The EU Directive on the security of network and information systems (NIS) was approved in August 2016, giving Member States 21 months to embed the Directive into their respective national laws. The Directive becomes UK law in May 2018.
All organisations deemed 'Operators of Essential Services' must comply from this date. The pages below will help you to implement the Directive.
You should should work your way through the pages below in sequence. This will give you the clearest picture of what you need to achieve for NIS compliance and also the best understanding of how to use our guidance as part of this process.