For KRITIS operators & site security
Patrols, incidents and audit trail — audit-ready in one platform.
NIS2 mandatory reporting, BSI-grade evidence, cross-sector use. Perimeter control, sabotage inspection, and incident escalation — all audit-ready, even in dead zones at critical sites.
problem
NIS2 is here. Sabotage risk is rising. The chain of evidence is missing.
KRITIS operators face heightened obligations on security, availability, and documentation. Excel sheets, WhatsApp threads, and paper logs no longer hold up in NIS2 or BSI audits.
01/NIS2
NIS2 reporting without an audit trail
Initial report within 24 hours, follow-up within 72. Operators that cannot document incidents in a structured way risk fines up to €10M or 2% of group revenue.
02 / SABOTAGE
Sight inspections scattered across Excel and chat
Sabotage signs at the fence, gate, or asset get reported in shift books or chat threads — and disappear at shift handover. Hard to defend in incident reviews.
03 / AUDIT
Auditor demands proof — no clean evidence
BSI audits, ISMS reviews, insurance enquiries: when documentation has to be reconstructed from calls, chats, and Excel, it costs days and weakens evidentiary value.
Eight sectors · one platform
KRITIS-ready for every sector — energy to government.
The eight KRITIS sectors carry different obligations but share the same need for evidentiary weight. LiteLog is cross-sector — from a municipal utility transformer station to a data center.
Energy · Water · Food
Utilities, water works, food producers — perimeter inspection at substations, pumping stations, and warehouses. Multi-site overview for distributed sites with dead-zone areas.
IT · Telecom · Finance · Government
Data centers, switching centers, bank back offices, public agencies — access control, visitor logs, and audit-grade proof per airlock, shift, and audit window.
Transport · Health
Ports, airports, hospital perimeters — apron patrols, fence checks, and structured incident reports with photo, category, and automatic escalation to the security operations center.
Typical KRITIS use cases
From perimeter patrol to incident escalation.
Four building blocks that fit every KRITIS environment: perimeter control, asset inspection, structured incident reporting, and shift handover — all on one audit-grade platform.
Perimeter and asset checks
Capture fence, gate, and access points, barriers, emergency exits, and protected areas at fixed intervals — with automatic flagging for skipped or late checkpoints.
Technical and security tours
Document sight inspections at assets, rooms, and critical areas at defined intervals — with photo, category, and comment for anomalies.
Structured incident reporting
Instead of chat threads, incidents flow in with photo, location, category, priority, and clear status (open, in progress, closed). NIS2-relevant incidents auto-escalate.
Water works South · Today 14:08Live
Hardware for dead zones
NFC, GPS, and wall terminals — even without mobile coverage.
Critical sites often sit in dead zones or in rooms where private mobile devices are not allowed. LiteLog provides wall terminals and NFC-enabled industrial devices — authentication via tag, control-type selection, fully offline-capable.
NFC tag per checkpointWall terminalGPS stampMobile appWeb portalREST APIOffline mode
In KRITIS the rule is: the more critical the area, the stronger the authentication. Wall terminal at the airlock, NFC tag at the fence, GPS stamp on patrol — all on one platform with an audit-grade chain of evidence.
Example · NIS2 reporting within 24 hours
From sabotage notice to BSI initial report — structured, defensible, in 2 hours.
- 1Site security spots a sabotage indicator at the fence, photographs and reports via the app
- 2System classifies as NIS2-relevant, auto-escalates to the security operations center
- 3Security lead documents actions, assigns owners, sets deadlines
- 4System generates a BSI initial-report template with timestamps, photos, and chain of evidence
Water works South · incident #INC-2026-0412
14:08:22 · NFC tag detected · Gate 4
14:08:31 · Auth: M. Wagner (site security)
14:09:14 · Incident: sabotage notice fence section B
14:09:14 · Photo + geo-stamp attached
14:12:08 · Escalation to SOC triggered (NIS2)
14:38:42 · BSI initial-report template generated
16:02:11 · ✓ Initial report submitted to BSI — chain of evidence #INC-0412-V1
Compliance & oversight
NIS2 · BSI IT-Grundschutz · GDPR.
LiteLog is configured for the requirements of the NIS2 directive and the German BSI KRITIS regulation. Data integrity per BSI IT-Grundschutz, servers in Germany, DPA included.
