UK NIS Representative

UK NIS Representative

The NIS Directive (Directive on the security of network and information systems) was introduced to ensure a high level of network and information systems security across critical infrastructure organisations in Europe, making sure that essential services remain available in all but the most severe circumstances. In the UK, this directive was implemented as the NIS Regulations (Network and Information Systems Regulations 2018), which remains in law following Brexit.

Enquire today
Price: £0.00
Excluding VAT

Who needs a representative?

You need to consider appointing a NIS Regulations representative if you are an OES (operator of essential services) or a DSP (digital service provider). Both OES and DSPs are subject to reporting obligations under the NIS Regulations. This service helps organisations meet those obligations.

OES (operators of essential services)

These are critical infrastructure organisations in the energy, transport, healthcare, water and digital infrastructure sectors.

DSPs (digital service providers)

DSPs provide specific types of digital services, operating as an online marketplace, online search engine and/or Cloud computing service.

Note that DSPs with fewer than 50 employees and an annual turnover of less than €10 million (about £8.6 million) are exempt.

Appointing a NIS Regulations representative

OES and DSPs that are not established in the UK but provide services within the UK that fall within the scope of the Regulations must appoint a UK-based NIS Regulations representative. The deadline for appointing a representative was 31 March 2021.

GRCI Law can operate as your NIS Regulations representative for a fixed annual fee. As your UK NIS Regulations representative, we will:

  • Register as your representative with the appropriate competent authority (which varies depending on your sector);
  • Act as your point of contact with your competent authority;
  • Act on your behalf as liaison for incident reporting to the relevant competent authority for up to three incidents per annum;
  • Act as the initial point of contact for communications received from a competent authority regarding data privacy incidents or other NIS Regulations-related enquiries;
  • Act as the initial point of contact for communications received from individuals regarding a specific security incident or other NIS Regulations-related enquiries; and
  • Assist with the wording of informative communications with customers, clients and other stakeholders regarding any notifiable security incidents.

Download the service description.

UK NIS Representative Pricing

How much does a UK NIS Representative cost?


up to 250





£3,000 fixed annual fee

£4,000 fixed annual fee

£6,000 fixed annual fee

We also offer an EU NIS Directive Representative service. Depending on where your organisation operates, you may be required to appoint both a UK NIS Regulations and an EU NIS Directive representative.


Single-entity organisations with 1–500 employees are eligible for this service. As your NIS Regulations representative, we will assist you with reporting up to three incidents per annum. Assistance with additional reporting will be provided at £200 per hour.

Why choose us?

We have an in-depth understanding of the NIS Regulations requirements and how they should be met.

Our specialist team of experienced data protection officers and lawyers have extensive data protection and information security management expertise, both in the UK and globally.

Buy now, pay later

Enjoy the benefits of paying by purchase order with an GRCI Law corporate account. Apply online today or call our service centre team on +44 (0)333 900 5555

Learn more

Stay in touch

Stay up to date with the latest industry news on our blog.

Visit our blog

Follow us on social media


Speak to an expert

If you have any queries or you’re unsure of how to progress, please get in touch with our team of experts who will be able to assist with your enquiry and provide guidance options.

Enquire today