What you get working with a PECB-certified NIS2 lead implementer
Three ways to engage, depending on how much of the work you want to own.
I am a PECB Certified NIS2 Lead Implementer, and one of a small group in Europe with that credential. The certification sits on top of hands-on delivery work with Essential and Important Entities across several sectors.
Pick the tier that fits. Or book a call and we will decide together.
Done-For-You NIS2 Compliance Program
Complete Implementation & Management
Comprehensive assessment package
- Complete sector analysis and entity classification
- Gap analysis with prioritized action items
- Custom compliance roadmap with realistic timelines
- Risk exposure calculation and mitigation strategies
Implementation support
- Executive briefings for board-level understanding
- Policy development and documentation
- Incident response procedure creation
- Supply chain security framework design
- Staff training and awareness programs
Ongoing compliance management
- Monthly compliance health checks
- Quarterly risk assessments and updates
- Annual audits and certification maintenance
- 24/7 incident response support
- Regulatory update briefings
Done-with-you consulting
Strategic Guidance for Your Team
Executive advisory sessions
- Monthly strategic calls with C-level leadership
- Compliance progress reviews and obstacle resolution
- Best practice implementation guidance
- Competitive advantage optimization strategies
Do-it-yourself training and resources
Comprehensive Self-Guided Implementation
NIS2 Mastery Course
- Complete compliance framework and checklists
- Template library for all required documentation
- Video walkthroughs of complex requirements
- Access to compliance tracking software
- Community of NIS2-compliant business leaders
Choose your implementation path
Done-For-You
Complete implementation and management
Do-It-Yourself
Self-guided course and templates
Common questions about working with us
Which service tier is right for my organization?
Done-For-You suits organizations without an internal security team, or teams that need to move fast without pulling engineers off the roadmap. Done-With-You suits organizations that already have a security function and need NIS2-specific expertise layered in. Do-It-Yourself suits teams with mature governance that just need the right framework and templates.
How quickly can we start?
Kickoff typically happens within two weeks of signing. The first deliverable, a scoped gap assessment, lands within the first four weeks. Full foundational compliance depends on your starting point but usually lands in 90 to 180 days.
Do you work with organizations outside the Netherlands?
Yes. We serve Essential and Important Entities across all 27 EU member states. National transposition differences (for example the Dutch Cyberbeveiligingswet, the German NIS2UmsuCG, the Belgian CyFun framework) are factored into every engagement. Use the transposition tracker to see your country's current status.
Can we start with an assessment before committing to a full program?
Yes. Most engagements begin with a scoped gap assessment. It produces an actionable findings document with prioritized recommendations, and you decide from there whether to continue into implementation with us or run the fixes yourself.
Do you handle ongoing compliance work after implementation?
Yes. The Done-For-You tier includes ongoing compliance management: monthly health checks, quarterly risk reassessments, regulatory update briefings, and incident response support. Done-With-You clients can add a lighter retainer for quarterly reviews.
Not sure which tier fits?
Start with the scope check or book a 30-minute call to talk through your situation. Both are free and no obligation.
Or download the checklist and board briefing kit to share internally.