Good Practice Guide on Incident Reporting

The European Commission and Member States pay increasing attention to the resilience of public electronic communications networks. Their aim is to ensure that this infrastructure fulfills its role as a fundamental platform for European societies, economies and institutions. In 2009 ENISA conducted a study and published the Good Practice Guide on incident reporting, to support Member States moving closer to resilience of CIIP.

Published under For Telcos

Incident reporting plays an important role in these efforts as it contributes in improving stakeholders' knowledge of the actual security problems at stake.

An effective incident reporting system contributes to the collection of reliable and up-to-date data on information security incidents and ensures:

  1. quick dissemination of information among interested parties,
  2. a coordinated response,
  3. access to a wide pool of expertise about such incidents,
  4. that national authorities can follow up with the infrastructure managers in a regulatory capacity,
  5. threat analysis; and
  6. identification of good practices.


The European Commission has highlighted, in a number of key policy documents, the importance of getting reliable, up-to-date and comparable data on security incidents in order to develop a clear understanding of the nature and extent of the challenges at stake.

Recognizing the importance of the topic of incident reporting and the need to prepare the ground for these policy and regulatory developments, ENISA performed an extensive stock taking of Member States activities with the aim to identify and analyze existing practices for incident reporting procedures resulting in the Good Practice Guide on Incident Reporting.

The main objective was to identify good practices and to share them with Member States throughout the EU. Such a stock taking of good practices could serve as a basis to the overall discussion on how Member States could best implement the provision on breach notification of article 13 of the revised Framework Directive.

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more