- NIS2 · Article 23 incident reportingStructured initial and follow-up reports, automatic escalation on 24-hour and 72-hour deadlines, BSI-grade chain of evidence per incident — defensible in audits and insurance reviews.
- BSI IT-GrundschutzServers in German data centers, Data Processing Agreement (DPA) included, role-based access with audit log. No data transfers to third countries.
- Audit-grade chain of evidenceEvery check, every incident, every shift handover with timestamp, person, and geo-stamp. Hash-signed, immutable — defensible in BSI audits, insurance claims, and legal proceedings.
- Real-time escalationDeadline breaches on critical incidents trigger automatic escalation to the security operations center, executive team, or external authorities. No incidents lost in shift handover.
Numbers from KRITIS operations
What KRITIS teams measure.
Averages from 11 KRITIS operators in DACH — utilities, water works, data centers, and transport operators.
100%
incidents documented audit-grade
−80%
time to first NIS2 report
0
critical findings in BSI audits
— Energy operator voice
„On the first BSI inspection after NIS2 went into force, the auditor sampled the sabotage inspection log for one transformer station over the last 90 days. We exported the full chain of evidence with photos, timestamps, and escalation history in 2 minutes."
47
sites documented across four states
2 mins
audit export for 90-day chain of evidence
12%
incidents auto-escalated by deadline rules
0
critical BSI findings since rollout
KRITIS site security · audit brochure
NIS2-compliant incident reporting, BSI-grade chain of evidence, cross-sector use — explained on a few pages.
Download KRITIS brochurePerimeter and asset checks documented audit-grade
NIS2 incident reporting within 24 hours — structured chain of evidence
BSI IT-Grundschutz: servers in Germany, DPA included
Offline-capable — even in dead zones at critical sites
FAQ
Common questions from KRITIS security leadership.
Questions raised in security-leadership meetings, BSI audit prep, and NIS2 implementation workshops. A short call answers it in 15 minutes.
For industrial systems, there are classic hardware manufacturers such as Kronos or Kögl on the market, as well as modern cloud providers such as LiteLog, which rely on smartphone apps with NFC/QR and GPS. For KRITIS-relevant systems (energy, water, transport), GDPR compliance, German hosting, audit trail and offline capability are crucial - LiteLog meets these requirements even without proprietary special hardware.
Yes. Incidents are documented in a structured way with category, location, photo, timestamp, and owner assignment. NIS2-relevant categories trigger automatic escalation to the security operations center plus an initial-report template for the responsible authority (BSI for essential entities). The 24-hour and 72-hour deadlines are tracked by the system.
Yes. Wall terminals and NFC-enabled industrial tablets work fully offline. Authentication via tag, control-type selection, incident reports with photo — all without network connectivity. Sync as soon as the device is back online. The chain of evidence stays hash-signed and immutable.
Yes. The multi-site overview shows all assets, gates, and airlocks in one view — filterable by site, control type, shift, or timeframe. Shift leads see their assets, the security operations center sees the full picture, auditors get an audit-grade extract per site and timeframe.
Yes. Energy, water, IT, telecom, transport, health, food, finance, and government — obligations differ, the core is the same: perimeter control, sight inspection, structured incident reporting, audit-grade chain of evidence. Configurable per sector with its own intervals, incident categories, and escalation rules.
Retention periods are configurable per tenant — typically 5 to 10 years for KRITIS records. One-click export as an audit-grade PDF with timestamps, person, photo, and geo-stamp. Audit inspectors can get a dedicated read-only access for defined timeframes — no data exchange via email or USB stick required.
Typically within a few days: define assets and checkpoints, lay out routes, set up users and roles — then test with real patrols. For multi-site rollouts with more than 20 sites, our team supports onboarding with a project plan and training workshops.
Yes. Routes, checkpoints, and incident categories can be set up so that operational technical inspections and security patrols are documented in one workflow — even when different teams (site security and asset engineering) operate in parallel.
KRITIS demands evidence — not assertions.
Demo with our KRITIS team. We walk through NIS2 incident reporting, BSI-grade chain of evidence, and multi-site site security against your real site setup.
NIS2 · Article 23 compliant
Structured initial and follow-up reports, deadline tracking
BSI IT-Grundschutz
Servers in Germany, DPA, role-based audit log
Audit-grade chain of evidence
Hash-signed, immutable, defensible in BSI audits
Offline-capable in dead zones
Wall terminal and NFC industrial tablet, sync on network recovery