Skip to main content
Shaping Europe’s digital future

The European Cybersecurity Certification Group

The European Cybersecurity Certification Group was established to help ensure the consistent implementation and application of the Cybersecurity Act.

About the European Cybersecurity Certification Group (ECCG)

The ECCG has the following tasks:

  1. to advise and assist the Commission in its work to ensure the consistent implementation and application of the Cybersecurity Act, in particular regarding the Union rolling work programme, cybersecurity certification policy issues, the coordination of policy approaches, and the preparation of European cybersecurity certification schemes;
  2. to assist, advise and cooperate with ENISA in relation to the preparation of a candidate scheme;
  3. to adopt an opinion on candidate schemes prepared by ENISA;
  4. to request ENISA to prepare candidate schemes;
  5. to adopt opinions addressed to the Commission relating to the maintenance and review of existing European cybersecurity certifications schemes;
  6. to examine relevant developments in the field of cybersecurity certification and to exchange information and good practices on cybersecurity certification schemes;
  7. to facilitate the cooperation between national cybersecurity certification authorities under the Cybersecurity Act through capacity-building and the exchange of information, in particular by establishing methods for the efficient exchange of information relating to issues concerning cybersecurity certification;
  8. to support the implementation of peer assessment mechanisms in accordance with the rules established in a European cybersecurity certification;
  9. to facilitate the alignment of European cybersecurity certification schemes with internationally recognised standards, including by reviewing existing European cybersecurity certification schemes and, where appropriate, making recommendations to ENISA to engage with relevant international standardisation organisations to address insufficiencies or gaps in available internationally recognised standards.

Members

The ECCG is composed of representatives of national cybersecurity certification authorities or representatives of other relevant national authorities. See the list of members (.pdf).

A member of the ECCG cannot represent more than two Member States. Stakeholders and relevant third parties may be invited to attend meetings of the ECCG and to participate in its work.

The Commission chairs the ECCG, with the assistance of ENISA. The Commission also provides the secretariat of the group.

The European Cybersecurity Certification Group meetings agendas

The ECCG meets regularly, usually during plenary sessions. The agenda is proposed by the secretariat and agreed on by all members. This page is regularly updated with the agendas of the previous meetings.

List of previous meetings agendas

 

List of minutes from previous meetings

Latest News

Image representing the EU flag next to the Republic of Korea flag
  • Press release
  • 10 March 2025

The EU and the Republic of Korea have concluded negotiations for a landmark Digital Trade Agreement (DTA), underscoring their commitment to a strong and reliable partnership that is fit to face the fast-paced digital developments of today.