European Network and Information Security Agency (ENISA): duration

PURPOSE: to amend Regulation (EC) No 460/2004 establishing the European Network and Information Security Agency with a view to extending the duration of its mandate.

LEGISLATIVE ACT: Regulation (EC) No 1007/2008 of the European Parliament and of the Council amending Regulation (EC) No 460/2004 establishing the European Network and Information Security Agency as regards its duration.

CONTENT: in order to enhance the capability of the Community, the Member States and, as a consequence, the business community to prevent, address and respond to network and information security problems, the European Network and Information Security Agency (ENISA) was established in 2004 for a period of five years.

The Agency was set up with the main purpose of “ensuring a high and effective level of network and information security within the Community and in order to develop a culture of network and information security for the benefit of the citizens, consumers, enterprises and public sector organisations of the European Union, thus contributing to the smooth functioning of the internal market.”

Since the mandate of the Agency will expire on 13 March 2009 and in order to ensure consistency and continuity, it is necessary to adopt an extension which will enable further discussion about the Agency, reflecting the results of the Agency evaluation process, the Management Board recommendations and the ongoing review of the regulatory framework for electronic communications networks and services.

This extension will also allow further reflection on the general direction of the European efforts towards an increased network and information security.

The duration of the Agency should therefore be extended until 13 March 2012 instead of 13 March 2009.

ENTRY INTO FORCE: 1 November 2008.