NIS 2 And Critical Infrastructure

NIS 2 is a cybersecurity and governance regime. In Emiko documentation, it belongs to supplier assessment, governance and customer risk-review context.

Supplier Assessment Support

Vikingegaarden can support NIS 2-relevant supplier assessment by providing structured documentation about Emiko security, hosting, backup, access control and data processing.

Relevant documentation may cover:

• hosting provider and datacentre environment
• provider assurance scope, including ISO/IEC 27001 and ISAE provider assurance
• backup and restore model, including hosting-provider backup and additional independent Acronis backup
• role-based access control, organisational scoping and administrative access control
• security monitoring and endpoint or server protection
• GDPR documentation, subprocessor information and technical and organisational measures
• security questionnaire responses and supplier review material

Customer Responsibility Boundary

NIS 2 compliance depends on the customer's own scope, role, risk assessment, governance and national implementation requirements.

Emiko documentation supports supplier assessment by making the Emiko security, hosting, backup and data processing model clear. It does not replace the customer's own NIS 2 scope analysis, governance, supplier-management duties, incident reporting duties or legal review.

Enhanced Requirements

Customers with higher security or resilience requirements may need enhanced backup retention, immutable backup, scheduled restore testing, stronger recovery objectives, disaster recovery setup, additional access-control requirements or security questionnaire responses.

These requirements are handled through the relevant service scope, supplier assessment or customer security review.