- Y Diweddaraf sydd Ar Gael (Diwygiedig)
- Pwynt Penodol mewn Amser (31/12/2020)
- Gwreiddiol (Fel y’i mabwysiadwyd gan yr UE)
Directive (EU) 2016/1148 of the European Parliament and of the CouncilDangos y teitl llawn
Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union
You are here:
- Cyfarwyddebau yn deillio o’r UE
- 2016 No. 1148
- Annexes only
Pa Fersiwn
Nodweddion Uwch
- Dangos Graddfa Ddaearyddol(e.e. Lloegr, Cymru, Yr Alban aca Gogledd Iwerddon)
- Dangos Llinell Amser Newidiadau
Rhagor o Adnoddau
Mae hon yn Gyfarwyddeb sy’n deillio o’r UE
Mae hon yn eitem o ddeddfwriaeth sy’n deillio o’r UE
Mae unrhyw newidiadau sydd wedi cael eu gwneud yn barod gan y tîm yn ymddangos yn y cynnwys a chyfeirir atynt gydag anodiadau.Ar ôl y diwrnod ymadael bydd tair fersiwn o’r ddeddfwriaeth yma i’w gwirio at ddibenion gwahanol. Y fersiwn legislation.gov.uk yw’r fersiwn sy’n weithredol yn y Deyrnas Unedig. Y Fersiwn UE sydd ar EUR-lex ar hyn o bryd yw’r fersiwn sy’n weithredol yn yr UE h.y. efallai y bydd arnoch angen y fersiwn hon os byddwch yn gweithredu busnes yn yr UE.
Y fersiwn yn yr archif ar y we yw’r fersiwn swyddogol o’r ddeddfwriaeth fel yr oedd ar y diwrnod ymadael cyn cael ei chyhoeddi ar legislation.gov.uk ac unrhyw newidiadau ac effeithiau a weithredwyd yn y Deyrnas Unedig wedyn. Mae’r archif ar y we hefyd yn cynnwys cyfraith achos a ffurfiau mewn ieithoedd eraill o EUR-Lex.
Changes over time for: Directive (EU) 2016/1148 of the European Parliament and of the Council (Annexes only)
Alternative versions:
Status:
EU Directives are being published on this site to aid cross referencing from UK legislation. After IP completion day (31 December 2020 11pm) no further amendments will be applied to this version.
ANNEX IU.K. REQUIREMENTS AND TASKS OF COMPUTER SECURITY INCIDENT RESPONSE TEAMS (CSIRTs)
The requirements and tasks of CSIRTs shall be adequately and clearly defined and supported by national policy and/or regulation. They shall include the following:
(1)
Requirements for CSIRTs:
(a)
CSIRTs shall ensure a high level of availability of their communications services by avoiding single points of failure, and shall have several means for being contacted and for contacting others at all times. Furthermore, the communication channels shall be clearly specified and well known to the constituency and cooperative partners.
(b)
CSIRTs' premises and the supporting information systems shall be located in secure sites.
(c)
Business continuity:
(i)
CSIRTs shall be equipped with an appropriate system for managing and routing requests, in order to facilitate handovers.
(ii)
CSIRTs shall be adequately staffed to ensure availability at all times.
(iii)
CSIRTs shall rely on an infrastructure the continuity of which is ensured. To that end, redundant systems and backup working space shall be available.
(d)
CSIRTs shall have the possibility to participate, where they wish to do so, in international cooperation networks.
(2)
CSIRTs' tasks:
(a)
CSIRTs' tasks shall include at least the following:
(i)
monitoring incidents at a national level;
(ii)
providing early warning, alerts, announcements and dissemination of information to relevant stakeholders about risks and incidents;
(iii)
responding to incidents;
(iv)
providing dynamic risk and incident analysis and situational awareness;
(v)
participating in the CSIRTs network.
(b)
CSIRTs shall establish cooperation relationships with the private sector.
(c)
To facilitate cooperation, CSIRTs shall promote the adoption and use of common or standardised practices for:
(i)
incident and risk-handling procedures;
(ii)
incident, risk and information classification schemes.
