The Stakeholder Cybersecurity Certification Group has been established by the Cybersecurity Act in 2019 to advise the Commission and ENISA, the European Union Agency for Cybersecurity, on strategic issues regarding cybersecurity certification, and assist the Commission in the preparation of the Union's rolling work programme.

logo of the group

About the Stakeholder Cybersecurity Certification Group

The Stakeholder Cybersecurity Certification Group's (SCCG) overall mission is to support and facilitate the strategic issues regarding the European cybersecurity certification framework. Upon request, the Group will advise ENISA on general and strategic matters concerning the ENISA's tasks relating to market, cybersecurity certification, and standardisation.  

The Group will also assist the European Commission in the preparation of the Union's rolling work programme referred to in Article 47 of the Act; issue an opinion on the Union rolling work programme and in urgent cases, provide advice to the Commission and the European Cybersecurity Certification Group (ECCG) on the need for additional certification schemes not included in the Union rolling work programme.

In line with the Cybersecurity Act (art. 22) the European Commission, together with ENISA, will co-chair the meetings of the Stakeholder Cybersecurity Certification Group. ENISA will also provide the secretariat of the Group. In principle, the group should meet three times per year. 


The SCCG is composed up to 50 members from organisations in the broad sense of the word, including in particular academic institutions, consumer organisations, conformity assessment bodies, standard developing organisations, companies and trade associations or other membership organisations active in Europe with an interest in cybersecurity certification. The Group includes also members appointed from the European Standardisation Organisations (CEN— European Committee for Standardisation, Cenelec— European Committee for Electrotechnical Standardisation, ETSI— European Telecommunications Standards Institute) and International Standardisation Bodies (International Organisation for Standardisation (ISO), the International Electrotechnical Commission (IEC) and the International Telecommunication Union (ITU);  the European co-operation for Accreditation (EA) and the European Data Protection Board (EDPB).

Access the full list of the member organisations