NIS2 Quality Mark

Do your customers ask you how you have taken care of cybersecurity and digital resilience? As a supplier of NIS2 companies, you can demonstrate this in an accessible way with the NIS2 Quality Mark. Find out how you can obtain the certification.
Discover more
Header imageArrow
Pragmatic quality mark

Pragmatic and accessible

The NIS2 Quality Mark was set up as a practical and accessible standard specifically for suppliers of NIS2 organizations. Are your clients subject to NIS2? Then you can expect questions to demonstrate your cybersecurity and digital resilience. With the NIS2 Quality Mark this is possible in an accessible way
The process

Certification in five steps

1. Pre-registration

Certification starts with a pre-registration at NIS2 Quality Mark. Your organization receives a registration number (required for the audit) and a license to use the NIS2 Quality Mark Logo, to show you are actively working to comply with the standards.

2. Implementing control measures

Based on your risk profile, you implement control measures to increase your cyber resilience. These are based on the chosen version of the NIS2 Quality Mark: Basic, Substantial or High

3. Internal pre-audit

With an internal pre-audit you prepare yourself for the external audit. If the control measures are correctly implemented you are ready for the external audit. In this phase, attending the (free) pre-audit webinar of NIS2 Quality Mark is required.

4. External audit

With your registration number (and after attending one of the pre-audit webinars), you can hire an approved auditor for the external audit. Digital Security Instituut is an approved audit partner of NIS2 Quality Mark. Requesting and planning the external audit, is organized through the central organization Auditplanner.

5. Certificaction

If the external audit is successfully completed, the NIS2 Quality Mark certificate is awarded. The certificate is valid for three years.
External audit

The audit process

What is the process for an external audit?
The auditor will first review the organization's policies, processes and security measures to get an initial picture of compliance with the NIS2 Quality Mark standards.
Depending on the type of organization and scope of the audit, the assessment will be performed. This can be done on-site, remotely or in a combination.
Auditors will focus on the areas with most cyber risks, assessing the technical measures, procedures (e.g. awareness training), and compliance (such as incident reporting).
A report with findings is shared, including improvement points and recommendations. If the audit is successfully completed, the NIS2 Quality Mark will be awarded.

Offer through Auditplanner

Digital Security Institute is an approved audit partner of NIS2 Quality Mark. External audits can be requested via the central Auditplanner.
You can specify your preferred auditor in the request. We would be pleased to perform the external audit for you.

Please make sure you have completed the pre-registration and pre-audit webinar before requesting the external audit.   

If you have additional questions about the proces, please feel free to contact us.
info@digitalsecurityinstituut.nl
HSD Campus
Wilhelmina van Pruisenweg 104
‍2595 AN  Den Haag

Offer and invoicing process

Planning the external audit for your NIS2 Quality Mark certificate follows the below steps (via Auditplanner):

  1. Fill in the request form
  2. Auditplanner calculates the required audit time (based on the characteristics of your organization and the NIS2 Quality Mark requirements)
  3. Auditplanner issues the offer (for your preferred auditor)
  4. After your agreement, you receive a confirmation to sign
  5. Auditplanner will send the invoice
  6. When you have paid the invoice, the audit will be planned
  7. You can decide the exact date / time with your preferred auditor.