Skip to main content

Developing Certification Schemes

What's Happening


The European Cybersecurity Certification Scheme on Common Criteria, the first scheme, targets ICT products such as hardware and software products and components. On January 31st, 2024, the European Commission published the Implementing Act launching the certification scheme live. ENISA is publishing the state-of-the-art documents supporting the scheme as listed in its Annex 1.

Cloud Icon

The European Certification Scheme for Cloud Services was drafted with the support of an Ad-Hoc Working group and Member States. The text should now enter the process of the ECCG opinion.


The European Cybersecurity Certification Scheme for 5G is developed in two phases. During a first phase which ended in Autumn 2022, ENISA, the experts gathered under an Ad-Hoc Working Group with the EU Commission and Member States analysed the existing industrial evaluations and certifications schemes and their necessary updates to comply with the Cybersecurity Act. A first draft scheme will be made available for public consultation, the expected date is under discussion within the AHWG.

Artificial Intelligence

In view of the adoption of the draft EU Regulation on Artificial Intelligence, ENISA is assessing whether and how AI could be the object of cybersecurity certification, as well as how schemes under elaboration could be re-used. This work is preparatory, as ENISA has not received a request to develop a certification scheme by the European Commission.

Safeguarding EU elections

Mentioned in the NIS2 Directive as a critical sector but also hinted at in the future Cyber Solidarity Act, Managed Security Services are at heart of the prevention and response to Cybersecurity threats and Incidents. Already included in the Union Rolling Work Programme for Certification, it is foreseen that the future amendment of the Cybersecurity Act includes the possibility for ENISA to certify such services. The European Agency for Cybersecurity launched a preparatory work on the topic.