Audit41Readiness

NIS2 coverage

NIS2 compliance guidance for every EU+EEA country.

Audit41 Readiness covers all 30 EU+EEA member states. Select your country for jurisdiction-specific requirements, deadlines, and what your organisation must do.

Phase 1 โ€” Full guidance available

๐Ÿ‡ฉ๐Ÿ‡ฐ Denmark

Center for Cybersikkerhed (CFCS)

Article 21 compliance deadline

NIS2-loven Article 21 risk management measures must be in place.

See Denmark guidance โ†’

๐Ÿ‡ญ๐Ÿ‡บ Hungary

SZTFH (Supervisory Authority for Regulated Activities)

First audit deadline

First mandatory cybersecurity audit must be completed by June 30, 2026.

See Hungary guidance โ†’

Phase 2 โ€” Guidance available

๐Ÿ‡ง๐Ÿ‡ช Belgium

Centre for Cybersecurity Belgium (CCB)

Conformity deadline

Essential entities must demonstrate conformity to CCB by April 18, 2026.

See Belgium guidance โ†’

๐Ÿ‡ณ๐Ÿ‡ฑ Netherlands

NCSC-NL / RDI (Rijksinspectie Digitale Infrastructuur)

Full enforcement

The Cyberbeveiligingswet enters full force October 1, 2026. EU baseline obligations apply now.

See Netherlands guidance โ†’

All 30 EU+EEA countries

๐Ÿ‡ฆ๐Ÿ‡น Austria๐Ÿ‡ง๐Ÿ‡ฌ Bulgaria๐Ÿ‡ญ๐Ÿ‡ท Croatia๐Ÿ‡จ๐Ÿ‡พ Cyprus๐Ÿ‡จ๐Ÿ‡ฟ Czech Republic๐Ÿ‡ช๐Ÿ‡ช Estonia๐Ÿ‡ซ๐Ÿ‡ฎ Finland๐Ÿ‡ซ๐Ÿ‡ท France๐Ÿ‡ฉ๐Ÿ‡ช Germany๐Ÿ‡ฌ๐Ÿ‡ท Greece๐Ÿ‡ฎ๐Ÿ‡ช Ireland๐Ÿ‡ฎ๐Ÿ‡น Italy๐Ÿ‡ฑ๐Ÿ‡ป Latvia๐Ÿ‡ฑ๐Ÿ‡น Lithuania๐Ÿ‡ฑ๐Ÿ‡บ Luxembourg๐Ÿ‡ฒ๐Ÿ‡น Malta๐Ÿ‡ต๐Ÿ‡ฑ Poland๐Ÿ‡ต๐Ÿ‡น Portugal๐Ÿ‡ท๐Ÿ‡ด Romania๐Ÿ‡ธ๐Ÿ‡ฐ Slovakia๐Ÿ‡ธ๐Ÿ‡ฎ Slovenia๐Ÿ‡ช๐Ÿ‡ธ Spain๐Ÿ‡ธ๐Ÿ‡ช Sweden๐Ÿ‡ฎ๐Ÿ‡ธ Iceland๐Ÿ‡ฑ๐Ÿ‡ฎ Liechtenstein๐Ÿ‡ณ๐Ÿ‡ด Norway

Country-specific guidance for all EU+EEA states is being finalised. The self-check already applies country-specific classification rules for all 30 countries.

Not sure which country applies to your organisation?

If you operate across multiple EU member states, start with the self-check โ€” it handles multi-jurisdiction situations.

Start free self-check โ†’