Stakeholder Cybersecurity Certification Group

About the Group

The Stakeholder Cybersecurity Certification Group's (SCCG) overall mission is to support and facilitate the strategic issues regarding the European cybersecurity certification framework. Upon request, the Group will advise ENISA on general and strategic matters concerning ENISA's tasks relating to market, standardisation and cybersecurity certification.  

The Group will also assist the European Commission in the preparation of the Union's rolling work programme referred to in Article 47 of the Cybsercurity Act. It will issue an opinion on the Union's rolling work programme and in urgent cases, provide advice to the Commission and the European Cybersecurity Certification Group (ECCG) on the need for additional certification schemes not included in the Union's rolling work programme.

In line with the Cybersecurity Act, the European Commission, together with ENISA, will co-chair the meetings of the Stakeholder Cybersecurity Certification Group. ENISA will also provide the secretariat of the Group. In principle, the group should meet three times per year. 

The European Commission is making available meeting agendas and minutes.

Members

The SCCG is composed of up to 50 members from various organisations, including, inter alia, academic institutions, consumer organisations, conformity assessment bodies, standard developing organisations, companies and trade associations and other membership organisations active in Europe with an interest in cybersecurity certification.

The Group includes members appointed from the European Standardisation Organisations, such as CEN— European Committee for Standardisation, Cenelec— European Committee for Electrotechnical Standardisation, ETSI— European Telecommunications Standards Institute. Also involved in the Group are  International Standardisation Bodies  such as the International Organisation for Standardisation (ISO), the International Electrotechnical Commission (IEC) and the International Telecommunication Union (ITU), the European co-operation for Accreditation (EA) and the European Data Protection Board (EDPB).

Access the full list of the member organisations (.pdf)

Meetings

• First meeting of the Group, 24 June 2020
  • Agenda (.pdf)
  • Minutes (.pdf)
• Second meeting of the Group, 22 September 2020
  • Agenda (.pdf)
  • Minutes (.pdf)
• Third meeting of the Group, 27 November 2020
  • Agenda (.pdf)
  • Minutes (.pdf)
• Fourth meeting of the Group, 23 April 2021
  • Agenda (.pdf)
  • Minutes (.pdf)
• Fifth meeting of the Group, 17 September 2021
  • Agenda (.pdf)
  • Minutes (.pdf)
• Sixth meeting of the Group, 19 November 2021
  • Agenda (.pdf)
  • Minutes (.pdf)
• Seventh meeting of the Group, 20 June 2022
  • Agenda (.pdf)
  • Minutes (.pdf)
• Eighth meeting of the Group, 18 November 2022
  • Agenda (.pdf)
  • Minutes (.pdf)
• Ninth meeting of the Group, 3 March 2023
  • Agenda (.pdf)
  • Minutes (.pdf)
• Tenth meeting of the Group, 24 May 2023
  • Agenda (.pdf)
  • Minutes (.pdf)
• Eleventh meeting of the Group, 20 September 2023
  • Agenda (.pdf)
  • Minutes (.pdf)
• Twelfth meeting of the Group, 15 March 2024
  • Minutes (.pdf)

SCCG Documents

• Cybersecurity Certification Union Rolling Work Programme: A Stakeholders' View (.pdf)
• Consultation Report on Draft Union Rolling Work Programme (.pdf)
• List of the member organisations of the Stakeholder Cybersecurity Certification Group (.pdf)
• SCCG Opinion on the draft Union Rolling Work Programme (.pdf)