NIS2 Documentation Toolkit
Become NIS2 compliant without a consultant, with an AI wizard that speeds up filling out the documents.- The price includes the NIS2 Documentation Toolkit in English, fully compliant with NIS2 Directive, Commission Implementing Regulation (EU) 2024/2690, and Legal Notice 71 of 2025 – Measures for a High Common Level of Cybersecurity across the European Union (Malta) Order, 2025 (NIS2 Order)
- 
		The NIS2 Documentation Toolkit (version in English) includes all required cybersecurity and incident reporting templates with additional requirements of NIS2 Order, as well as the examples of evidence that you can use to prove the implementation according to the ENISA NIS2 Technical Implementation Guidance — in total, 77 documents		Editable MS Word and MS Excel policies, procedures, plans, and forms required for articles 20, 21, and 23 of NIS2 Directive, Commission Implementing Regulation (CIR) 2024/2690, and articles 18, 19, and 20 of NIS2 Order 
BONUS features:
- 
		Free updates for 24 months You’ll receive updated policies and procedures for a full 2 years after your purchase, free of charge. 
- 
		AI-powered wizard		Wizard that automatically inserts company-specific information into your documents — company name, logo, job titles, departments, etc. 
- 
		Email support We will answer your questions within 1 business day. You can send up to 10 questions per month. 
- 
		Expert review of a document 		After completing the document, you can send it for our review, and we’ll give you our comments on what you need to improve to make it compliant with the standard. 
- 
		One hour of live 1-on-1 online consultation Set up a time to speak to our experts to resolve issues with implementation or answer questions regarding the standard. 
Fully optimized for essential and important organizations
from all 18 sectors specified in NIS2 Directive and NIS2 Order.
 
				 100% secure online billing
					100% secure online billingAES-256bit SSL safe
Toolkit Documents
- 
                    - 
                                                                Project Launch Decision
- 
                                                                Project Plan
- 
                                                                Initial Training Plan
- 
                                                                Policy on Information System Security
 
- 
                                                                
- 
                    - 
                                                                Risk Assessment Methodology
- 
                                                                Risk Assessment Table
- 
                                                                Risk Treatment Table
- 
                                                                Acceptance of Residual Risks
- 
                                                                Risk Assessment and Treatment Report
- 
                                                                Risk Treatment Plan
 
- 
                                                                
- 
                    - 
                                                                IT Security Policy
- 
                                                                Clear Desk and Clear Screen Policy
- 
                                                                Mobile Device and Remote Work Policy
- 
                                                                Bring Your Own Device (BYOD) Policy
- 
                                                                Physical Security Policy
- 
                                                                Information Classification Policy
- 
                                                                Asset Management Procedure
- 
                                                                IT Asset Register
- 
                                                                Security Procedures for IT Department
- 
                                                                Network Security Policy
- 
                                                                Vulnerability and Patch Management Procedure
- 
                                                                Logging and Monitoring Procedure
- 
                                                                ICT Change Management Procedure
- 
                                                                Backup Policy
- 
                                                                Information Transfer Policy
- 
                                                                Secure Communication Policy
- 
                                                                Disposal and Destruction Policy
- 
                                                                Policy on Encryption and Cryptographic Controls
- 
                                                                Access Control Policy
- 
                                                                Authentication Policy
- 
                                                                Password Policy
- 
                                                                Policy for the Acquisition, Development, and Maintenance of ICT Systems
- 
                                                                Specification of Acquisition, Development, and Maintenance Requirements of ICT System
- 
                                                                Security Policy for Human Resources
- 
                                                                Statement of Acceptance of Cybersecurity Documents
- 
                                                                Supplier Security Policy
- 
                                                                Security Clauses for Suppliers and Partners
- 
                                                                Confidentiality Statement
- 
                                                                Directory of Suppliers and Service Providers
 
