News Item

ENISA publishes a Tool for the Mapping of Dependencies to International Standards

The EU Agency for Cybersecurity publishes a tool to map international security standards to interdependencies’ indicators.

Published on April 06, 2020


The web tool presents the mapping of the indicators demonstrated in the report Good practices on interdependencies between OES and DSPs to international information security standards.

This report analysed the dependencies and interdependencies between Operators of Essential Services (OES) and Digital Service Providers (DSPs) and identified a number of indicators to assess them.

These indicators are mapped to international standards and frameworks, namely ISO IEC 27002, COBIT5, the NIS Cooperation Group security measures and NIST Cybersecurity Framework.


Due to the digitalisation of services, all major sectors have an increasing level of cyber (inter)dependencies on digital infrastructures and DSPs. Integrating the assessment of (inter)dependencies in an overall risk management process is a complex process, particularly in the case of cross-sector or cross-border dependencies and interdependencies.

The following framework was used to identify, analyse these interdependencies and then define the (inter)dependencies’ indicators.

interd dep pic



The tool contributes to the NIS Directive (Article 3) objective for a common and converged level of security in network and information systems at EU level. It does not intend to replace existing standards, frameworks or good-practices in use by OESs.

By using this tool, security experts may:

  1. Describe the interdependencies among OES and DSP in a straightforward  and comprehensive manner;
  2. Easily identify risk assessment practices for the evaluation of the potential impact of interdependencies;
  3. Define good practices for assessing interdependencies stemming from international standards and frameworks.

Click here to access the Interdependencies between OES and DSPs - Tool

Target Audience

  • Operators of Essential Services (OES)
  • Digital Service Providers (DSPs);
  • National Competent Authorities (NCAs).
 For intrerviews and questions

Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!

News items:


This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies