King of
the Audits

European security regulations impose growing demands on companies, especially in critical infrastructures and financial services. The latest EU regulations, including the Network and Information Security Directive (NIS2), the Directive on the Resilience of Critical Entities (CER), and the Digital Operational Resilience Act (DORA) for the financial sector, significantly expand existing cyber security requirements. NIS2 has broadened its scope, increasing the number of regulated companies. CER focuses on strengthening the physical resilience of critical entities, while DORA sets specific security and resilience requirements for the financial sector. Implementing a comprehensive Information Security Management System (ISMS) according to ISO 27001 is recommended to systematically address these complex requirements.