EU Cybersecurity Certification Framework

The mission of ENISA in the area of the EU cybersecurity certification framework is outlined as follows: “To proactively contribute to the emerging EU framework for the ICT certification of products and services and carry out the drawing up of candidate certification schemes in line with the Cybersecurity Act, and additional services and tasks”.

Throughout its lifespan, ENISA has received due recognition for its outputs. In a shift towards a role that adds more value to the EU policy on network and information security, ENISA has been singled out as the appropriate organisation to deliver on the promise of drawing up candidate certification schemes in an EU cybersecurity certification framework. ENISA, with its pivotal role as an agency that engages with public services as well as with industry and standardisation organisations, provides a sound reference point to draw up candidate cybersecurity certification schemes. The expected output of ENISA includes draft and finalised candidate schemes for the certification of ICT products and services, within the meaning of the Cybersecurity Act.

Public Consultations

ENISA consults stakeholders on draft certification schemes under the EU Cybersecurity Certification Framework through online public consultations. More information is available on the webpage Public Consultations on Cybersecurity Candidate Schemes.


For any general related questions about the EU Cybersecurity Certification Framework, please contact certification (at)

Stakeholders’ Interactions

(click on the image to see it in full)

EU Cybersecurity Certification Framework

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information