Skip to Content

Awareness training

NIS2 Article 20 requires management bodies to approve and oversee cybersecurity measures and to follow training — and to offer comparable training to staff. Reglyze tracks who has been trained and when it expires.

The board cybersecurity training register — valid, expiring, and expired attestations linked to NIS2 Article 20

Assignments & records

Assign courses to people and record completion. Each training record has a completion date and a validity period (an explicit valid until, or one year from completion by default). Expiring and expired records surface so refreshers happen before they lapse — and for MSPs they appear in the portfolio action center.

Course content

Reglyze ships baseline cyber-hygiene content and supports sector-specific packs. Management-body training is tracked distinctly from general staff awareness so you can evidence the Article 20 management-oversight obligation.

Evidencing it

Completion records and attestations are exportable, so “staff were trained” is backed by dated records rather than an assertion.

Getting started