- 
                                                                
- 
                    - 
                                                                Business Impact Analysis Methodology
- 
                                                                Business Impact Analysis Questionnaire
- 
                                                                Business Continuity Strategy
- 
                                                                Recovery Time Objectives for Activities
- 
                                                                Examples of Disruptive Incident Scenarios
- 
                                                                Preparation Plan for Business Continuity
- 
                                                                Activity Recovery Strategy for (activity name)
- 
                                                                Crisis Management Plan
- 
                                                                Business Continuity Plan
- 
                                                                Disruptive Incident Response Plan
- 
                                                                List of Business Continuity Sites
- 
                                                                Transportation Plan
- 
                                                                Key Contacts
- 
                                                                Disaster Recovery Plan
- 
                                                                Activity Recovery Plan for (activity name)
- 
                                                                Exercising and Testing Plan
- 
                                                                Exercising and Testing Report
 
- 
                                                                
- 
                    - 
                                                                Incident Handling Policy
- 
                                                                Minor Incident Response Procedure
- 
                                                                Incident Log
- 
                                                                Post Incident Review Form
- 
                                                                Significant Incident Notification for Recipients of Services
- 
                                                                Significant Incident Early Warning
- 
                                                                Significant Incident Notification
- 
                                                                Significant Incident Intermediate Report
- 
                                                                Significant Incident Final Report
- 
                                                                Significant Incident Progress Report
 
- 
                                                                
- 
                    - 
                                                                Measurement Methodology
- 
                                                                Measurement Report
- 
                                                                Training and Awareness Plan
- 
                                                                Internal Audit Procedure
- 
                                                                Internal Audit Program
- 
                                                                Internal Audit Report
- 
                                                                Internal Audit Checklist
- 
                                                                Procedure for Management Review
- 
                                                                Management Review Minutes
- 
                                                                Procedure for Corrective Actions
- 
                                                                Corrective Action Form
 
- 
                                                                
Download List of all NIS 2 Toolkit Documents
- 
		See all documents included in the toolkit, and references to NIS2 Directive, Commission Implementation Regulation (CIR) 2024/2690, NIS2 Order, and NIS2 ENISA Technical Implementation Guidance 
- 
		See which documents are mandatory according to NIS2 Directive and NIS2 Order 
- 
		See the suggested implementation sequence 
Thousands of Successful Customers
Serkan
I recently had the pleasure of utilizing the EN AI-Powered ISO 27001 Documentation Toolkit, complete with live expert support, and my experience has been nothing short of exceptional. The AI-powered toolkit significantly streamlined the process of creating and managing our ISO 27001 documentation, making it not only more efficient but also remarkably intuitive. The live expert support added a valuable layer of assurance, providing immediate, knowledgeable assistance whenever needed. This combination of innovative technology and expert guidance greatly facilitated our compliance journey, making complex tasks more manageable and less time-consuming. I highly recommend this toolkit to any organization aiming for ISO 27001 certification. It's a game-changer in simplifying the compliance process while ensuring accuracy and compliance with the standard.
Peter De Rudder
I used the Advisera ISO27001 toolkit a few years ago to build our ISMS. That toolkit was a great help. Now we need to comply with NIS2. The NIS2 toolkit has also some good material like the incident reporting which is very strict under NIS2. To document our NIS2 controls I used the Advisera "Comprehensive Guide to the NIS2 directive". In this document you have a very good table to check your existing controls and list the controls you are missing. A big thanks to the Advisera team who are always willing to help out if you have any questions.
Brian Gould
With the need to demonstrate GDPR compliance, the toolkit has enabled me to get through the required documents methodically and the online assistance has been fabulous.
Kevin Harkin
It provided a clear outline of what was required saving a massive amount of time and research.
Piers Anderson
Using the toolkit to create documentation has focused us on the tasks and changes that we need to make.
Steven Bailey
Allowed me to kickstart the documentation set of the project.
Vaclav Jakoubek
I have used the templates to get some know how for my work. Based on this I have prepared my methodology. Thanks for this.
Dragutin Vukovic
Although I already have all needed documentation in place, in your documentation toolkit I found a number of ideas for improvements to my documents.
Fabrizio Salvadori
Surely it is an essential starting point to deepen and tailor corporate documentation and to achieve the results planned in a shorter time. Thank's
 
