Law and standards
NIS2
What is NIS2?
NIS2 is EU Directive 2022/2555 on network and information security. It obliges companies in certain sectors to run risk management, to report security incidents and it places responsibility explicitly on management.
It applies to essential and important entities in the sectors the directive lists, depending on the size and activity of the company. Transposition into Austrian law and its current status are published by the responsible authority at nis.gv.at. Check the status there before you build decisions on it.
Companies outside the scope still feel the directive. Clients who are in scope pass their security requirements down the supply chain, often as questionnaires or requests for evidence about IT security.
All terms in the knowledge base
Note: This entry reflects the state of knowledge to the best of our understanding and serves as general orientation. It is not legal advice. What counts is always the version currently in force at the responsible body, for example dsb.gv.at, nis.gv.at or enisa.europa.eu.
From the term to practice
Where does your business actually stand?
The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.