SC175: NIS2 Lead Implementer

Training - Security - Governance, Risk & Compliance

Participants learn how to integrate the requirements of the NIS2 Directive into existing management systems and derive an effective cybersecurity program from them. The course covers risk assessment, technical and organizational measures, as well as methods for monitoring, continuous improvement, and auditing to successfully manage and demonstrate implementation in the long term.

Hybrid training Hybrid training

Start: 2026-05-04 | 10:00 am

End: 2026-05-08 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Hybrid training Hybrid training

Start: 2026-10-05 | 10:00 am

End: 2026-10-09 | 01:30 pm

Location: Nürnberg

Price: 2.950,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Fundamentals of NIS2 & Regulatory Framework
    • Introduction to the NIS2 Directive: Scope, Objectives, Innovations
    • Roles and Duties of Entities and Management
    • Essential vs. Important Entities: Criteria and Requirements
    • Overview of National and European Supervisory Structures
    • Conducting a NIS2 Gap Analysis
    • Introduction to ENISA ECSF and Role Profiles

  • Risk-Based Planning & Governance Structures
    • Methods for Risk Assessment and Prioritization
    • Business Impact Analysis & Determination of Protection Needs
    • Governance and Management Obligations under NIS2
    • Building a Cybersecurity Governance Program
    • In-Depth: CISO Role – Tasks, Competencies, Implementation
    • Practical Exercise: Developing a Governance Framework

  • Security Measures & Technical Implementation
    • Technical and Organizational Measures (Art. 21)
    • Secure Architectures & Security by Design (Focus: Architect)
    • Secure Software Development and Cloud Security
    • Supply Chain and Third-Party Security (Art. 21 Sec. 2d)
    • Alignment with ISO/IEC 27001 Annex A
    • In-Depth: Architect Role – Planning & Hardening

  • Detection, Response & Incident Management
    • Planning Incident Detection and Response (Art. 23)
    • Reporting Obligations and Deadlines (Art. 30)
    • Establishing a SOC/CSIRT or Reporting Process
    • In-Depth: Cyber Incident Responder – Tasks and Tools
    • Case Study: Coordinated Response to a Cyber Incident
    • Documentation, Forensics & Lessons Learned

  • Audit, Awareness & Continuous Improvement
    • Awareness and Training Programs (Art. 20)
    • Internal Control Mechanisms and Monitoring
    • Reporting to Management and Authorities
    • Audit Preparation: Evidence & Documentation
    • Final Exercise: Developing a Role-Specific NIS2 Roadmap
    • Q&A, Feedback, Exam Preparation

Objectives:

  • Understand the legal and regulatory framework of the NIS2 Directive
  • Identify obligations for essential and important entities
  • Conduct gap analyses and risk-based prioritizations
  • Implement governance, technical, and organizational measures
  • Establish incident response and reporting procedures
  • Integrate NIS2 requirements into existing management systems (e.g., ISO/IEC 27001)
  • Understand role-specific competencies according to the ENISA Cybersecurity Skills Framework (ECSF)
  • Continuously monitor and improve the cybersecurity posture
  • Act purposefully as a role holder (CISO, Architect, Responder)

Target audience:

  • Information Security Officers
  • Risk Managers
  • IT Managers
  • Compliance Officers
  • Cybersecurity Consultants
  • Professionals in ENISA Roles: CISO, Cybersecurity Architect, Cyber Incident Responder

Prerequisites:

Description:

The five-day workshop SC175 NIS2 Lead Implementer is aimed at professionals and executives responsible for the practical implementation of the NIS2 Directive in their organization. The training not only provides a deep understanding of the legal requirements but also demonstrates how to develop an effective cybersecurity program from them.

In this course, participants will learn how to integrate NIS2 requirements into existing management systems, systematically assess risks, and implement appropriate technical as well as organizational measures. In addition, methods for monitoring, continuous improvement, and auditing will be presented, enabling the long-term successful management and verification of implementation.

Other Info:

Materials & Resources:
  • Digital Participant Handout
  • Article Overview of NIS2
  • Templates: Gap Analysis, Risk Assessment, Incident Report
  • Role-Specific Guidelines Based on ECSF
check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

2.950,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.