• 10 Minutes

  • English

  • Microlearning

Course description

This microlearning module provides practical guidance on how companies can implement the NIS2 requirements for risk management as well as technical and organizational measures. You will learn about the obligations under Section 30 of the German Information Security Act (BSIG), how to systematically assess risks and effectively derive measures, and what is essential for an auditable implementation. The course is designed for anyone who wants to understand NIS2 in a structured way and implement it in a risk-based manner.

What will you learn

  • Why NIS2 requires a risk-based approach and what role risk analysis plays in all subsequent measures.

  • How to systematically analyze, assess, and document risks in order to derive measures in a transparent manner.

  • Which minimum measures are required under NIS2 and how to prioritize them effectively.

  • What legal obligations arise from Section 30 of the German Information Security Act (BSIG) regarding risk management as well as technical and organizational measures.

  • What is meant by “state of the art” and how proportionality is applied in practice.

  • How to avoid common mistakes and ensure that your NIS2 risk management implementation is audit-ready.