Skip to main content

Overview

FieldValue
CELEX32022L2557
StatusActive
Articles29
Recitals45
EUR-LexView Official Text

Compliance Deadlines

DateTypeDescription
2022-12-27Entry into forceDirective enters into force
2024-10-17TranspositionMember States transposition deadline

Stakeholder Roles

The CER Directive defines obligations for the following stakeholder roles:
  • manufacturer - Providers of security solutions for critical entities
  • importer - Entities bringing security services into the EU
  • distributor - Service providers supporting critical infrastructure
  • authorized_representative - EU representatives for non-EU providers
  • notified_body - Bodies for resilience assessment
  • market_surveillance - National competent authorities
  • consumer - Recipients of essential services

Requirement Types

Requirements in CER are classified as:
  • obligation - Mandatory resilience and risk assessment requirements
  • prohibition - Restricted practices affecting critical infrastructure
  • right - Rights of critical entities and service recipients
  • procedure - Incident notification and reporting procedures
  • general - General provisions and definitions

API Usage

Key Topics

  • Critical entity identification and designation
  • Risk assessment and resilience measures
  • Physical and digital security requirements
  • Incident notification obligations
  • Cross-border cooperation and information exchange
  • Supervision and enforcement mechanisms
  • Relationship with NIS2 Directive (sister legislation)