ENAC begins the first assessment processes for certification bodies interested in applying for accreditation in this activity

The European Commission has recently given the green light to implement Regulation (EU) 2024/3144 that lays down specific requirements for certification bodies under the European certification scheme based on Common Criteria (EUCC).

This scheme, developed within the framework of the regulation known as the "Cybersecurity Act", aims to raise the cybersecurity level of ICT products, services and processes in the EU market. Specifically, it enables suppliers in the sector wishing to demonstrate their ICT products' security, such as technological components (chips, smart cards), hardware and software, to undergo a common EU assessment process to certify these products.

In order to make it easier for Spanish industry to start product assessment processes with the new scheme as soon as possible, ENAC has developed the corresponding accreditation scheme and has begun to carry out the first assessments of applicant certification bodies wanting to operate under the EUCC.