7. POLICIES AND PROCEDURES TO ASSESS THE EFFECTIVENESS OF CYBERSECURITY RISK-MANAGEMENT MEASURES
8. BASIC CYBER HYGIENE PRACTICES AND SECURITY TRAINING
9. CRYPTOGRAPHY

11.5 Identification

11.5.1. The relevant entities shall manage the full life cycle of identities of network and information systems and their users.

11.5.2. For that purpose, the relevant entities shall:

(a) set up unique identities for network and information systems and their users;
(b) link the identity of users to a single person;
(c) ensure oversight of identities of network and information systems;
(d) apply logging to the management of identities.

11.5.3. The relevant entities shall only permit identities assigned to multiple persons, such as shared identities, where they are necessary for business or operational reasons and are subject to an explicit approval process and documentation.

Stand: 27.06.2024

Holen Sie sich den NIS2-Umsetzungs-Fahrplan und unseren Newsletter!