The NIS2 Directive (EU 2022/2555) represents the most significant evolution of European cybersecurity legislation to date. It requires organizations operating in essential and important sectors to strengthen cybersecurity risk management, improve incident response and ensure supply chain security. Failure to comply may result in regulatory penalties, reputational damage and increased operational risk.
With the SGS Supply Chain Mark, we support you in demonstrating compliance with NIS2 requirements through an independent, structured and transparent assessment process. The Supply Chain Mark provides clear evidence that your organization is proactively managing cybersecurity risks and strengthening its digital resilience.
As the world’s leading testing, inspection and certification company, we combine in-depth regulatory expertise with advanced cybersecurity and digital trust capabilities to support organizations across complex regulatory landscapes.
We provide:
NIS2 replaces the original NIS Directive and expands its scope from 7 to 15 critical sectors, including energy, transport, healthcare, digital infrastructure and financial services. The directive emphasises:
National implementation is expected by 2026. Non-compliance may result in penalties and reputational damage.
The pathway to the NIS2 Supply Chain Mark follows a clear, structured process:
The NIS2 Supply Chain Mark is designed for: