40+ Controls · Progress saved

NIS2 Article 21 Gap Assessment

Work through all 10 mandatory Article 21 measures with 40+ specific controls. See your compliance score in real time and identify critical gaps to address first.

0/50

Article 21 Compliance Score

Critical: Immediate action required

21(2)(a)

21(2)(b)

21(2)(c)

21(2)(d)

21(2)(e)

21(2)(f)

21(2)(g)

21(2)(h)

21(2)(i)

21(2)(j)

⚠️ 16 critical gaps not completed, these should be addressed as a priority.

Documented risk assessment methodology and board-approved security policies covering all information systems.

Written risk assessment methodology documented and current

critical

Information security policy approved by management/board

critical

Risk register maintained and reviewed at least annually

high

Asset inventory covering all critical information systems

high

Risk treatment plan with defined owners and deadlines

medium

Total Items

Completed

Remaining

Critical Gaps

Progress is saved locally in your browser. No account or server upload required.

📊 Quick Test

Find out if your company is in scope

Does your organisation fall under Annex I (Essential) or Annex II (Important) entities?

Check NIS2 Scope →