This Directive should aim to ensure a high level of responsibility for the cybersecurity risk-management measures and reporting obligations at the level of the essential and important entities. Therefore, the management bodies of the essential and important entities should approve the cybersecurity risk-management measures and oversee their implementation.
NIS2 Recital EN
Recital 137
Related across sources
Guidance Guidelines 9/2022 on personal data breach notification under GDPR News CNIL (France) - SAN-2025-015 Guidance Guidelines 8/2020 on the targeting of social media users Guidance Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 Guidance Guidelines 05/2020 on consent under Regulation 2016/679 Guidance Guidelines 02/2022 on the application of Article 60 GDPR