Absolute Security
Speak with an architect
Assessments · NIS2/DORA Readiness Check

NIS2/DORA Readiness Check

One-day check on the governability of your NIS2 or DORA compliance. Not whether the paragraphs are correct. Whether leadership can demonstrably steer on the requirements.

Why this investigation

What it delivers, recognisable per role.

For the board

An independent verdict on whether leadership can demonstrably be accountable for NIS2 or DORA compliance. Not only formally.

For the CFO

Insight into where governance accountability is missing. And where this leads to legal and financial exposure.

For the CISO

A grounded list of points where leadership cannot yet steer. Usable in the board conversation.

For the DPO or Compliance Officer

Independent test of whether the compliance dossier also works at governance level. Not just whether it is complete.

For the internal auditor

An early second opinion before the external auditor or regulator picks it up.

For the Risk Officer

Insight into how NIS2 or DORA connects to your broader risk framework. And where it slips.

The challenge

Meeting the letter is not the same as being in control.

NIS2 and DORA hold leadership accountable. Not for paperwork, but for demonstrable direction. Many organisations have filled in the paragraphs without leadership actually being able to steer on them. We test whether that governance is there.

What you get

A focused second opinion on your NIS2 or DORA position.

  • Final report with findings on three core dimensions: governability, demonstrability, accountability.
  • A focused list of points where leadership cannot yet steer.
  • A prioritisation with the first three governance follow-up steps.
  • A short leadership debrief, in person or in a follow-up session.
How it works

Four phases, two weeks duration.

01

Intake

Short session in which we determine scope and relevant articles. NIS2, DORA or both.

02

Investigation

One-day review of the existing compliance dossier and interviews with leadership, CISO and compliance owner.

03

Analysis

We test on three core dimensions and weigh findings on governance impact.

04

Report

Final report with grounded findings and concrete follow-up steps. Within two weeks of intake. Including debrief.

Investment

A scoped investigation. Not an open-ended track.

A NIS2/DORA Readiness Check is a scoped investigation. Not an open-ended track. Duration is two weeks from intake. The investment depends on scope (NIS2 or DORA, number of entities, available documentation). We discuss that in a first conversation.

The senior who does the work

Hans Raaijmakers

Senior enterprise security architect and vCISO. Twenty plus years working in regulated sectors.

Runs the check, writes the report and conducts the debrief in person. No handover to juniors.

30 minutes. No pitch. Clarity.

In a first conversation we determine whether a NIS2/DORA Readiness Check fits your question.

Speak with an architectOther assessments →