The NIS2 Directive Foundation course gives participants a fundamental understanding of the NIS2 Directive and its core requirements for cybersecurity and operational resilience across essential and important entities in the EU. The course focuses on introducing the directive, explaining its structure, objectives and key provisions so that organisations and professionals can navigate compliance requirements and foundational practices.
This foundational course is designed for those who need to understand what the NIS2 Directive entails and how it affects organisational cybersecurity and resilience obligations. Through practical explanations, examples and discussions, participants will gain insight into core concepts such as risk management expectations, incident handling obligations, supply-chain resilience and governance requirements. The course prepares candidates for the NIS2 Directive Foundation certification exam and provides the basis for further compliance and implementation training.
Course objectivesUpon completion of this course, participants will be able to:
PrerequisitesThere are no formal prerequisites for this course. A basic interest in cybersecurity, resilience and regulatory compliance is helpful.
Target audienceThis course is suitable for professionals and stakeholders across cybersecurity, risk, compliance, IT management and operational resilience who need to understand the fundamental principles and requirements of the NIS2 Directive.
Participants are introduced to the background, context and objectives of the NIS2 Directive. This section explains why the directive was established and how it builds on previous legislation to support stronger cybersecurity and resilience in critical sectors.
This module focuses on the directive’s applicability criteria, including who is covered, how organisations are classified as essential or important, and what obligations are triggered by these classifications.
Participants explore the governance expectations under NIS2, including leadership responsibilities, accountability, risk management approaches and how risk practices interact with operational resilience requirements.
This section covers requirements related to detecting, responding to and reporting cybersecurity incidents. Participants learn timelines, escalation practices and how to structure incident management processes that comply with the directive.
Focus is placed on understanding NIS2’s expectations for supply-chain resilience, third-party oversight and contractual security obligations to strengthen organisational dependencies.
The course concludes with guidance on the NIS2 Directive Foundation certification exam, including key topics and what to expect in the certification assessment.
After successfully completing the exam, you can apply for one of the credentials shown in the table below. You will receive a certificate once you fulfill all the requirements of the selected credential.
The exam is will take place at the end of the course on onsite classroom courses
For Virtual courses we will send out a voucher that gives you access to an online exam. This can be booked and taken home monitored by a proctor via camera. More information about the exam rules will be send from PECB.
Examination rules and policies
Results will be communicated by email in a period of 6 to 8 weeks, after taking the exam. The results will not include the exact grade of the candidate, only a mention of pass or fail.
Candidates who successfully complete the examination will be able to apply for a certified scheme which is explained in the course description.
In the case of a failure, the results will be accompanied with the list of domains in which the candidate had failed to provide guidance for exams’ retake preparation.
Candidates, who disagree with the exam results, may file a complaint by writing to examination@pecb.com or through PECB ticketing system.
There is no limit on the number of times a candidate may retake an exam. However, there are some limitations in terms of allowed time-frame in between exam retakes, such as:
After the fourth attempt, a waiting period of 12 months from the last session date is required, in order for candidate to sit again for the same exam. Regular fee applies.
For the candidates that fail the exam in the 2nd retake, PECB recommends to attend an official training in order to be better prepared for the exam.
To arrange exam retakes (date, time, place, costs), the candidate needs to contact Glasspaper.
Duration: 2 days
Price: 14 500
Language: English
Format: Open course and corporate training
Hva lærer jeg på dette kurset?
Du lærer grunnleggende mål, struktur og krav i NIS2 Directive, inkludert risikostyring, hendelseshåndtering og cybersikkerhetsforventninger.
Hva kreves for å delta?
Det kreves ingen forkunnskaper. En generell interesse for cybersikkerhet, risiko og compliance er en fordel.
Hvordan gjennomføres eksamen?
Eksamen tas vanligvis fysisk på kursstedet eller online med voucher og online eksamensvakt.
Hva skjer hvis jeg ikke består første eksamen?
Du får som regel ett nytt eksamensforsøk som tas online.
Får jeg ekstra tid på eksamen?
Ja, du får ekstra tid dersom engelsk ikke er ditt morsmål, i tråd med sertifiseringsregler.
Hvilken sertifisering får jeg?
Etter bestått eksamen oppnår du PECB Certified Holder in NIS 2 Directive Foundation sertifisering. Se tabell under sertifisering
Får jeg noen standarddokumenter?
Du får tilgang til kursmateriell og rammeverksreferanser som brukes under kurset, men ikke lovteksten direkte.
Er dette kurset relevant for ledere?
Ja, kurset er relevant for ledere, IT-ansvarlige, compliance-roller, risk managers og sikkerhetsansvarlige.
Kan jeg ta dette kurset som e-læring eller selvstudium?
Nei, det er ikke mulig å ta dette kurset som e-læring, men mulig med selvstudie. Send en mail til prosjekt@glassper.no for mer informasjon og bestilling.
