Assessment of Standards related to eIDAS
In this report, ENISA presents aspects of QSCD certification and QTSP supervision to identify the way to combine respective elements therein, in line with the eIDAS requirements. In this context, this report seeks to support standards CEN EN 419 241…
Guidance and gaps analysis for European standardisation
This study aims to a) explore how the standards-developing world is responding to the fast-changing, demanding realm of privacy by mapping existing available standards and initiatives in the area and b) provide insights on the “state-of-the-art” of…
Definition of Cybersecurity - Gaps and overlaps in standardisation
This document analyses the usage of this term by various stakeholders and reviews standardisation activities in the area of Cybersecurity, providing an overview of overlaps and gaps in available standards. It has been written by CSCG and ENISA…
Information security and privacy standards for SMEs
The analysis conducted for this study, based on the interviews with subject matter experts and review of available studies, shows that, despite rising concerns on information security risks, the level of SMEs information security and privacy…
Improving recognition of ICT security standards
This report is a continuation and an extension of previously carried out ENISA work on approaches to the NIS Directive by Member States, which have provided recommendations on standardisation and have outlined the use and management of CSIRTs.
Standardisation in the field of Electronic Identities and Trust Service Providers
This paper explains why standards are important for cyber security, specifically in the area of electronic identification and trust services providers. A number of challenges associated with the definition and deployment of standards in the area of…
Standards and tools for exchange and processing of actionable information
This document has been created as part of an ENISA-funded study of the state of security information sharing and is intended to supplement the main report, “Actionable Information for Security Incident Response.” The purpose of this document is to…
Recommendations for Qualified Trust Service Providers based on Standards
This document provides recommendations to help qualified trust service providers and auditors understand the expected mapping between these requirements/obligations and reference numbers of standards, as well as practical recommendations for their…
Good practices on the implementation of regulatory technical standards
MS approaches on PSD 2 implementation: commonalities in risk management and incident reporting - The main objective of this study is to identify the differences introduced by Member States in the implementation of the PSD2. In particular, the aim is…
Cyber Resilience Act Requirements Standards Mapping - Joint Research Centre & ENISA Joint Analysis
To facilitate adoption of the CRA provisions, these requirements need to be translated into the form of harmonised standards, with which manufacturers can comply. In support of the standardisation effort, this study attempt to identify the most…