Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019
On ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification
and repealing Regulation (EU) No 526/2013 (Cybersecurity Act) (Text with EEA relevance)Cybersecurity Regulation – ENISA
- Recitals
TITLE I — GENERAL PROVISIONS
TITLE II — ENISA (THE EUROPEAN UNION AGENCY FOR CYBERSECURITY)
CHAPTER I — Mandate and objectives
CHAPTER II — Tasks
- Article 5 — Development and implementation of Union policy and law
- Article 6 — Capacity-building
- Article 7 — Operational cooperation at Union level
- Article 8 — Market, cybersecurity certification, and standardisation
- Article 9 — Knowledge and information
- Article 10 — Awareness-raising and education
- Article 11 — Research and innovation
- Article 12 — International cooperation
CHAPTER III — Organisation of ENISA
CHAPTER IV — Establishment and structure of ENISA’s budget
CHAPTER V — Staff
CHAPTER VI — General provisions concerning ENISA
- Article 38 — Legal status of ENISA
- Article 39 — Liability of ENISA
- Article 40 — Language arrangements
- Article 41 — Protection of personal data
- Article 42 — Cooperation with third countries and international organisations
- Article 43 — Security rules on the protection of sensitive non-classified information and classified information
- Article 44 — Headquarters Agreement and operating conditions
- Article 45 — Administrative control
TITLE III — CYBERSECURITY CERTIFICATION FRAMEWORK
- Article 46 — European cybersecurity certification framework
- Article 47 — The Union rolling work programme for European cybersecurity certification
- Article 48 — Request for a European cybersecurity certification scheme
- Article 49 — Preparation, adoption and review of a European cybersecurity certification scheme
- Article 50 — Website on European cybersecurity certification schemes
- Article 51 — Security objectives of European cybersecurity certification schemes
- Article 52 — Assurance levels of European cybersecurity certification schemes
- Article 53 — Conformity self-assessment
- Article 54 — Elements of European cybersecurity certification schemes
- Article 55 — Supplementary cybersecurity information for certified ICT products, ICT services and ICT processes
- Article 56 — Cybersecurity certification
- Article 57 — National cybersecurity certification schemes and certificates
- Article 58 — National cybersecurity certification authorities
- Article 59 — Peer review
- Article 60 — Conformity assessment bodies
- Article 61 — Notification
- Article 62 — European Cybersecurity Certification Group
- Article 63 — Right to lodge a complaint
- Article 64 — Right to an effective judicial remedy
- Article 65 — Penalties
TITLE IV — FINAL PROVISIONS
- Final
- ANNEX — REQUIREMENTS TO BE MET BY CONFORMITY ASSESSMENT BODIES