ISMS Copilot for Belgian critical infrastructure operators
Run NIS 2 Belgium through the CyberFundamentals pathway, with CCB registration and reporting built in.
Why Belgian operators choose ISMS Copilot
- Run the applicability test for entites essentielles / importantes against your sector and size thresholds
- Pick a CyberFundamentals tier (Basic, Important, Essential) as the recognised NIS 2 implementation pathway
- Prepare the CyFun self-assessment and evidence for CCB audit readiness
- Track the CCB 24-hour / 72-hour / 30-day incident-notification timeline
- Map article 30 risk-management measures onto controls you already operate
- Keep an ISO 27001 alternative pathway open without duplicating work
Built around the Belgian NIS 2 stack
CyberFundamentals (CyFun) tier guidance across Small, Basic, Important and Essential
NIS 2 Belgium applicability and CCB Safeonweb@work registration workflow
Article 30 risk-management mapping to ISO 27001 and the parent NIS 2 Directive
Staged incident-reporting templates for the CCB timeline
Cross-mapping between CyFun, ISO 27001, NIST CSF and CIS Controls
Evidence management aligned to CCB supervision expectations
CyFun tiers as the Belgian NIS 2 pathway
Belgium did not just copy out the NIS 2 Directive. The Loi / Wet du 26 avril 2024 makes the Centre for Cybersecurity Belgium (CCB) the supervisory authority and recognises the CCB's CyberFundamentals framework as a concrete implementation pathway for the article 30 risk-management duties. CyFun is tiered (Small, Basic, Important, Essential), so a Belgian essential or important entity does not face an undifferentiated control set: it picks the tier matching its assurance level, prepares a CyFun self-assessment, and uses that as its NIS 2 evidence base. ISO 27001 remains a valid alternative pathway. ISMS Copilot helps you decide which pathway is cheaper for your estate, run the CyFun tier assessment, and keep CCB registration and incident notifications on the right clock.
Explore the CyberFundamentals Copilot →Frequently Asked Questions
Do we have to use CyberFundamentals for NIS 2 in Belgium?
No. The CCB recognises CyberFundamentals (Basic / Important / Essential tiers) as one valid implementation pathway for the article 30 risk-management measures under the Loi / Wet du 26 avril 2024; ISO 27001 is the alternative. ISMS Copilot supports both and cross-maps the controls so you can choose the cheaper route for your estate.
Who counts as an essential or important entity in Belgium?
Generally medium-sized or larger organisations in the 18 NIS 2 sectors with at least 50 employees or EUR 10M turnover. ISMS Copilot runs the applicability test against your sector and size and explains how registration via the CCB's Safeonweb@work portal works.
Does ISMS Copilot file our CCB registration or issue a CyFun label?
No. ISMS Copilot does not register you and does not issue certifications or CyberFundamentals labels. It prepares the self-assessment, evidence and notifications so your team can complete CCB registration and any audited CyFun verification through the official process.
Ready to streamline your compliance work?
Built for speed, accuracy, and audit-ready output.