OpenChainGraph Suite · ART-144 · wave 26

NIS2 Incident Significance Scorer (Art. 23 Reporting Threshold)

Score a cybersecurity incident against NIS2 Article 23 significance thresholds. Determines whether the incident meets reporting criteria, calculates the 24-hour early warning, 72-hour notification, and 30-day final report deadlines, and identifies the required notification recipients.

NIS2 Art.2324h / 72h / 30dCSIRT RecipientsActive Oct 2024W3C VC §13.11Zero PII

🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only.

⏱ NIS2 Article 23 reporting clocks start from when the entity becomes aware of the significant incident. 24 hours — early warning to national CSIRT. 72 hours — full notification with impact assessment. 30 days — final incident report.

Scope

Root node of the nis2-incident-response chain (art-144→145). Assesses whether an incident crosses the NIS2 Article 23 significance threshold using six triggering factors: service disruption ≥1h, affected users ≥1,000, financial loss ≥€100K, third-party cascade impact, malicious act, or cross-border impact. Three or more triggers — or combined cascade+malicious — escalates to critical.

Presets

Incident Impact Metrics

Service Disruption Duration (hours) — threshold: ≥1h

Estimated Affected Users — threshold: ≥1,000

Estimated Financial Loss (EUR) — threshold: ≥€100,000

Entity Classification

Qualitative Triggers

Third-party cascade impact

Incident has caused or may cause significant impact on other organisations or critical infrastructure

Involves malicious act

Incident is the result of a deliberate attack, ransomware, espionage, or other malicious activity

Cross-border impact

Incident affects or may affect entities or users in more than one EU Member State

Result

Execution Hash & §4 Artifact

SHA-256 execution hash (JCS canonical — RFC 8785):