Table of contents
- A decisive step for national security
- The new reader’s guide
- Baseline security measures
- Significant incidents
- Operational appendices
- Accessing the document
A decisive step for national security
The NIS Decree (Legislative Decree 138/2024) implements the EU NIS Directive, aiming to enhance the country’s cyber security level.
In a time of increasing cyber threats against critical sectors, digital resilience has become a strategic priority.
The new reader’s guide
The “NIS Guidelines – Baseline Specifications” by ACN offer operational support for essential and important NIS entities. The guide clarifies compliance with Articles 23, 24, and 25 of the decree, making the rules more practical and actionable.
Baseline security measures
The first section covers baseline security measures, including:
- a risk-based approach,
- types of requirements,
- necessary documentary evidence.
Significant incidents
The second section defines significant incidents, explaining:
- cases requiring notification,
- the concept of “incident evidence”,
- risks from privilege abuse.
Operational appendices
Four annexes complement the guide:
- mapping security measures to Article 24;
- risk-based requirements;
- list of documents requiring executive approval;
- glossary of technical terms.
Accessing the document
The guide is available for download on the ACN official portal, NIS regulations section. A practical and educational resource to help organizations achieve compliance.
