“What matters is no longer declaring… but demonstrating. Compliance must be traceable, justifiable — and ultimately audited continuously.”
Core NIS2 principle — Solutions Numériques
NIS2 is not a certification in the ISO sense. There is no label, no stamp, no mandatory annual audit leading to a certificate. The logic is one of declarative and demonstrable compliance: the company must be able to prove, in the event of an ANSSI audit or an incident, that it meets the requirements.
What changes with NIS2 is the end of pure declaration. Compliance must be traceable, justifiable — with documented evidence. This is exactly where CyberSCV makes sense: every answer, every piece of evidence, every remediation action is tracked and exportable.
Since 17 March 2026, ANSSI has published the Référentiel Cyber France (ReCyF), listing recommended measures to achieve the security objectives set by NIS2. This non-mandatory framework allows entities that choose to apply it to rely on it during an ANSSI audit.
ReCyF structures compliance around mandatory security objectives ('what') and acceptable means of compliance ('how'). Entities can rely during an audit on the use of ANSSI-qualified services or certification to relevant international standards.
20 security objectives: IS inventory, governance, ecosystem management, HR security, IS management, and other operational domains.
10M€ / 2%
For Essential Entities — €10 million or 2% of global turnover
7M€ / 1.4%
For Important Entities — €7 million or 1.4% of global turnover
Directors may also face criminal prosecution and bans from holding similar positions.
CyberSCV integrates the specific requirements of each Member State — a universal EU score + a national score
ReCyF v2.5
Authority: ANSSI
Law: PJL Résilience
EE fines: 10M€ / 2%
BSIG §30 / KRITIS 2025
Authority: BSI
Law: BSIG révisé + KRITIS-DachG
EE fines: 10M€ / 2%
CyFun® 2025
Authority: CCB
Law: Loi NIS2 du 26 avril 2024
EE fines: 10M€ / 2%
FNCS (NIST CSF 2.0) 2025
Authority: ACN
Law: D.Lgs. 138/2024
EE fines: 10M€ / 2%
ENS (proxy) RD 311/2022
Authority: INCIBE
Law: Proyecto Ley Coordinación y Gobernanza Ciberseguridad
EE fines: 2M€
DL 125/2025 2025
Authority: CNCS
Law: DL n° 125/2025
EE fines: 10M€ / 2%
NCSC CAF 2024
Authority: NCSC
Law: NIS Regulations 2018 + Cyber Resilience
EE fines: 17M£
A complete platform to assess, remediate and prove your NIS2 compliance
NIS2 EU baseline (Art. 21) enriched with your country's national requirements: ReCyF (FR), CyFun (BE), BSIG (DE)... Question count adapts to your entity profile and jurisdiction.
Global score, domain scores, maturity level (1-5) and comparison with previous assessments.
Auto-generated actions, kanban tracking, dynamic scoring and remediation history.
AI analyses your assessment and proposes remediation scenarios with phases, effort, budget and priorities.
Report admissible to NCSC/ANSSI: cover, scores, domain detail, action plan, evidence.
Manage your clients, consolidate scores, customise your brand — built for managed service providers.