My favourites

TITLE III – Cybersecurity certification network (Art. 46-65)

Art. 46 CSA - European cybersecurity certification framework arrow_right_alt

Art. 47 CSA - The Union rolling work programme for European cybersecurity certification arrow_right_alt

Art. 48 CSA - Request for a European cybersecurity certification scheme arrow_right_alt

Art. 49 CSA - Preparation, adoption and review of a European cybersecurity certification scheme arrow_right_alt

Art. 50 CSA - Website on European cybersecurity certification schemes arrow_right_alt

Art. 51 CSA - Security objectives of European cybersecurity certification schemes arrow_right_alt

Art. 52 CSA - Assurance levels of European cybersecurity certification schemes arrow_right_alt

Art. 53 CSA - Conformity self-assessment arrow_right_alt

Art. 54 CSA - Elements of European cybersecurity certification schemes arrow_right_alt

Art. 55 CSA - Supplementary cybersecurity information for certified ICT products, ICT services and ICT processes arrow_right_alt

Art. 56 CSA - Cybersecurity certification arrow_right_alt

Art. 57 CSA - National cybersecurity certification schemes and certificates arrow_right_alt

  1. Without prejudice to paragraph 3 of this Article, national cybersecurity certification schemes, and the related procedures for the ICT products, ICT services and ICT processes that are covered by a European cybersecurity certification scheme shall cease to produce effects from the date established in the implementing act adopted pursuant to Article 49(7). National cybersecurity certification schemes and the related procedures for the ICT products, ICT services and ICT processes that are not covered by a European cybersecurity certification scheme shall continue to exist.
  2. Member States shall not introduce new national cybersecurity certification schemes for ICT products, ICT services and ICT processes already covered by a European cybersecurity certification scheme that is in force.
  3. Existing certificates that were issued under national cybersecurity certification schemes and are covered by a European cybersecurity certification scheme shall remain valid until their expiry date.
  4. With a view to avoiding the fragmentation of the internal market, Member States shall inform the Commission and the ECCG of any intention to draw up new national cybersecurity certification schemes.
Related
Close tabsclose
  • 94
  • 98

Recital 94

With a view to achieving the objectives of this Regulation and avoiding the fragmentation of the internal market, national cybersecurity certification schemes or procedures for ICT products, ICT services or ICT processes covered by a European cybersecurity certification scheme should cease to be effective from a date established by the Commission by means of implementing acts. Moreover, Member States should not introduce new national cybersecurity certification schemes for ICT products, ICT services or ICT processes already covered by an existing European cybersecurity certification scheme. However, Member States should not be prevented from adopting or maintaining national cybersecurity certification schemes for national security purposes. Member States should inform the Commission and the ECCG of any intention to draw up new national cybersecurity certification schemes. The Commission and the ECCG should evaluate the impact of the new national cybersecurity certification schemes on the proper functioning of the internal market and in light of any strategic interest in requesting a European cybersecurity certification scheme instead.

Recital 98

References in national legislation to national standards which have ceased to be effective due to the entry into force of a European cybersecurity certification scheme can be a source of confusion. Therefore, Member States should reflect the adoption of a European cybersecurity certification scheme in their national legislation.

Art. 58 CSA - National cybersecurity certification authorities arrow_right_alt

Art. 59 CSA - Peer review arrow_right_alt

Art. 60 CSA - Conformity assessment bodies arrow_right_alt

Art. 61 CSA - Notification arrow_right_alt

Art. 62 CSA - European Cybersecurity Certification Group arrow_right_alt

Art. 63 CSA - Right to lodge a complaint arrow_right_alt

Art. 64 CSA - Right to an effective judicial remedy arrow_right_alt

Art. 65 CSA - Penalties arrow_right_alt