DIN Standards Committee Information Technology and IT Applications
Guidelines on a sectoral cybersecurity assessment - Part 2: Application of sectoral cybersecurity assessment results by ICT product manufacturers
Abstract
This document provides guidance for sectoral stakeholders and product manufacturers in generating ICT product-relevant information based on EN 18037. Sectoral stakeholders are supported in applying the risk and cybersecurity assessment methodology so that the information needs of product manufacturers are covered by the sectoral assessment report. Product manufacturers receive guidance in using methodology according to EN 18037 for own assumptions of their ICT product's sector-specific risks and security requirements. This document uses a step-by-step approach for guiding sectoral stakeholders and product manufacturers through the assessment. For each step, the relevant information provided by EN 18037 is summarized or referenced and the enhancements or clarifications in support of the information needs of the ICT product manufacturers are pointed out. From the perspective of product manufacturers, the re-use of existing product-specific specifications and certification tools is of particular relevance. Therefore, this document provides guidance how the results of sectoral assessments according to EN 18037 can be connected with these specifications and tools.
Begin
2026-02-25
WI
JT013111
Planned document number
prEN 18037-2
Responsible national committee
NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity
