Governance: Difference between revisions
No edit summary |
|||
| Line 5: | Line 5: | ||
[[General Data Protection Regulation GDPR]] - privacy | [[General Data Protection Regulation GDPR]] - privacy | ||
NIS2 | |||
Cyber Resilience Act | |||
European Data Act | |||
Liability for Defective Products | |||
AI Act | |||
== National legal requirements to think of == | == National legal requirements to think of == | ||
Revision as of 07:29, 23 November 2024
Legal requirements in the EU
ePrivacy Directive (cookie law) - EPD - NB will be replaced by ePrivacy Regulation
General Data Protection Regulation GDPR - privacy
NIS2
Cyber Resilience Act
European Data Act
Liability for Defective Products
AI Act
National legal requirements to think of
International Certifications
ISO 9001 - quality management systems
ISO/IEC 27001 (EU and rest of world) / SOC2 (North America) - how to protect your data
ISO/IEC 27002 - how to handle access to data and incident response
UK NCSC CRA - UK’s National Cyber Security Centre Cyber Resilience Audit which assures providers who can conduct independent Cyber Assessment Framework (CAF) based audits
Local Certifications
Thuiswinkel.org - for webshops
EU Standards
ETSI - globally applicable standards for ICT-enabled systems, applications and services deployed across all sectors of industry and society