Book Demo
Anette Svane Vestergaard
About author
17 Mar 2026

NIS2 in Practice: How Scanel International Works Systematically with Information Security

For organisations operating in critical sectors, the requirements for information security are becoming increasingly extensive. With the introduction of the NIS2 Directive, organisations must be able to document how they manage risks, protect data, and work systematically with security.

 

At Scanel International, which among other things delivers technical solutions to the energy sector, information security has therefore become a key focus area. To create structure in this work, Scanel International has consolidated their NIS2 activities in NorthGRC.

 

A Structured Approach to NIS2

 

Martin Engelbrekt Jensen is QHSE & Sustainability Manager at Scanel International and is responsible for the company’s work with quality, environment, occupational health and safety, sustainability, and NIS2.

 

“I already work with ISO standards within quality, environment and occupational health and safety, all of which require structure and documentation. Therefore, it was natural that I also took responsibility for NIS2,” he explains.

 

Scanel International already operates in a structured manner in accordance with several standards – including ISO 27001/2 – without necessarily being certified.

“If a major customer one day requires ISO 27001 certification, we’re not far from it. We already work according to the standard.”

 

NIS2 Creates Greater Structure in Security Work

 

As a company operating in a critical sector, Scanel International clearly experiences how regulation influences its approach to information security.

 

“NIS2 has made us far more structured in our work. We pay much closer attention to what is happening in the world – for example, new cyber-attacks or vulnerabilities in systems,” says Martin.

 

This knowledge is continuously discussed internally and translated into concrete improvements in the organisation’s security practices.

 

NorthGRC as the Framework for the Work

 

For Scanel International, NorthGRC serves as the platform that brings together and structures their NIS2 work.

“NorthGRC is a good tool for structuring things – but also for keeping us up to date with what we need to do and when we need to do it,” Martin explains.

 

In particular, the compliance annual cycle plays an important role in day-to-day management.

“The annual cycle provides a very good overview of the activities and tasks we need to complete. We actively use it to plan our work.”

 

At Scanel International, the compliance annual cycle is also aligned with the company’s wider planning processes, ensuring that work with information security follows the organisation’s normal workflows.

 

Documentation Is Becoming Increasingly Important

 

As the requirements for information security increase, the need for documentation grows as well – both from authorities and from customers.

 

“The system can generate reports that we can present to our customers. Customer demand increases slightly every year,” Martin explains.

 

Documentation, therefore, becomes not only an internal discipline but also an important part of the dialogue with customers and partners.

 

A Tool That Saves Resources

 

For Scanel International, a significant part of the value lies in the fact that NorthGRC makes it much easier to get started.

“The policies are already there. You simply go in and adapt them to your own organisation,” says Martin.

 

This means the company does not have to start from scratch when establishing structure, controls and documentation.

“We could probably do it ourselves – but it would require far more resources. NorthGRC makes it easier to keep track of the requirements and work with them systematically.”

 

He also highlights support as an important part of the experience.

“The support team is quick to provide feedback, and it is reassuring to know that help is always available.”

 

NIS2 as a Shared Discipline

 

At Scanel International, the work with NIS2 is not placed within a single function, but anchored in collaboration between compliance and IT.

 

Martin drives the structure, documentation, and follow-up, while the IT department handles the technical implementation. With NorthGRC as the shared framework, Scanel International can coordinate its work and ensure the organisation stays continuously up to date with requirements.

 

“It gives us a system where we can bring everything together and stay up to date. It makes the work far more manageable.”

 

Would you like to work more systematically with NIS2, compliance and information security?

 

With NorthGRC, you gain a clear overview of requirements, controls and documentation – making it easier to manage security in a structured way.

 

Experience NorthGRC for yourself. Book a demo today.



Continue your journey with NorthGRC:
Get control of NIS2
Plan your annual tasks