Guideline on Security Measures under the EECC

This document, the Technical Guideline for Security Measures, provides guidance to competent authorities about the technical details of implementing Articles 40 and 41 of the EECC: how to ensure that providers assess risks and take appropriate security measures. The guideline lists 29 high-level security objectives, which are grouped in 8 security domains. For each security objective we list specific detailed security measures which could be taken by providers to reach the security objective. These security measures are grouped in 3 levels of increasing sophistication. We also give examples of evidence, which could be taken into account by an auditor, for example, when assessing if these security measures are actually in place.


This report is accompanied by a Supplement on 5G, accessible from the link below:

5G Supplement

This site uses cookies to offer you a better browsing experience.
Aside from essential cookies we also use tracking cookies for analytics.
Find out more on how we use cookies.

Accept all cookies Accept only essential cookies