SERVICES

NIS 2 Compliance Consulting Services (Hungary)

Your Key to Achieving Regulatory Alignment

Although NIS 2 is a European Directive, there are several allocated duties and tasks to member states and companies operating in a particular EU-member state.

This info-sheet is dedicated to companies operating sites in Hungary and want to achieve a status in compliance with NIS 2. National-specific requirements are considered in this leaflet.

Our specialized consulting services are tailored to meet your needs and ensure seamless alignment with the regulatory framework.

Navigating the complexities of NIS 2 compliance can be daunting, especially with the unique requirements set forth by each member state. However, with our expert guidance, you can streamline the process and achieve compliance efficiently.

nis2-directive

Involved parties

  • SZTFH (Supervisory Authority for Regulatory Affairs) is the appointed governmental organisation managing NIS 2 related activities in Hungary
  • Audit providers: Accredited bodies by SZTFH for providing cybersecurity audit services for companies in the scope of NIS 2
  • Companies providing “essential services” (NIS 2 Directive Annex I):
    • Energy – electricity, district heating and cooling, oil, natural gas, hydrogen
    • Manufacture of pharmaceutical products including vaccines
    • Drinking water and wastewater
    • Transport – air, rail, water, road
    • Banking (except for central banks)
    • Financial market infrastructures
    • Health
    • Digital infrastructure – internet exchange points (IXPs), DNS providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery networks, trust service providers, public electronic communications networks, electronic communications services
    • ICT service management (business-to-business)
    • Space industry
    • Central and regional public administrations
  • Companies providing “important services” (NIS 2 Directive Annex II):
    • Postal and courier services
    • Waste management
    • Chemicals – manufacture, production, distribution
    • Food – production, processing, distribution
    • Manufacture of medical devices
    • Manufacture of computers, electronic and optical products, electrical equipment, machinery and equipment, and motor vehicles and other transport equipment
    • Digital providers – online marketplaces, online search engines, and social networking service platforms

Important dates for companies in Hungary

  • 01.2024 – 30.06.2024 self-assessment and registration at SZTFH
  • 10.2024 paying surveillance fee (0,015 % of net turnover from previous business year) and implementing protective measures (controls)
  • 10.2024 – 31.12.2024 contacting accredited audit service provider
  • 12.2025 completing the first cybersecurity audit by the audit service provider!

Compliance focuses for companies in Hungary

  • classification of information systems operated by the company based on risk levels represented by them (low, medium, high-risk systems / applications)
  • implementation of cyber-risk-based approach
  • identification and assessment of risks related to company’s information assets
  • risk treatment plan
  • established reporting lines for information security incidents to authorities

What service do we provide for our clients?

We are committed to helping companies in Hungary achieve NIS 2 compliance with confidence. Contact us today to learn more about how we can support your journey towards regulatory alignment.