This website uses cookies. View our cookie policy
Select regional store:

NIS Directive compliance

The EU Directive on security of network and information systems (NIS Directive) requires operators of essential services and digital service providers to implement appropriate security measures to protect, and ensure the continuity of, services that are essential to the national infrastructure.

The Directive entered into force in August 2016. EU member states – including the UK – have until May 2018 to translate it into national laws, and a further six months to identify the "operators of essential services and digital service providers" it applies to.

This page links to everything you need to comply with the NIS Directive.



For general information about the NIS Directive, visit our dedicated NIS Directive page >>


Green papers

For more in-depth information about the NIS Directive, download our free green paper,The EU Network and Information Security (NIS) Directive: Compliance guidance >>

Click here for all available green papers >>



IT Governance’s webinars cover such topics as cyber security, the GDPR, ISO 27001 and IT service management, and all of our webinar resources can be downloaded for free.

Click here to watch the recordings of our latest webinars >>


Products and services

The NIS Directive states that "Member States shall [...] encourage the use of European or internationally accepted standards and specifications relevant to the security of network and information systems."

The only relevant international standards are ISO 27001 and ISO 22301, which we’ve been helping organisations implement for over a decade.

Here are a few ways we can help meet your NIS Directive compliance needs.

  • Software

    The NIS Directive states that, for operators of essential services and digital service providers alike, technical and organisational security measures should be appropriate and proportionate to identified risks.

    vsRisk™ is the industry-leading ISO 27001-compliant risk assessment tool.

    Click here for more information about vsRisk >>


Contact us

To discuss your ISO 27001 requirements, please call us on +44 (0)845 070 1750 or email