prEN 40000-1-2
Cybersecurity requirements for products with digital elements - Part 1-2: Principles for cyber resilience
Draft Public enquiryProject stage codes
1. Prioritetinių darbo temų pažymėjimas ir ekspertų skyrimas
2. Projektas
3. Viešoji apklausa
From 2025-10-17
till 2025-12-14
4. Closure of enquiry
5. Submission to Formal Vote
Organisation
CEN Europos standartizacijos komitetasICS
35.030 - IT SecurityTechnical Committee
TK 79 IT security techniquesForeignTC'S
CEN/CLC/JTC 13Number of comments
0Comment start date
2025-10-17Scope
This document specifies general cybersecurity principles and general risk management activities for all products with digital elements, hereafter also referred to as 'products'. This document covers every stage of the product lifecycle to ensure and maintain an appropriate level of cybersecurity based on the risks. This document also provides generic elements to support the development of coherent product-category-specific standards (vertical standards). This document: — establishes generic cybersecurity principles applicable to all stages of the product lifecycle; — specifies requirements for risk assessment and treatment of cybersecurity risks; — specifies requirements on activities that can be applied to ensure an appropriate level of cybersecurity at every phase of the product lifecycle; — provides elements and considerations for product category specific standards in order to facilitate a harmonized approach. This document does not provide vertical product category specific activities and elements.