Free AI-powered Legal Search - Explore European Union Legislation

Scroll to: Top Results

Explore European Union Legislation by Asking a Legal Question

assisted-checkbox

filter-instruction-1

positive-filters

negative-filters

act-filter tabs-all

parameters-title

query

assisted-checkbox: ✅

result-title

total 3

Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act) (Text with EEA relevance)

article 49

CELEX: 02019R0881-20250204

Preparation, adoption and review of a European cybersecurity certification scheme

1. Following a request from the Commission pursuant to Article 48, ENISA shall prepare a candidate scheme that meets the applicable requirements set out in Articles 51, 51a, 52 and 54.

2. Following a request from the ECCG pursuant to Article 48(2), ENISA may prepare a candidate scheme that meets the applicable requirements set out in Articles 51, 51a, 52 and 54. If ENISA refuses such a request, it shall give reasons for its refusal. Any decision to refuse such a request shall be taken by the Management Board.

3. When preparing a candidate scheme, ENISA shall consult all relevant stakeholders in a timely manner by means of a formal, open, transparent and inclusive consultation process. When transmitting the candidate scheme to the Commission pursuant to paragraph 6, ENISA shall provide information on the manner in which it has complied with this paragraph.

article 49

CELEX: 02019R0881-20250204

4. For each candidate scheme, ENISA shall establish an ad hoc working group in accordance with Article 20(4) for the purpose of providing ENISA with specific advice and expertise. Those ad hoc working groups shall, as appropriate and without prejudice to the procedures and discretion provided for in Article 20(4), include experts from the public administrations of the Member States, the Union institutions, bodies, offices and agencies, and the private sector.

5. ENISA shall closely cooperate with the ECCG. The ECCG shall provide ENISA with assistance and expert advice in relation to the preparation of the candidate scheme and shall adopt an opinion on the candidate scheme.

6. ENISA shall take utmost account of the opinion of the ECCG before transmitting the candidate scheme prepared in accordance with paragraphs 3, 4 and 5 to the Commission. The opinion of the ECCG shall not bind ENISA, nor shall the absence of such an opinion prevent ENISA from transmitting the candidate scheme to the Commission.

article 49

CELEX: 02019R0881-20250204

7. The Commission may, on the basis of the candidate scheme prepared by ENISA, adopt implementing acts providing for a European cybersecurity certification scheme for ICT products, ICT services, ICT processes and managed security services which meets the relevant requirements set out in Articles 51, 51a, 52 and 54. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 66(2).

8. At least every five years, ENISA shall evaluate each adopted European cybersecurity certification scheme, taking into account the feedback received from interested parties. If necessary, the Commission or the ECCG may request ENISA to start the process of developing a revised candidate scheme in accordance with Article 48 and this Article.