Article: AN0002555Updated: 16.11.2025
Impacts on entity properties and their relationships
NIS2 and its transposition into national law have a a significant impact to cyber security solution and relationships to CMDB.
| Entity |
Property |
| Asset (ISMS) |
New class |
| Asset assessment result |
New class |
| Risk assessment |
New class |
| Security measures for risks |
New class |
| Threats |
New class |
| Vulnerabilities |
New class |
| Cyber Security Incident/Event |
New class |
| Statement of applicability |
New class |
| Questionnaire |
New class |
| Question catalogue |
New class |
| Questionnaire questions |
New class |
| Questionnaire distribution |
New class |
| Questionnaire responses |
New class |
| Response data type |
New class |
| Enumeration |
New class |
| Enumeration values |
New class |
| SLA, OLA, UC |
New indications:
- Regulated service
- Strategic service
|
| Partner, Vendor |
New property:
- Regulated service provider mode
New indication:
Relationship to Risk log
|
| Configuration item (CI) |
New indication:
New property:
- Related to the provision of a regulated service (multiple reference)
- Supporting assets (multiple selfreference)
Relationship to Risk log
|
| Incident |
New reference to:
- Cyber security event/incident
|
Entity relationship diagram
Below entity-relationship diagram captures this impact.
Examples of screens
Menu for Cyber information security and NIS2.
The risk log is now also available for configuration items and for partners/vendors.
