Key points are not available for this paper at this time.
The EU NIS Directive introduces obligations related to the security of the network and information systems for Operators Essential Services and for Digital Service Providers. Moreover, National Competent Authorities for cybersecurity required to assess compliance with these obligations. This paper describes a novel Cybersecurity Maturity Assessment (CMAF) that is tailored to the NIS Directive requirements. CMAF can be used either as a self-assessment from Operators of Essential Services and Digital Service Providers or as an audit tool from the National Competent for cybersecurity.
Drivas et al. (Tue,) studied this question.