Back to OP5 Monitor FAQ

Internal documentation only

This page has been marked as draft.

OP5 compliance with Network and Information Security Directive 2

Below are some queries from OP5 user/client with answers from Engineering with regards to OP5 compliance with NIS2

  1. Comprehensive Logging and Audit Trails

Record all workload access, modifications, and communication events.

Ensure logs are immutable and securely stored, in line with NIS2’s requirements for evidence retention.

Answer: Yes

  1. Continuous Monitoring and Intrusion Detection

Continuously monitor workload activity and communications for signs of unauthorized access, misuse, or compromise.

Answer: Out of scope

  1. Real-Time Incident Detection and Alerting

Employ automated systems to detect, alert, and escalate suspicious or malicious workload events in real-time, as NIS2 requires early detection and prompt action.

Answer: Yes but limited scope

  1. End-to-End Identity and Access Controls

Map every workload action to a verified user, service, or machine identity.

Answer: Yes but limited scope

  1. Configuration and Vulnerability Monitoring

Continuously check workloads for unapproved configuration changes or vulnerabilities that could increase risk or violate NIS2 requirements.

Answer: Out of scope

  1. East-West and North-South Network Traffic Inspection

Monitor workload-internal (east-west) and external (north-south) communications for anomalies, data exfiltration, or lateral movement.

Answer: Out of scope

  1. Policy Enforcement and Change Monitoring

Log all security policy changes, access control updates, and workload segmentation adjustments for accountability and auditing.

Answer: Yes (Within OP5)

  1. Incident Reporting and Data Retention

Ensure capabilities to generate timely, accurate incident reports and retain logs for the minimum period required by NIS2, supporting forensic and regulatory investigations.

Answer: Out of scope

  1. Supply Chain and Dependency Monitoring

Continuously monitor third-party software, libraries, or dependent services in workloads for signs of compromise or policy violation—NIS2 emphasizes supply chain risk.

Answer: Yes (Within OP5)

  1. Integration with Threat Intelligence and SOC

Integrate workload monitoring data with central SIEM/SOC platforms and use external threat intelligence to strengthen threat detection as demanded by NIS2’s emphasis on informed threat response.

Answer: Out of scope

["Geneos"] ["FAQ"]

Was this topic helpful?