NIS2 compliance audit: Tresorit achieves outstanding results from Ernst & Young

ZURICH - Sept. 16, 2025 - PRLog -- Tresorit, data security specialist of Swiss Post, is proud to announce that it has successfully passed its NIS2 compliance audit, conducted by the globally renowned consulting firm Ernst & Young. With a remarkable score of 95%, Tresorit ranks among the first organizations in Europe to undergo and pass the audit under the newly implemented NIS2 Directive.

This achievement marks a major milestone in Tresorit's commitment to top-tier security and regulatory excellence, giving clients greater confidence in the protection of their data.

"This was one of the most complex compliance efforts in our company's history, second only to achieving Common Criteria certification," said István Hartung, CEO of Tresorit. "It required 18 months of intense, cross‑functional collaboration, and demonstrates our unwavering commitment to upholding the highest standards of information security."

About the NIS2 Directive and the audit requirement

The Network and Information Security Directive 2 (NIS2) is the European Union's updated cybersecurity framework aimed at raising the level of cyber resilience across critical sectors. Under the NIS2 framework, designating a primary jurisdiction allows multinational companies to undergo a single, comprehensive compliance audit, the results of which are recognized across the EU.

Why it matters

• Compliance with the rigorous NIS2 framework reinforces Tresorit's position as a trusted solution provider for secure digital collaboration, particularly for organizations in highly regulated sectors.
• While Tresorit already holds ISO 27001 certification, NIS2 required a more granular, demanding approach — with over 2,000 elementary requirements in different domains defining exact, step-based procedural operation and – even low level, system-based configuration settings, drawn from more than 3,000 pages of regulation, laws, and guidance documents.

Ernst & Young concluded that Tresorit was exceptionally well-prepared, noting that the company's methodology was exemplary and that it is significantly ahead of peers in terms of readiness and implementation.

What's next?

During the audit, both Tresorit and the auditors identified areas for further development, underscoring that compliance is an ongoing journey rather than a one-time event. As with ISO 27001, NIS2 will require continuous monitoring and regular audits, establishing it as a permanent component of Tresorit's information security management system.

About Tresorit

Tresorit provides trusted content collaboration solutions that are intuitive and secure by design. Its seamless, all-in-one platform offers end-to-end encrypted data storage, file sharing, collaboration, data rooms, and e-Signatures — enabling teams, departments, and solopreneurs to work efficiently with colleagues, clients, and partners.

Trusted by over 11,000 organizations worldwide, Tresorit holds a range of internationally recognized certifications — including ISO 27001 and Common Criteria — underscoring its commitment to the highest standards of information security and privacy.

Tresorit is part of Swiss Post. Learn more at www.tresorit.com.