Simultaneous coordinated control actions (sweeps) are specific enforcement actions by market surveillance authorities that can further enhance product security. Sweeps should, in particular, be conducted where market trends, consumer complaints or other indications suggest that certain categories of products with digital elements are often found to present cybersecurity risks. Furthermore, when determining the product categories to be subjected to sweeps, market surveillance authorities should also take into account circumstances relating to non-technical risk factors. To that end, market surveillance authorities should be able to take into account the results of Union level coordinated security risk assessments of critical supply chains carried out in accordance with Article 22 of Directive (EU) 2022/2555, including circumstances relating to non-technical risk factors. ENISA should submit proposals for categories of products with digital elements for which sweeps could be organised to the market surveillance authorities, based, inter alia, on the notifications of vulnerabilities and incidents it receives.
This recital provides context for:
Leave a Reply