From Candidate to Certification Scheme — ENISA

ENISA works hand-in-hand with the ecosystem and Member States to deliver adequate proposals for certification requests and provide guidance to support the adoption of the schemes

From Candidate to Certification Scheme

The EU Agency for cybersecurity (ENISA) develops draft certification schemes, upon request of the European Commission or the EU Member States. To do so, the Agency is supported by  groups of experts ('Ad-Hoc Working Groups') and collaborates closely with the European Commission, EU countries, and relevant stakeholders. 

Involving the ecosystem

In order to build Cybersecurity Certification Schemes, ENISA relies on the ecosystem such as the Ad Hoc Working Groups (AHWGs) but also on expertise, comments and consultative views provided by the ecosystem. The Cybersecurity Act defined the main entities to support ENISA in its task.

To be effective, a draft scheme has to become a piece of EU legislation called an 'Implementing Act' [Link].

This Act has to be endorsed by all Member States. Once this Act is adopted, Member States have time to prepare the operation of the scheme before issuing certificates.

The framework to develop schemes is described in the following graph:

Building EU Cybersecurity Certification Schemes

EU Cybersecurity Certification Actors and their role

ENISA, the European Union Agency for Cybersecurity, presents the key actors and their role within the EU Cybersecurity Certification Framework.

A whole ecosystem is involved to support EU Cybersecurity certification from writing the draft schemes to delivering certificates.

Download the Infographic here!

Browse the Topics

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies