Translations:Network and Information Security Directive (NIS2-RL)/100/en

Aus RI Wiki
Zur Navigation springenZur Suche springen
  • **Oversight**: They are required to supervise the implementation of cybersecurity measures, ensuring effectiveness and compliance. They must ensure regular review and updates of such measures.
  • **Resource allocation**: Management bodies are responsible for providing sufficient financial and personnel resources for cybersecurity. This includes developing and regularly updating a detailed resource allocation plan.
  • **Risk oversight**: Management must monitor and manage cybersecurity risks, conduct comprehensive assessments including the identification of critical systems, potential incident impacts, and ensure development and review of incident response plans.
  • **Training**: Management must attend cybersecurity training and ensure employees receive training to detect, assess, and manage risks.
  • **Accountability**: Management bodies are liable for any breach of cybersecurity obligations that causes damage, unless already covered by the Liability of Public Officials Act (OrgHG), BGBl 181/1967[1].
  • **Strategic priority**: These obligations aim to establish cybersecurity as a strategic priority at the highest level of management.
  1. S. 33
Abgerufen von „https://wiki.atlaws.eu/index.php?title=Translations:Network_and_Information_Security_Directive_(NIS2-RL)/100/en&oldid=3562