Source: OJ L, 2024/2690, 18.10.2024
ENRecital 17 Certified ICT products and services
The relevant entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; should manage the risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; stemming from the acquisition of ICT products means an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; or ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; from suppliers or service providers and should obtain assurance that the ICT products means an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; or ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; to be acquired achieve certain cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; protection levels, for example by European cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; certificates and EU statements of conformity for ICT products means an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; or ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; issued under a European cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; certification scheme adopted pursuant to Article 49 of Regulation (EU) 2019/881 of the European Parliament and of the Council(2)Regulation (EU) 2019/881 of the European Parliament and of the Council of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act) (OJ L 151, 7.6.2019, p. 15, ELI: http://data.europa.eu/eli/reg/2019/881/oj).. Where the relevant entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; set out security requirements to apply to the ICT products means an ICT product as defined in Article 2, point (12), of Regulation (EU) 2019/881; to be acquired, they should take into account the essential cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements set out in a regulation of the European Parliament and of the Council on horizontal cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; requirements for products with digital elements means a software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately;.