Source: OJ L, 2026/881, 20.4.2026

Current language: EN

Article 1 Subject matter


Summary What does Article 1 of the Terms and conditions for delaying notifications say?

This is the foundational scope article of the Regulation.

It establishes the core purpose: to define the specific terms and conditions under which a CSIRT designated as coordinator — the one that first receives a vulnerability or incident notification — may lawfully delay passing that notification on to other relevant CSIRTs.

This Regulation does not stand alone; it directly implements and gives substance to Article 16(2) of Regulation (EU) 2024/2847, which established the general grounds for such delays but left the detail to be filled in here.

Important points:

  • The Regulation governs the CSIRT initially receiving a notification, setting out when it may delay sharing that notification with other coordinator CSIRTs.
  • The delay mechanism applies specifically to notifications made under Articles 14 and 15 of Regulation (EU) 2024/2847, concerning products with digital elements.
  • This article establishes the subject matter and scope only — the actual conditions justifying a delay are set out in the articles that follow.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

This Regulation specifies the terms and conditions for applying the cybersecurity-related grounds referred to in Article 16(2) of Regulation (EU) 2024/2847 that enable the CSIRT designated as coordinator initially receiving a notification in accordance with Article 14(1) and (3) and Article 15(1) and (2) of that Regulation to delay the dissemination of the notification to the CSIRTs designated as coordinators on the territory of which the manufacturer has indicated that the product with digital elements has been made available.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod