ODO24 Logo
ODO24 Logo
ODO24 Logo
GDPR questions and answers

GDPR: QUESTIONS AND ANSWERS

Category:
IT Security

Despite the removal of references to standards, does implementing ISO 27001 and ISO 22301 ensure compliance with the Directive’s requirements?

ANSWER

Implementing ISO 27001 (relating to information security management systems) and ISO 22301 (relating to business continuity management) can significantly contribute to compliance with the requirements of the NIS2 Directive, but does not in itself guarantee full compliance.

The NIS2 Directive places emphasis on specific cybersecurity, risk management, and incident response requirements that may go beyond the scope of ISO standards. Implementing these standards can help build solid foundations in terms of security and business continuity, but organisations will additionally need to analyse and fulfil the specific requirements of the Directive, such as those relating to incident reporting, system monitoring, or cooperation with supervisory authorities.

As a result, implementing ISO 27001 and ISO 22301 is a helpful step, but organisations must ensure that their procedures are also compliant with the specific provisions of NIS2.

Show all
PreviousNext

Read also:

07 June 2026

Przygotuj się na atak phishingowy, nim będzie za późno

07 June 2026

TikTok a RODO w sektorze publicznym – czego urzędy mogą dowiedzieć się z niemieckich zaleceń dla instytucji

02 June 2026

Czy do spełnienia wymogów ustawy o krajowym systemie cyberbezpieczeństwa (KSC / NIS2) potrzebne jest Security Operations Center (SOC)?

RODO Migawki

Bezpłatny e-learning dla pracowników

Receive a free package of 4 tutorials and 4 e-learning trainings
The controller of your data is ODO 24 sp. z o. o.
Does implementing ISO 27001 and ISO 22301 ensure NIS2 compliance? | ODO 24 | ODO 24