focus will be provided for compliance with the directive through the alternative adoption of the NIST 2.0 CSF Framework, or of the ISO/IEC 27001 or of the more recent UNI/PDR 147:2025 standard, formulated specifically for NIS2 compliance for Italy, thanks to which it will be possible to:

(1) Set up and manage COMPLIANCE WITH THE NIS2 DIRECTIVE

(2) Understand the state of Cybersecurity protection of an organization, based on international Best Practices in the sector

(3) Identify and manage Cybersecurity Risks in all characteristic phases of business processes and services.

(4) Understand the areas of action and the security measures to be applied

(5) Integrate Cybersecurity practices into your organizational processes, products and services, helping to identify effective solutions to mitigate impacts and protect the privacy of people inside and outside the organization on the one hand and the Cybersecurity risks of assets, processes/services and critical company information on the other.

Furthermore, in this course, in addition to looking at the NIST CSF Cybersecurity Framework, version 2 together with the guidelines proposed by ENISA, other areas of compliance with regulations and standards are mentioned (GDPR, NIS2 Directive, Cybersecurity Act, ISO27001, ISO27701, etc.)

Provide the knowledge and practical tools necessary for compliance with the NIS2 Directive through the implementation and management of a Cybersecurity Governance and Risk Management system according to the NIST Cybersecurity Framework version 2, with the guidelines proposed by ENISA, and in accordance with UNI/PDR 174:2025.
The frameworks will also be compared and integrated with international ISO 27001 best practices as well as mandatory regulations, through a guided process that allows for the acquisition of the necessary implementation skills.

CISOs, DPOs, IT Auditors, Cybersecurity Experts, Privacy Managers, IT Managers, Privacy and Cybersecurity Consultants, Data Controllers and Processors, Privacy Officers, and anyone working in the fields of Privacy, Information Security, and Data Protection in general.

There are no specific prerequisites. The course is open to everyone, even those without technical skills.
For effective use of the course, knowledge of the ISO 27001 standard is recommended.
Those who, after the course, intend to take the certification exam and be included in the public register of NIST SPECIALISTS of FAC Certifica, must have at least 2 years of experience in IT Risk Management and/or IT Auditing.

– Course slides and additional resources and tools

The course also qualifies for the NIST Cybersecurity Specialist certification from FAC CERTIFICA, which can be achieved by taking an additional test upon request, and is accessible to those with at least 2 years of experience in IT Risk Management and/or IT Audit activities. We recommend viewing the complete prerequisites listed in the attachment and downloadable from the link: https://faccertifica.it/wp-content/uploads/2022/10/sk40.pdf

23 CPEs valid for maintaining ISACA certifications