Beta

Source: OJ L 2024/2847, 20.11.2024

EN

Recital 114 Simultaneous coordinated control actions (sweeps)

Simultaneous coordinated control actions (sweeps) are specific enforcement actions by market surveillance authoritiesmeans a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020; that can further enhance product security. Sweeps should, in particular, be conducted where market trends, consumermeans a natural person who acts for purposes which are outside that person’s trade, business, craft or profession; complaints or other indications suggest that certain categories of products with digital elementsmeans a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; are often found to present cybersecurity risksmeans the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;. Furthermore, when determining the product categories to be subjected to sweeps, market surveillance authoritiesmeans a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020; should also take into account circumstances relating to non-technical risk factors. To that end, market surveillance authoritiesmeans a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020; should be able to take into account the results of Union level coordinated security risk assessments of critical supply chains carried out in accordance with Article 22 of Directive (EU) 2022/2555, including circumstances relating to non-technical risk factors. ENISA should submit proposals for categories of products with digital elementsmeans a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately; for which sweeps could be organised to the market surveillance authoritiesmeans a market surveillance authority as defined in Article 3, point (4), of Regulation (EU) 2019/1020;, based, inter alia, on the notifications of vulnerabilitiesmeans a weakness, susceptibility or flaw of a product with digital elements that can be exploited by a cyber threat; and incidentsmeans an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; it receives.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod