NIS2 Compliance Made Simple

From applicability assessment to incident reporting — the most comprehensive NIS2 module on the market.

Step 1

Country-Specific Applicability Wizard

A 5-step guided questionnaire determines your organization's NIS2 classification — essential entity, important entity, or not in scope. Considers country-specific transposition details.

  • Sector & sub-sector identification
  • Size thresholds per country
  • Essential vs. Important classification
  • PDF applicability report
Screenshot — NIS2 Wizard
Step 2

Obligations Catalog

Complete catalog of NIS2 obligations mapped to articles, with country-specific variations. Track compliance status per obligation and link controls and evidence.

  • Article-by-article breakdown
  • Country profile variations
  • Control & evidence linking
  • Compliance scoring per obligation
Screenshot — Obligations
Step 3

Incident Reporting Workflow

NIS2 mandates strict incident reporting timelines. Metis GRC automates the workflow with built-in deadlines, authority reporting templates, and status tracking.

24 hours
Early Warning
Initial notification to competent authority
72 hours
Incident Notification
Detailed assessment including severity and impact
1 month
Final Report
Root cause analysis and remediation measures
Screenshot — Incident Workflow

Start Your NIS2 Assessment

Determine your applicability and track compliance from day one.

Start Free Trial Contact Sales