Practical Nordic compliance

Guides on NIS2, GDPR, the EU AI Act, ISO 27001, and CBAM, written for Nordic and EU SMBs navigating overlapping regulations.

• 25 May 2026

  NIS2 and the Norwegian Digital Security Act: where things stand in 2026

  Norway's Digital Security Act has been in force since October 2025. NIS2 transposition is still pending, but Norwegian SMBs already have a NIS2-aligned posture to build towards. Here's what's required now, and what's coming.

  nis2norwaycybersecurity

• 18 May 2026

  The EU AI Act after 2 August 2026: what changes, what's already here

  Most coverage treats 'the AI Act takes effect in August 2026' as a single deadline. It isn't. Here's the phased timeline as it actually applies, with practical guidance for Nordic SMBs deploying or providing AI before the next big date.

  ai-acteuai-governance

• 11 May 2026

  CBAM in Norway: the 2027 timeline after the Omnibus simplification

  Norway joins the EU's Carbon Border Adjustment Mechanism from 1 January 2027. The CBAM Omnibus simplification package, in force since October 2025, significantly changed the operational shape. Here's what Norwegian importers need to know.

  cbamnorwaycarbon