NIS2 Art. 21 Para. 2 lit. d explicitly requires companies to ensure security in the supply chain — structured register, risk assessments, monitoring and evidence documentation.
What does NIS2 Art. 21 specifically require?
NIS2 Art. 21 stipulates: identification of all relevant third parties, risk assessment, contractual security requirements, continuous monitoring and incident response processes.
Security in the supply chain including security-related aspects of the relationships between entities and their direct providers or service providers.
Continuous Monitoring as NIS2 Requirement
Annual questionnaires are insufficient under NIS2. The directive requires dynamic risk management — continuous monitoring, automatic alerting and regular reassessments.
FAQ
NIS2-compliant TPRM with 360TPRM
Sehen Sie in einer 45-minütigen Demo, wie 360TPRM Ihre Anforderungen konkret erfüllt.
Demo →