@@ -126,7 +126,7 @@ The Harmonised Standard shall have appropriate transposition periods specified.
The Technical Body may propose different dates to the default ones (3, 6, 18). Technical Bodies who wish to propose different dates are advised to indicate this clearly in the approved committee draft.
| SIEM | Security Information and Event Management systems |
| NMS | Network Management System |
| 2FA | Two Factor Authentication |
| CSP | Communication System Provider |
| SDN | Software Defined Networks |
| GUI | Graphical User Interface |
| NE | One or more connected Network Elements |
| MDM | Mobile Device Management system |
`CRA Cyber Reciliensy Act`
`OS Operating System`
`IDP Identity Provider`
`VPN Virtual Private Network`
`SIEM Security Information and Event Management systems`
`NMS Network Management System`
`2FA Two Factor Authentication`
`CSP Communication System Provider`
`SDN Software Defined Networks`
`GUI Graphical User Interface`
`NE One or more connected Network Elements`
`MDM Mobile Device Management system`
# 4 Product context
@@ -408,7 +406,7 @@ The risk factors identified by the risk assessment in Annex C are grouped into r
-**[ACC-L-2]** Private network with multiple connections to public networks filtered by firewalls, no internal segmentation
-**[ACC-L-3]** Everything else
### 4.5.1 Mapping of use cases to risk factors and security profiles
### 4.5.2 Mapping of use cases to risk factors and security profiles
The table below is an example, how the example use cases could be mapped to different risk factors.
If there is no clear use case to be referred, the manufacturer shall take the presented dimensions, Service Requesting Users, Complexity and Expectations, into consideraton and document what factors apply.
@@ -417,7 +415,7 @@ The different risk factors have a set of minimun requirements defined that are l
In case of overlap in the requirements, a stronger and more secure option shall be selected.
