To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…
Cybersecurity of AI and Standardisation
The overall objective of the present document is to provide an overview of standards (existing, being drafted, under consideration and planned) related to the cybersecurity of artificial intelligence (AI), assess their coverage and identify gaps in…
Interoperable EU Risk Management Toolbox
This document presents the EU RM toolbox, a solution proposed by ENISA to address interoperability concerns related to the use of information security RM methods. The toolbox aims to facilitate the smooth integration of various RM methods in an…
Interoperable EU Risk Management Framework
This report proposes a methodology for assessing the potential interoperability of risk management (RM) frameworks and methodologies and presents related results. The methodology used to evaluate interoperability stemmed from extensive research of…
5G Cybersecurity Standards
This report outlines the contribution of standardisation to the mitigation of technical risks, and therefore to trust and resilience, in the 5G ecosystem. This report focuses on standardisation from a technical and organisational perspective.
Risk Management Standards
The purpose of this document is to provide a coherent overview of published standards that address aspects of risk management and subsequently describe methodologies and tools that can be used to conform with or implement these standards.
Compendium of Risk Management Frameworks with Potential Interoperability
This report presents the results of desktop research and the analysis of currently used
cybersecurity Risk Management (RM) frameworks and methodologies with the potential
for interoperability. The identification of the most prominent RM frameworks…
Methodology for Sectoral Cybersecurity Assessments
The methodology for sectoral cybersecurity assessments described in this document (called SCSA Methodology) addresses objectives in the context of ICT security for sectoral multi-stakeholder systems and drafting sectoral cybersecurity certification…
Cybersecurity Certification: Candidate EUCC Scheme V1.1.1
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…
Cybersecurity Certification: Candidate EUCC Scheme
Following the request from the European Commission in accordance with Article 48.2 of the Cybersecurity Act, ENISA has set up an Ad Hoc Working Group to support the preparation of a candidate EU cybersecurity certification scheme as a successor to…