License partner of

Contact
TISAX
NIS 2
CONFERENCE

SERVICES

NIS 2 Compliance Consulting Services (Hungary)

Your Key to Achieving Regulatory Alignment

Although NIS 2 is a European Directive, there are several allocated duties and tasks to member states and companies operating in a particular EU-member state.

This info-sheet is dedicated to companies operating sites in Hungary and want to achieve a status in compliance with NIS 2. National-specific requirements are considered in this leaflet.

Our specialized consulting services are tailored to meet your needs and ensure seamless alignment with the regulatory framework.

Navigating the complexities of NIS 2 compliance can be daunting, especially with the unique requirements set forth by each member state. However, with our expert guidance, you can streamline the process and achieve compliance efficiently.

Contact Us!
nis2-directive

Involved parties

  • SZTFH (Supervisory Authority for Regulatory Affairs) is the appointed governmental organisation managing NIS 2 related activities in Hungary
  • Audit providers: Accredited bodies by SZTFH for providing cybersecurity audit services for companies in the scope of NIS 2
  • Companies providing “essential services” (NIS 2 Directive Annex I):
    • Energy – electricity, district heating and cooling, oil, natural gas, hydrogen
    • Manufacture of pharmaceutical products including vaccines
    • Drinking water and wastewater
    • Transport – air, rail, water, road
    • Banking (except for central banks)
    • Financial market infrastructures
    • Health
    • Digital infrastructure – internet exchange points (IXPs), DNS providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery networks, trust service providers, public electronic communications networks, electronic communications services
    • ICT service management (business-to-business)
    • Space industry
    • Central and regional public administrations
  • Companies providing “important services” (NIS 2 Directive Annex II):
    • Postal and courier services
    • Waste management
    • Chemicals – manufacture, production, distribution
    • Food – production, processing, distribution
    • Manufacture of medical devices
    • Manufacture of computers, electronic and optical products, electrical equipment, machinery and equipment, and motor vehicles and other transport equipment
    • Digital providers – online marketplaces, online search engines, and social networking service platforms
Contact Us!

Important dates for companies in Hungary

  • 01.2024 – 30.06.2024 self-assessment and registration at SZTFH
  • 10.2024 paying surveillance fee (0,015 % of net turnover from previous business year) and implementing protective measures (controls)
  • 10.2024 – 31.12.2024 contacting accredited audit service provider
  • 12.2025 completing the first cybersecurity audit by the audit service provider!

Compliance focuses for companies in Hungary

  • classification of information systems operated by the company based on risk levels represented by them (low, medium, high-risk systems / applications)
  • implementation of cyber-risk-based approach
  • identification and assessment of risks related to company’s information assets
  • risk treatment plan
  • established reporting lines for information security incidents to authorities
Contact Us!

What service do we provide for our clients?

  • Assisting the registering process at SZTFH - From self-assessment to registration with the Supervisory Authority for Regulatory Affairs (SZTFH), we provide dedicated support throughout the compliance journey. Our team is committed to guiding you at every stage of the process.
  • Helping risk-based classification of local information systems - Our comprehensive approach ensures that your company meets all necessary obligations.
  • Implementing Information Security Management System (ISMS) based on international standards and requirement sets like ISO 27001:2022, TISAX, etc. (controls, policies, procedures, training, and awareness) - we assist in the establishment of Information Security Management Systems (ISMS) tailored to your organization's requirements.
  • Supporting risk assessment against information assets owned or managed by the company - we help you implement a robust cyber-risk-based approach, identify potential threats, and develop comprehensive risk treatment plans to safeguard your information assets.
  • Establishing incident management mechanism
  • Completing pre-audits before the visit of the third-party audit service provider - our pre-audit assessments and support streamline the audit process, minimizing disruptions to your operations

We are committed to helping companies in Hungary achieve NIS 2 compliance with confidence. Contact us today to learn more about how we can support your journey towards regulatory alignment.

Contact Us!

Subscribe to newsletter

Subscription for Newsletter

Linkedin Facebook Youtube

Services

Contact

Sponsor of SMANAG project:

Legal notices

©QFD