NIS2 Β· Risk Assessment

NIS2 Risk Assessment for Suppliers

Structured methodology for NIS2-compliant risk assessment.

A robust risk assessment is the cornerstone of every NIS2-compliant TPRM program. It must be objective, traceable, current and auditable.

The CIA Triad as assessment basis

Confidentiality, Integrity, Availability β€” each dimension is assessed separately and aggregated into an overall risk score. 360TPRM maps the CIA triad for every supplier.

360TPRM Risk Matrix

Maximum risk and average risk per CIA dimension, aggregated into an overall risk score.

Criticality classification β€” four levels

360TPRM classifies suppliers into four levels: Critical, High, Medium and Low β€” with different monitoring intensity and review frequency.

FAQ

How often must risk assessments be updated?+

Critical suppliers: continuously plus annual deep review. Immediately upon risk events such as a new CVE or dark web discovery.

Automated risk assessment with 360TPRM

See in a 45-minute demo how 360TPRM specifically meets your requirements.

Request free demo β†’