NIS2 Article 14. Cooperation Group

• (a)

  to provide guidance to the competent authorities in relation to the transposition and implementation of this Directive;
• (b)

  to provide guidance to the competent authorities in relation to the development and implementation of policies on coordinated vulnerability disclosure, as referred to in Article 7(2), point (c);
• (c)

  to exchange best practices and information in relation to the implementation of this Directive, including in relation to cyber threats, incidents, vulnerabilities, near misses, awareness-raising initiatives, training, exercises and skills, capacity building, standards and technical specifications as well as the identification of essential and important entities pursuant to Article 2(2), points (b) to (e);
• (d)

  to exchange advice and cooperate with the Commission on emerging cybersecurity policy initiatives and the overall consistency of sector-specific cybersecurity requirements;
• (e)

  to exchange advice and cooperate with the Commission on draft delegated or implementing acts adopted pursuant to this Directive;
• (f)

  to exchange best practices and information with relevant Union institutions, bodies, offices and agencies;
• (g)

  to exchange views on the implementation of sector-specific Union legal acts that contain provisions on cybersecurity;
• (h)

  where relevant, to discuss reports on the peer review referred to in Article 19(9) and draw up conclusions and recommendations;
• (i)

  to carry out coordinated security risk assessments of critical supply chains in accordance with Article 22(1);
• (j)

  to discuss cases of mutual assistance, including experiences and results from cross-border joint supervisory actions as referred to in Article 37;
• (k)

  upon the request of one or more Member States concerned, to discuss specific requests for mutual assistance as referred to in Article 37;
• (l)

  to provide strategic guidance to the CSIRTs network and EU-CyCLONe on specific emerging issues;
• (m)

  to exchange views on the policy on follow-up actions following large-scale cybersecurity incidents and crises on the basis of lessons learned of the CSIRTs network and EU-CyCLONe;
• (n)

  to contribute to cybersecurity capabilities across the Union by facilitating the exchange of national officials through a capacity building programme involving staff from the competent authorities or the CSIRTs;
• (o)

  to organise regular joint meetings with relevant private stakeholders from across the Union to discuss activities carried out by the Cooperation Group and gather input on emerging policy challenges;
• (p)

  to discuss the work undertaken in relation to cybersecurity exercises, including the work done by ENISA;
• (q)

  to establish the methodology and organisational aspects of the peer reviews referred to in Article 19(1), as well as to lay down the self-assessment methodology for Member States in accordance with Article 19(5), with the assistance of the Commission and ENISA, and, in cooperation with the Commission and ENISA, to develop codes of conduct underpinning the working methods of designated cybersecurity experts in accordance with Article 19(6);
• (r)

  to prepare reports for the purpose of the review referred to in Article 40 on the experience gained at a strategic level and from peer reviews;
• (s)

  to discuss and carry out on a regular basis an assessment of the state of play of cyber threats or incidents, such as ransomware.

The Cooperation Group shall submit the reports referred to in the first subparagraph, point (r), to the Commission, to the European Parliament and to the Council.