NIS 2 Directive Foundation

The NIS 2 Directive Foundation training course outlines the essential insights necessary for understanding the requirements of NIS 2 Directive regarding cybersecurity measures. It provides the core concepts required to support organizations in the initial phases of planning, implementation, and management of cybersecurity programs.

Course description:

The NIS 2 Directive Foundation training course provides an introduction to the NIS 2 Directive aiming to help organizations enhance their cybersecurity in the face of ever-emerging cyber threats. This legislation serves as a central role in strengthening cybersecurity within critical infrastructure sectors such as energy, transport, healthcare, and digital services. The PECB NIS 2 Directive Foundation training course covers the fundamental concepts related to the Directive’s requirements. It provides information that will help you understand the best practices for protecting critical infrastructure from cyber threats.

After attending the training course, you can take the exam, and if you successfully pass it, you can apply for a “PECB Certificate Holder in NIS 2 Directive Foundation” credential.

Course objectives:

This training course will help you:

  • Explain the fundamental concepts and definitions of NIS 2 Directive
  • Interpret the main requirements of the NIS 2 Directive for a cybersecurity program
  • Identify the approaches and techniques used for the implementation of NIS 2 requirements


  • Cybersecurity professional seeking to gain a fundamental understanding of the requirements of the NIS 2 Directive and learn practical strategies to implement robust cybersecurity measure
  • IT managers and professionals aiming to gain fundamental insights into implementing secure systems and improving the resilience of critical systems
  • Government and regulatory officials responsible for enforcing the NIS 2 Directive
  • Certification

After successfully completing the exam, you can apply for one of the credentials shown in the table below. You will receive a certificate once you fulfill all the requirements of the selected credential.  

The cybersecurity management experience activities should follow best cybersecurity management practices and include the following:

  1. Conducting comprehensive risk assessments specific to critical infrastructure systems
  2. Managing incident response plans tailored to the requirements of the NIS 2 Directive
  3. Implementing appropriate security measures and controls
  4. Implementing metrics and performance indicators
  5. Managing and responding to cybersecurity incidents
  6. Conducting management reviews
  7. Managing a cybersecurity team 

For more information about NIS 2 Directive certifications and the PECB Certification process, please refer to Certification Rules and Policies.


There are no prerequisites to participate in this training course.
  • Introduction to fundamental concepts and definitions
    of NIS 2 Directive
  • NIS 2 Directive requirements for the implementation of
    a cybersecurity program
  • Certification test



The exam is will take place at the end of the course on onsite classroom courses

For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.

  • Multiple choice “closed book” exam where the candidates are not authorized to use anything but the exam paper and a pen or,
  • Duration: 1 hour (+ 10 min extra time for non-native)
  • The use of electronic devices, such as laptops, cell phones, etc., is not allowed.

Examination rules and policies


Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.

Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.

In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.

Candidates, who disagree with the exam results, may file a complaint by writing to or through PECB ticketing system.


There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:

  • Students, who have completed the full training but failed the written exam, are eligible to retake the exam once for free within a 12 month period from the initial date of the exam.
  • If a candidate does not pass the exam on the second attempt, he/she must wait 3 months (from the initial date of the exam) for the next attempt (2nd retake). Retake fee applies.
  • If a candidate does not pass the exam on the third attempt, he/she must wait 6 months (from the initial date of the exam) for the next attempt (3rd retake). Retake fee applies.

After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.

For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.

To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.

Other relevant courses

9. September
5 days
Classroom Virtual Guaranteed to run
2 days
Classroom Virtual
26. August
5 days
Classroom Virtual
4. November
5 days
Classroom Virtual