				 100% secure online billing
					100% secure online billingAES-256bit SSL safe
What Makes the NIS2 Toolkit Special?
WHY CHOOSE ADVISERA?
Choose Advisera for your compliance project and benefit from:
- over a decade of expertise in the compliance industry helping thousands of companies get compliant with standards and regulations
- > 98% satisfaction rate with products and customer support
- highest quality and regularly updated documents created by renowned experts
STEP-BY-STEP GUIDANCE FOR YOUR IMPLEMENTATION
The NIS2 toolkit documents are organized to guide you on your implementation path. They’re structured in clearly numbered folders, so that you know where to start, and – after each document is completed – where to go next.
WIZARDS THAT SPEED UP YOUR DOCUMENT WRITING BY 50%
Before you download documents, you can use wizards to automatically insert your company name and logo into each document. Further, with the help of AI technology, these wizards automatically suggest roles and responsibilities for particular security tasks – since figuring out who has to do what usually takes most of the time, this is a huge time saver.
90% COMPLETE – GUIDANCE FOR THE REMAINING 10%
We’ve done 90% of the work a consultant would charge you for. Once you download the documents, you’ll notice that they are prefilled with everything required by NIS2 and Commission Implementing Regulation (CIR) 2024/2690, and you simply need to move through the documents and adapt them for your company. To make it easier for you, our experts have added placeholders where you need to fill out your company-specific information.
ADDITIONAL INSTRUCTIONS FOR MORE SPECIFIC TASKS
Completing some parts of a document might be a challenge for you if you’ve never done this before. In these cases, we’ve added comments with detailed instructions and, where needed, links to articles that will help you understand and complete these sections.
FULLY CUSTOMIZABLE DOCUMENTS
Most companies have a specific design and structure for their official documents. There’s header information, confidentiality level, and even prescribed graphic design and fonts. Once you download the documents, all of them are fully customizable in MS Word and Excel, so that you can make them look just the way they should.
ALL THE SUPPORT YOU NEED
NIS2 compliance is much more than just documentation. Security rules needs to be adapted to your company, and you need to deal with your employees, your management, and your existing processes in an appropriate way.
This is why our experts are on hand with live online support to answer any difficult questions – we can set up a call via Zoom, MS Teams, or through any other method convenient for you; or, we can answer your questions via email – whatever suits you best.
 
				
									 
							Want to see what the documents look like?
Schedule a free presentation, and our representative will show you any document you're interested in.
Right for Your Business?
Created by Experts
Advisera’s toolkits are developed by some of the most experienced consultants for NIS2 and cybersecurity, as well as AI experts.
Easy to Understand, Simple to Use
All documents are 90% pre-written. AI will help you fill out each document with information specific to your company, so you’ll save both time and money with your NIS2 implementation process.
Built for Critical Infrastructure Entities
We have built the toolkit to help essential and important organizations minimize the time and cost of implementation. Our easy-to-use toolkit will help you implement your network and information systems security policies and procedures, and get yourself NIS2 compliant.
We understood your needs, found the answers to your questions, and developed our NIS2 Toolkit especially for your company.
Expert Support
How does EXPERT SUPPORT work?
		
