-
Statutory Audit
Our highly professional audit will help you make the best possible business decisions, giving you reliable information about the state of your business.
-
IT audit and other certification services
Our IT audit services help you evaluate and develop IT management that is relevant to your business.
-
IFRS
Grant Thornton International member firms combine broad international experience with technical know-how in audits of IFRS based financial statements
-
Transaction advisory services
Planning an acquisition or a sale of a business? Our dedicated transaction advisory team helps you through the process, focusing on transaction-critical factors.
-
Valuation services
Do you know the value of your business?
-
Corporate finance
Our M&A advisory team will assist you, whether you need strategic advice, you are buying or selling a business, planning an MBO/MBI or you need to raise funds.
-
International Tax
Our global network supports you and your company
-
VAT
Minimise your risks and lower your company’s costs with the right advisory
-
Bookkeeping and financial accounting
Whether you need support in preparing your financial accounting or are looking for us to handle the entire process on your behalf, we have the skills and experience to help you.
-
Payroll
Payroll and, in addition, personnel administration are the biggest and most time-consuming challenges facing expanding organisations.
-
Internal audit services
Internal audit helps you not only in risk management but in streamlining processes and in the successful implementation of business strategies as well.
-
Forensic and Dispute services
Our forensic and dispute services team will help you with investigations and dispute resolution. Grant Thornton’s experts provide insightful analyses and reports which help to resolve disputes. We also conduct fraud investigations.
-
Sustainability advisory
To achieve sustainable development goals, a plan is required. We offer guidance in sustainability management, assisting your company in setting clear objectives and identifying environmental and stakeholder risks.
-
Sustainability assurance
The requirements for sustainability reporting have increased, and more and more companies are communicating their sustainability efforts in their annual reporting. We can assist you in meeting the latest legislative requirements.
-
Project Management Services
In the digital age, project management takes center stage in driving the success of digital initiatives.
-
Cyber security
When have a clear view of the processes together we can design a security framework that aligns with your company´s goals.
Is NIS2 the new cyber project after GDPR?
GDPR primarily focuses on the protection of personal data and the privacy of individuals. It sets out rules and regulations for the processing of personal data and places specific obligations on organizations that handle such data.
NIS2, on the other hand, concentrates on the resilience and security of network and information systems, especially in sectors deemed critical to society and the economy. It outlines requirements for enhancing the cybersecurity posture of these critical sectors, including incident reporting, risk management, and security measures.
In essence, while both GDPR and NIS2 are essential components of the broader European cybersecurity and data protection framework, they serve different roles, with GDPR primarily addressing personal data protection and privacy, and NIS2 dealing with the security of critical infrastructure and systems.
The NIS2 (Network and Information Security) proposal is a transformative step towards fortifying the digital landscape in the European Union. It lays out three pivotal objectives that will shape the future of cybersecurity and resilience across the EU:
- Governance
- Incident Detection and Response
- Securing and Testing Perimeters and Assets
http://data.europa.eu/eli/dir/2022/2555/oj
Enhanced Cyber-Resilience in a world where the digital realm permeates every facet of our lives, the first objective of NIS2 is to elevate cyber-resilience. It mandates that all public and private entities, spanning various sectors, must adopt robust cybersecurity measures. Notably, NIS2 extends its protective umbrella to encompass vital sectors like telecoms, social media platforms, and public administration. This expansion unifies cybersecurity rules, leaving no room for fragmentation as seen in the previous NIS1 implementation. It also ensures the safety of the ICT supply chain, a crucial aspect in the era of the Internet of Things (IoT).
Harmonizing Resilience To create a seamless and consistent cyber-resilience framework across the EU, NIS2 aligns multiple key elements. It standardizes the scope, security requirements, incident reporting, and enforcement measures. The proposal underscores the importance of a two-stage incident reporting process, promoting timely responses to potential threats. Furthermore, NIS2 introduces a range of administrative sanctions, including binding instructions, security audit recommendations, and significant fines for non-compliance.
€10 million or 2% of annual worldwide turnover
In the modern corporate landscape, the CEO and Board of Directors bear the responsibility of staying abreast of the latest developments, understanding the path to control, and ascertaining the organization's positioning. Consequently, a personal liability has been established for CEOs, primarily targeting Essential Entities. This liability entails financial penalties ranging from 1.4% to 2% of revenue.
By introducing personal liability, NIS2 underscores the significance of proactive leadership in the realm of cybersecurity, where ignorance is no defense.
Collaborative Preparedness NIS2 not only strengthens individual cybersecurity but also enhances the EU's collective capability to handle large-scale cybersecurity incidents and crises. By fostering trust and information sharing among competent authorities, the proposal enables a coordinated response. It establishes an EU crisis management framework, where Member States play a pivotal role in handling EU-wide cybersecurity incidents.
With NIS2, the EU is poised to create a safer and more resilient digital environment. It's a significant step towards safeguarding businesses, governments, and society as a whole in an ever-evolving digital landscape.
The directive to be reflected into national law by 17 October 2024. NIS2 based legal rules should apply from 18 October 2024
NIS2, the directive aimed at fortifying cybersecurity, presents a unique opportunity for Chief Information Security Officers (CISOs) to step into a leadership role within their organizations.
NIS2 heralds a new era where CISOs transcend their traditional advisory role to emerge as strategic leaders. No longer confined to the technical realm, they are now the torchbearers of both technical excellence and business acumen. As leaders, CISOs guide their organizations towards a future where cybersecurity is a central pillar of success.
By embracing their leadership role, CISOs can not only elevate the importance of cybersecurity within their organizations but also expand their budget and scope of action. Their primary goal remains steadfast: to champion comprehensive security in a continually evolving digital landscape.
To fulfill this leadership mission, CISOs can develop a strategic plan centered on three key pillars:
- Governance - Ensuring that the organization's leadership fully grasps and prioritizes cybersecurity responsibilities.
- Incident Detection and Response - Building a resilient response system to swiftly address security incidents and protect the organization.
- Securing and Testing Perimeters and Assets - Strengthening defenses and regularly testing them to maintain a proactive and robust security stance.
With NIS2 as the catalyst, CISOs have the chance to assume a pivotal leadership role, guiding their organizations through the complex world of cybersecurity, and steering them towards a safer and more secure digital future.
