- Business continuity planning
Have you considered achieving ISO 27001 certification?
Did you know that if your organisation implemented an ISO 27001:2013 information security Management system you would have covered the requirements of the
NIS Regulations whilst also protecting all your valuable information assets.