Description

The deadline for companies to complete their first audit verifying NIS2 compliance was extended from December 31, 2025, to June 30, 2026. Organizations must demonstrate implementation of cybersecurity risk management measures, incident response capabilities, and supply chain security.

Requirements

Complete NIS2 compliance audit
Demonstrate cybersecurity risk management measures
Verify incident response capabilities
Document supply chain security measures
Prepare audit report for national authority

Applicable To

Essential EntitiesImportant EntitiesEU Critical Infrastructure Operators

Penalty Information

⚠Fines up to EUR 10 million or 2% of global annual turnover; personal liability for management bodies.

124

days remaining

June 30, 2026

Share:X in @

Framework

NIS2 Directive

EU Network and Information Security Directive 2

Related NIS2 Directive Deadlines

Sweden NIS2 Cybersecurity Act Takes Effect
January 15, 2026
NIS2 - Entity Registration Deadline
February 28, 2026
Netherlands NIS2 Implementation Expected
June 30, 2026

NIS2 First Compliance Audit Deadline