Πλαίσιο ελέγχων και συμμόρφωσης της Οδηγίας (ΕΕ) NIS2 2022/2555
Directive (EU) NIS2 2022/2555 : auditing and compliance framework
View/
Keywords
NIS2 Directive ; Cybersecurity ; Risk management ; Compliance ; Standardization ; Internal auditAbstract
This thesis focuses on the European NIS2 Directive, which was established with the aim of achieving a common, high level of cybersecurity across the European Union through technical and organizational risk management measures. Initially, it presents the historical evolution from the NIS Directive to NIS2 and analyzes its key innovations, such as strengthened cooperation and the expansion of its scope of application. It then examines the NIS2 compliance requirements, including information security governance, incident reporting, risk management, and the stricter supervisory and enforcement framework through audits and sanctions by the competent authorities. In addition, the thesis explores the role of standardization as a tool supporting compliance, emphasizing the alignment of NIS2 with ISO 27001 and the contribution of complementary standards such as ISO 27005, ISO 27035, and ISO 22313. A central part of the thesis is the analysis of an internal compliance audit framework for NIS2, based on principles and guidance from auditing standards, which serves as essential preparation for a potential external compliance audit. Furthermore, the thesis examines cybersecurity within the ICT supply chain, highlighting that reliance on third-party suppliers and service providers expands the attack surface and makes systematic third-party risk management necessary. Finally, the relationship between Artificial Intelligence and NIS2 is examined: AI can enhance cyber defense and incident response, while at the same time introducing new risks, making it necessary to establish an AI governance framework for the systematic management of AI.
Postgraduate Studies Programme
Κυβερνοασφάλεια και Τεχνολογίες Τεχνητής Νοημοσύνης / MSc Cybersecurity & AI TechnologiesDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Ψηφιακών ΣυστημάτωνNumber of pages
71Language
GreekCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα