CSRB Review · CS&R Bill · NIS 2018

Are You Ready for the
CS&R Framework?

Thirteen questions on scope, risk governance, supply chain, and incident reporting. A scored report, law references, and a prioritised roadmap—framed to your context below.

Bill in Parliament — Royal Assent expected 2026 CS&R Bill 2025 NIS Regs 2018 NCSC CAF v4.0 NIS2-Aligned UK-CNI

No data collected · runs entirely in your browser

Organisation type

Essential Service Operator

Managed Service Provider

Data Centre Operator

Digital Service Provider

Supply Chain / Supplier

Your role

CISO / Security Lead

CTO / IT Director

Legal / Compliance

CEO / Board

Risk Officer

Select your organisation type and role — your report framing and roadmap will adapt to your context.

CS&R / NIS scope: The CS&R Bill expands the UK NIS framework to Operators of Essential Services (OES) (energy, transport, water, health, digital), Managed Service Providers (MSPs), data centre operators above 1MW IT load, designated critical suppliers, and digital service providers (DSPs). If you support or supply in-scope operators, you may be in scope or have downstream duties. Royal Assent is expected in 2026 with phased commencement.

0 of 13 answered Score: 0 / 104

Please answer all questions before generating your report.