	
					- 
							1
				
				Live expert supportOur NIS2 expert will meet with you and tell you where to start, what the next steps are, and how to resolve any issues you may face with security management. You can meet via Zoom, MS Teams, or through any other means at your convenience. 
- 
							2
				
				Email supportReach out to us at any time during your implementation project, and have your questions answered within 24 hours by our experts. 
- 
							3
				
				Expert review of a documentOnce you complete your documents, let our experts review them – they’ll provide you with feedback and indicate what needs to be improved. 
Live expert support
Our NIS2 expert will meet with you and tell you where to start, what the next steps are, and how to resolve any issues you may face with security management. You can meet via Zoom, MS Teams, or through any other means at your convenience.
Email support
Reach out to us at any time during your implementation project, and have your questions answered within 24 hours by our experts.
Expert review of a document
Once you complete your documents, let our experts review them – they’ll provide you with feedback and indicate what needs to be improved.
 
                Leading expert on cybersecurity & information security and the author of several books, articles, webinars, and courses. As a premier expert, Dejan founded Advisera to help small and medium businesses obtain the resources they need to become compliant with EU regulations and ISO standards. He believes that making complex frameworks easy to understand and simple to use creates a competitive advantage for Advisera's clients, and that AI technology is crucial for achieving this.
As an ISO 27001 and NIS2 expert, Dejan helps companies find the best path to compliance by eliminating overhead and adapting the implementation to their size and industry specifics.
NIS2 Documentation Toolkit Options
NIS2 Documentation Toolkit
77 templates (in English) for all policies and procedures required for cybersecurity and incident reporting
Total: €1997
Please select the country for Local cybersecurity toolkit to proceed with checkout
You save €306
NIS2 Documentation Toolkit
77 templates (in English) for all policies and procedures required for cybersecurity and incident reporting
NIS 2 Cybersecurity Training & Awareness
1 year access for up to 200 employees
Total: €3733
Please select the country for Local cybersecurity toolkit to proceed with checkout
Frequently Asked Questions
Didn’t find the answer? Check out our FAQs. This easy-to-use section will help you to find answers to the most-asked questions.
Where can I check if a country has published local cybersecurity legislation based on NIS 2?
To check if a country has transposed NIS 2 into its local legislation, click this link to see NIS2 Transposition Tracker: https://ecs-org.eu/activities/nis2-directive-transposition-tracker/.
Which standards and regulations were used when creating this toolkit?
Advisera’s experts primarily focused on covering all the requirements from the following frameworks when building NIS2 Documentation Toolkit:
- NIS2 EU Directive
- Commission Implementing Regulation 2024/2690
- ENISA NIS2 Technical Implementation Guidance
On top of this, the following standards were used as the basis for this NIS2 Documentation Toolkit:
- ISO 27001
- ISO 27002
- ISO 27004
- ISO 27005
- ISO 22301
- ISO 19011
When and how will I get the toolkit?
Immediately after the transaction is processed, you will receive an email with a link to access the AI-powered toolkit. It could not be quicker or simpler.
Is this AI technology reliable?
All AI technologies used for this toolkit are thoroughly tested. On top of this, the AI-powered wizards only suggest the best content to fill out, but you can always override the suggestion and fill out your own information.
What payment methods do you accept?
We take all major credit cards and PayPal payment, and we can accept a wire transfer from your bank account.
How do you keep my payment information safe?
We use Secure Socket Layer (SSL) technology, the industry standard. SSL is one of the world’s most secure ways to pay online. Your payment information is encrypted, and then immediately sent to the payment processor. We don’t see your payment information, and we don’t store any details.
Which currencies are accepted?
We accept payment in 50+ common currencies, including Euros, US Dollars, Swiss Francs, and British Pounds.
I’m just not certain if these documents are what I need. Can I take a look before buying?
Of course! Click on the “FREE TRIAL” button, type in your name and email address, and you can have a free preview of every NIS 2 document before you make your purchase decision.
Who is Advisera?
Advisera Expert Solutions Ltd is a company specialized in providing online support for ISO implementation. In the last 15 years, it has covered all the major privacy and cybersecurity regulations and ISO standards, and it is selling its products in more than 100 countries worldwide. Read more here.
Schedule a Free Presentation
Need some help? Contact us now. We respond quickly.
 
             
						