ISAE 3000 assurance for NIS2 achieved – ready to support client compliance

NTT DATA Business Solutions has received an ISAE 3000 assurance report for NIS2, confirming that we meet the directive’s requirements as both an essential service provider and a supplier.

This marks the result of a thorough process to align with the new regulatory framework and demonstrates that we comply with NIS2 as an essential service provider. It also means we are well prepared to support clients on their path to NIS2 compliance.

NTT DATA Business Solutions | June 2, 2025 | 4 minutes

With the NIS2 directive set to take effect soon, the pressure is growing for essential service providers and their suppliers to prove control, compliance, and cyber maturity.

After months of preparation and detailed audit work, NTT DATA Business Solutions is now among the companies to receive an ISAE 3000 assurance report focused on NIS2 – issued by PwC.

This marks a significant milestone for our Managed Services team in the Nordics, and it reflects our high standards in cybersecurity as an operator of essential services and to our readiness to support clients preparing to implement the new EU directive.

We are fully prepared to support customers who rely on us as an indirect supplier for NIS2-related services

Daniel Lange CISO for region NEE

The assurance report confirms that we, as a company, meet the requirements NIS2 sets for operators of critical services.

At the same time, it documents that we have a well-established concept in place that also covers the indirect responsibility we hold towards our clients.

”We are fully prepared to support customers who rely on us as an indirect supplier for NIS2-related services, ensuring resilience, transparency, and compliance across the value chain,” says Daniel Lange, Director Business Development, Managed Services

This means that when our clients begin their own NIS2 implementation, they have a supplier who understands the processes, meets the requirements, and is ready to actively contribute from day one.

With NIS2, our cybersecurity obligations and responsibilities are stronger than ever.

Gitte de Linde Senior Director, Head of Managed Services Nordics

The NIS2 assurance report is based on controls defined by FSR (Danish Auditors) and confirms that we, as a supplier to essential sectors, comply with the requirements of the NIS2 directive.

This includes security governance, risk assessment, supplier management, incident response, and executive accountability – all core pillars of modern cyber governance.

”With NIS2, our cybersecurity obligations and responsibilities are stronger than ever. It ensures we’re protecting both our operations and our customers’ data with greater transparency, resilience, and accountability,” says Gitte de Linde, Senior Director, Head of Managed Services Nordics

Thousands of companies across critical sectors are covered by the new complex requirements for IT-security procedure and data control.

NTT DATA Business Solutions can help you prepare your organization for NIS2. We ensure that we cover every challenge, making the necessary additions and adaptations to your already existing IT-security programs.