NIS2 Directive Lead Implementer is a structured training course designed to provide participants with the tools, techniques and knowledge needed to implement and operationalise the European Union’s NIS2 Directive requirements within their organisation. The course focuses on understanding the directive, interpreting key obligations and developing practical strategies to drive NIS2 compliance.
The NIS2 Directive establishes enhanced cybersecurity and operational resilience requirements for essential and important entities across the EU. This course helps participants navigate the directive’s structure, risk management expectations, incident reporting obligations, supply-chain resilience principles and governance frameworks required for compliance. Delegates will learn how to plan and implement NIS2 aligned processes, establish governance and documentation, and support continuous compliance and improvement.
Course objectivesUpon completion of this course, participants will be able to:
PrerequisitesParticipants should have a basic understanding of cyber security principles and risk management concepts. Prior exposure to governance frameworks, information security standards (such as ISO/IEC 27001) or compliance roles is beneficial.
Target audienceThis course is relevant for cybersecurity practitioners, compliance and risk professionals, IT managers, security leaders, auditors and consultants who are responsible for implementing, managing or overseeing NIS2 compliance efforts in their organisation.
Participants begin with an overview of the NIS2 Directive’s context, structure and objectives. The session clarifies the legal and regulatory basis of the directive and the importance of operational resilience within essential and important entities.
This section focuses on how to determine organisational scope and classification under NIS2, including criteria for essential and important entities, and what obligations apply based on classification.
Participants explore governance expectations under NIS2, including leadership responsibilities, accountability models and risk management practices required to support compliance.
This part of the course covers the NIS2 directive’s requirements for incident detection, response and reporting, including timelines, escalation mechanisms and interactions with national authorities.
Delegates examine requirements related to supply-chain risk management and third-party security, including contractual expectations, oversight and monitoring of external dependencies.
The course concludes with practical guidance on establishing documentation, conducting internal reviews, maintaining continuous compliance and preparing for audits and supervisory interaction.
After successfully completing the exam, you can apply for one of the credentials shown in the table below. You will receive a certificate once you fulfill all the requirements of the selected credential.
The exam will take place at the end of the course on onsite classroom courses.
For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send fromPECB.
Test details:
As the exam is an Multiple Choice, candidates are authorized to use:
This is an open-book exam. The candidate is allowed to use the following reference materials:
Examination rules and policies
Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.
Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.
In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.
Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.
There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:
After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.
For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.
To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.
Duration: 5 days
Price: 27 900
Language: English
Format: Open course and corporate training
Hva lærer jeg på dette kurset?
Du lærer hvordan du implementerer NIS2 Directive-krav i praksis, inkludert risikostyring, styringsmodeller, hendelseshåndtering og leverandørkjede-sikkerhet.
Hva kreves for å delta?
Det anbefales at du har en grunnleggende forståelse av informasjonssikkerhet, risikostyring og relevante rammeverk som ISO/IEC 27001, men det er ingen formelle krav.
Hvordan gjennomføres eksamen?
Eksamen tas typisk fysisk på kursstedet eller som online prøve med voucher og online eksamensvakt, avhengig av kursleverandør.
Hva skjer hvis jeg ikke består første eksamen?
Du får som regel et nytt eksamensforsøk som tas online.
Får jeg ekstra tid på eksamen?
Ja, ekstra tid gis dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsregler.
Hvilken sertifisering får jeg?
Etter godkjent eksamen oppnår du PECB Certified NIS 2 Directive Provisional Implementer sertifiseringen. For å få full sertifisering kan det også stilles krav til dokumentert arbeidserfaring innen informasjonssikkerhet. Sjekk tabellen under sertifisering for mer informasjon.
Hva er forskjellen på dette kurset og standard ISO-kurs?
Dette kurset fokuserer spesifikt på NIS2 Directive compliance og krav, mens ISO-kurs som ISO/IEC 27001 er bredere styringsstandarder.
Er dette kurset relevant for ledere?
Ja, kurset er relevant for ledere, sikkerhets- og compliance-ansvarlige, risk managers og andre roller som jobber med cybersikkerhet og kontinuerlig etterlevelse.
Kan jeg ta dette kurset som e-læring eller selvstudium?
Nei, det er ikke mulig å ta dette kurset som e-læring, men mulig med selvstudie. Send en mail til prosjekt@glassper.no for mer informasjon og bestilling.
