Achieving NIS2 Compliance in Offshore Drilling

How 7N helped ensure compliance and risk reduction in a high-quality sector.

Off-shore Drilling platform with ship
Background image

CHALLENGE

Matching complex requirements

A Norwegian client in the offshore drilling industry needed to ensure compliance with the EU NIS2 Directive. Although Norway is still in the process of fully adopting the legislation, the company is required to comply due to its EU-based customers and the heightened regulatory requirements placed on critical sectors such as oil and gas.

As the client had already taken significant steps toward implementing the required measures, the initial objective of the engagement was to conduct a NIS2 readiness assessment. This assessment aimed to understand the organization’s current compliance level and identify any remaining gaps or required actions.

Following the successful completion of the assessment, the collaboration was expanded to include the implementation and configuration of a compliance management software solution for ongoing monitoring and documentation, as well as additional initiatives to achieve full NIS2 compliance, including policy development and penetration testing.

SOLUTION

Testing and supporting compliance

A team of Norwegian and Danish 7N specialists conducted the NIS2 readiness assessment using the CIS18 framework. The assessment was conducted through workshops and structured questionnaires.

During the workshops, 7N consultants guided the client’s team through the very technical CIS18 questionnaire, translating it into practical terms to support accurate responses. Based on the assessment results, 7N produced a comprehensive report and presented the findings to executive leadership, confirming its NIS2 compliance.

Throughout and following the engagement, 7N supported additional activities, including:

Support from the 7N client executive in communicating the urgency of the initiative to C-level stakeholders, helping to secure alignment and funding
Implementation and configuration of a compliance management software tool, including training and handover
Assistance with writing and documenting security policies based on existing organizational practices
Execution of penetration testing to verify whether documented controls were implemented in practice

IMPACT

Documented
NIS2 readiness

The engagement resulted in a documented NIS2 readiness assessment, validation of compliance activities, and measures to ensure ongoing compliance. 

Commenting on the cooperation, the client noted that:
"The 7N client representative showed a strong understanding of both our needs and the NIS2 Directive. Throughout the engagement, he not only provided consistent and relevant follow-up but also helped communicate the urgency and potential business implications of non-compliance to C-level, which was instrumental in securing executive sponsorship for the project."

A completed NIS2 assessment with documented findings
Identification of high-risk areas through penetration testing and remediation of those findings
Presentation of results to executive leadership and the board
Implementation of a compliance management tool to support ongoing follow-up of procedures, suppliers, and documentation

Find out more

A man in the Warsaw office, Poland, looking out the window.

Explore our other

case studies

Dive into

IT insights

A man looking at a computer while working at the Warsaw office in Poland.

How can we help?

We provide IT services with the range and flexibility to manage the complexities of your unique digital challenges.

How we deliver Get in touch