ENISA works hand-in-hand with the ecosystem and Member States to deliver adequate proposals for certification requests and provide guidance to support the adoption of the schemes
From Candidate to Certification Scheme
The EU Agency for cybersecurity (ENISA) develops draft certification schemes, upon request of the European Commission or the EU Member States. To do so, the Agency is supported by groups of experts ('Ad-Hoc Working Groups') and collaborates closely with the European Commission, EU countries, and relevant stakeholders.
Involving the ecosystem
In order to build Cybersecurity Certification Schemes, ENISA relies on the ecosystem such as the Ad Hoc Working Groups (AHWGs) but also on expertise, comments and consultative views provided by the ecosystem. The Cybersecurity Act defined the main entities to support ENISA in its task.
To be effective, a draft scheme has to become a piece of EU legislation called an 'Implementing Act' [Link].
This Act has to be endorsed by all Member States. Once this Act is adopted, Member States have time to prepare the operation of the scheme before issuing certificates.
The framework to develop schemes is described in the following graph:
EU Cybersecurity Certification Actors and their role
ENISA, the European Union Agency for Cybersecurity, presents the key actors and their role within the EU Cybersecurity Certification Framework.
A whole ecosystem is involved to support EU Cybersecurity certification from writing the draft schemes to delivering certificates.
Download the Infographic here!
-
Public Consultation on Specifications for EUICC Certification under the EUCC schemeENISA has published specifications for the evaluation and certification of embedded Universal Integrated Circuit Cards (eUICCs) under the European...
-
Market of Cybersecurity AssessmentsThis Report aims at presenting the current state of play of cybersecurity assessments of ICT products and cloud services. In order to study the...