NIS2 statement

The NIS2 Directive introduces strengthened requirements for cybersecurity, risk management, and executive accountability. Plenty4 is aware of NIS2 and has structurally embedded its principles in governance, processes, and service delivery.

NIS2 is applied within Plenty4 to selected services, IT processes, information assets, and relevant suppliers within the delivery chain. The scope is aligned with our role, responsibilities, and applicable legal context.

Cybersecurity and NIS2 fall under executive responsibility within Plenty4. Oversight and decision making are embedded in existing governance structures.

NIS2 requirements are integrated into incident management, risk management, change management, continuity, and supplier management. These processes support prevention, detection, response, and recovery.

Assurance is demonstrated through documented policies, process descriptions, risk registers, and periodic reviews. The focus is on consistency, traceability, and reproducibility.

Suppliers contributing to NIS2 relevant services are included in contractual arrangements and ongoing assessment.

This page provides insight into Plenty4’s approach to NIS2 awareness and process integration. It does not constitute certification, formal compliance, or a legal guarantee.

European Union Directive (EU) 2022/2555
https://eur-lex.europa.eu/eli/dir/2022/2555/oj