Structured Implementation of Requirements with Specialised Solution from Swiss GRC

A mandatory registration deadline on 6th March 2026 was missed by approximately 20,000 affected entities. A cause for concern.

For one, it increases vulnerability to cyberattacks. Moreover, failing to act results in economic sanctions (€10 million or 2% of the worldwide annual turnover). So what can be done to become resilient in time?

**Understanding and Structuring the Requirements**

The goal of NIS2 is clear: Organisations must become digitally resilient to withstand hacker attacks. Without data leaks, without systems being disrupted, and without interruption of business-critical applications.

Implementing the NIS2 requirements leads to significantly higher security levels and reduces both the likelihood and impact of cyberattacks. Processes and emergency structures form the foundation for sustainable resilience of economic and public structures.

Operational processes remain stable, while a demonstrably high level of cybersecurity positively impacts trust, reputation, and competitiveness. NIS2 establishes cybersecurity as a management task and thus lays the groundwork for long-term efficient and strategically guided corporate governance.

**Typical Path to NIS2 Implementation**

As an entry point, Swiss GRC offers a free Readiness Check for a structured assessment and to show the current state of implementation.

**The evaluation is conducted along key action areas of the NIS2 directive:**

- Governance and responsibilities

- Risk management

- Incident response and reporting processes

- Supply chains and third parties

- Technical and organisational measures

Based on this, companies receive a structured assessment of their current state of implementation and a prioritisation of essential action areas.

The Readiness Check does not replace full implementation. Based on the results, companies can approach the implementation in a structured manner and translate it into suitable solutions. The approach is aligned with the requirements and guidelines of the Federal Office for Information Security (BSI).

**Concrete Implementation Steps**

- Define scope: Determine which companies, locations, and systems fall under NIS2

- Structure requirements: Map NIS2 requirements to controls and measures

- Conduct gap assessment: Evaluate the current state of implementation and identify gaps

- Assess risks: Conduct risk assessments and link them to controls

- Implement measures: Assign responsibilities, set deadlines, and track progress

- Document evidence: Document evidence and link them to the corresponding controls

- Create reporting: Generate management reports and audit documentation at the push of a button

**Suitable Solutions for Every Business Size**

The requirements from NIS2 affect companies of different sizes and maturity levels. The key is an approach that is both scalable and economically feasible.

Swiss GRC offers flexible solution models tailored to the size, complexity, and individual implementation stage of a company.

**Next Step: Contextualise Results and Start Implementation**

Based on your Readiness Check result, specific actions can be derived and translated into a structured implementation.

Schedule a demo and see how the identified action areas can be implemented efficiently and audit-proof.

**Press Contact:**
Yahya Mohamed Mao
Chief Marketing Officer (CMO)
Swiss GRC
+41 41 220 75 15
yahya.mao@swissgrc.com

Editor's note: Image rights belong to the respective publisher. Image rights: Envato Elements / Photographer: Swiss GRC AG