7. POLICIES AND PROCEDURES TO ASSESS THE EFFECTIVENESS OF CYBERSECURITY RISK-MANAGEMENT MEASURES
8. BASIC CYBER HYGIENE PRACTICES AND SECURITY TRAINING
9. CRYPTOGRAPHY

13.2 Protection against physical and environmental threats

13.2.1. For the purpose of Article 21(2)(e) of Directive (EU) 2022/2555, the relevant entities shall prevent or reduce the consequences of events originating from physical and environmental threats, such as natural disasters and other intentional or unintentional threats.

13.2.2. For that purpose, the relevant entities shall:

(a) based on the results of the risk assessment, design and implement protection measures against physical and environmental threats;
(b) determine minimum and maximum control thresholds for physical and environmental threats;
(c) monitor environmental parameters and report events outside the minimum and maximum control thresholds referred to in point (b).

13.2.3. The relevant entities shall test, review and, where appropriate, update the protection measures against physical and environmental threats on a regular basis or following significant incidents or significant changes to operations or risks.

Stand: 27.06.2024

Holen Sie sich den NIS2-Umsetzungs-Fahrplan und unseren Newsletter!