Art. 40 Review | NIS 2 directive |

By 17 October 2027 and every 36 months thereafter, the Commission shall review the functioning of this Directive, and report to the European Parliament and to the Council. The report shall in particular assess the relevance of the size of the entities means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; concerned, and the sectors, subsectors and types of entity means a natural or legal person created and recognised as such under the national law of its place of establishment, which may, acting under its own name, exercise rights and be subject to obligations; referred to in Annexes I and II for the functioning of the economy and society in relation to cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881;. To that end and with a view to further advancing the strategic and operational cooperation, the Commission shall take into account the reports of the Cooperation Group means a group as defined in Article 2, point (11), of Directive 2013/34/EU; and the CSIRTscomputer security incident response teams network on the experience gained at a strategic and operational level. The report shall be accompanied, where necessary, by a legislative proposal.