NIS2 Compliance Readiness Test

1. Is your organization’s staff and management aware of emerging cyber risks and threats?

Staff and management are consistently updated through reports, alerts, and participation in awareness sessions regarding emerging cyber threats.

Staff are occasionally informed about major risks, but there is no formal continuous update process.

There are no organized mechanisms for cyber risk awareness.

2. How does your organization respond when a cybersecurity incident is identified?

Documented and tested incident response procedures exist, with clear reporting and remediation workflows.

Partial or informal procedures exist, responses depend on staff experience.

No formal procedures, incident response is ad-hoc.

3. What measures has the organization taken to properly train personnel on cybersecurity?

Regular, mandatory, documented sessions are conducted and updated according to the latest NIS2 standards.

Occasional training sessions for critical roles or selected staff.

No structured training programs exist.

4. Are there personnel designated for critical cybersecurity roles?

Responsibilities are clearly defined, documented, and assigned to specialized individuals or teams.

Designated personnel exist, but responsibilities are not formalized or communicated.

No personnel are designated for these responsibilities.

If you are human, leave this field blank.

NIS2 ComplianceReadiness Test