05 · NIS2

Risk, suppliers, and incidents, with a trail.

NIS2 requires attention to risk, governance, incidents, and supply chain. Velqory can support documentation and technical organisation without replacing legal analysis or regulatory decisions.

Institutional position

Framework

Institutional pages clarify Velqory public positioning. The concrete relationship with each customer still depends on proposal, contract, SOW, DPA, or approved document.

NIS2 applicability depends on entity, sector, size, and applicable national transposition.

Velqory supports documentation, evidence, and technical processes when contracted.

We do not claim automatic NIS2 compliance.

Preparation areas

The practical value is reducing ambiguity: who approves, who responds, what evidence exists, and which suppliers are involved.

Inventory of assets, services, suppliers, and critical flows.
Incident, decision, communication, and corrective action records.
Review of access, backups, continuity, and external dependencies.
Tracking responsibilities between customer, Velqory, and third parties.

Documentation by project

Documentation should follow the real service scope, not a generic template detached from operations.

Responsibilities and official contacts in contract or SOW.
Change, acceptance, support, and escalation procedures.
Retention, deletion, suppliers, and data location where applicable.

Limits and validation

Limits

This page does not determine whether an entity falls under NIS2.
This page does not replace legal, regulatory, or sector-specific assessment.
Concrete measures depend on the contract, infrastructure, and customer risk.

Map risk with source and evidence.

Contact Velqory View commercial terms