ANNEX IIU.K. TYPES OF ENTITIES FOR THE PURPOSES OF POINT (4) OF ARTICLE 4
| a Directive 2009/72/EC of the European Parliament and of the Council of 13 July 2009 concerning common rules for the internal market in electricity and repealing Directive 2003/54/EC (OJ L 211, 14.8.2009, p. 55). | ||
| b Directive 2009/73/EC of the European Parliament and of the Council of 13 July 2009 concerning common rules for the internal market in natural gas and repealing Directive 2003/55/EC (OJ L 211, 14.8.2009, p. 94). | ||
| c Regulation (EC) No 300/2008 of the European Parliament and of the Council of 11 March 2008 on common rules in the field of civil aviation security and repealing Regulation (EC) No 2320/2002 (OJ L 97, 9.4.2008, p. 72). | ||
| d Directive 2009/12/EC of the European Parliament and of the Council of 11 March 2009 on airport charges (OJ L 70, 14.3.2009, p. 11). | ||
| e Regulation (EU) No 1315/2013 of the European Parliament and of the Council of 11 December 2013 on Union guidelines for the development of the trans–European transport network and repealing Decision No 661/2010/EU (OJ L 348, 20.12.2013, p. 1). | ||
| f Regulation (EC) No 549/2004 of the European Parliament and of the Council of 10 March 2004 laying down the framework for the creation of the single European sky (the framework Regulation) (OJ L 96, 31.3.2004, p. 1). | ||
| g Directive 2012/34/EU of the European Parliament and of the Council of 21 November 2012 establishing a single European railway area (OJ L 343, 14.12.2012, p. 32). | ||
| h Regulation (EC) No 725/2004 of the European Parliament and of the Council of 31 March 2004 on enhancing ship and port facility security (OJ L 129, 29.4.2004, p. 6). | ||
| i Directive 2005/65/EC of the European Parliament and of the Council of 26 October 2005 on enhancing port security (OJ L 310, 25.11.2005, p. 28). | ||
| j Directive 2002/59/EC of the European Parliament and of the Council of 27 June 2002 establishing a Community vessel traffic monitoring and information system and repealing Council Directive 93/75/EEC (OJ L 208, 5.8.2002, p. 10). | ||
| l Commission Delegated Regulation (EU) 2015/962 of 18 December 2014 supplementing Directive 2010/40/EU of the European Parliament and of the Council with regard to the provision of EU–wide real–time traffic information services (OJ L 157, 23.6.2015, p. 21). | ||
| k Directive 2010/40/EU of the European Parliament and of the Council of 7 July 2010 on the framework for the deployment of Intelligent Transport Systems in the field of road transport and for interfaces with other modes of transport (OJ L 207, 6.8.2010, p. 1). | ||
| m Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1). | ||
| n Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU (OJ L 173, 12.6.2014, p. 349). | ||
| o Regulation (EU) No 648/2012 of the European Parliament and of the Council of 4 July 2012 on OTC derivatives, central counterparties and trade repositories (OJ L 201, 27.7.2012, p. 1). | ||
| p Directive 2011/24/EU of the European Parliament and of the Council of 9 March 2011 on the application of patients' rights in cross–border healthcare (OJ L 88, 4.4.2011, p. 45). | ||
| q Council Directive 98/83/EC of 3 November 1998 on the quality of water intended for human consumption (OJ L 330, 5.12.1998, p. 32). | ||
| Sector | Subsector | Type of entity |
|---|---|---|
1.Energy | (a)Electricity | —Electricity undertakings as defined in point (35) of Article 2 of Directive 2009/72/EC of the European Parliament and of the Councila, which carry out the function of ‘supply’ as defined in point (19) of Article 2 of that Directive |
—Distribution system operators as defined in point (6) of Article 2 of Directive 2009/72/EC | ||
—Transmission system operators as defined in point (4) of Article 2 of Directive 2009/72/EC | ||
(b)Oil | —Operators of oil transmission pipelines | |
—Operators of oil production, refining and treatment facilities, storage and transmission | ||
(c)Gas | —Supply undertakings as defined in point (8) of Article 2 of Directive 2009/73/EC of the European Parliament and of the Councilb | |
—Distribution system operators as defined in point (6) of Article 2 of Directive 2009/73/EC | ||
—Transmission system operators as defined in point (4) of Article 2 of Directive 2009/73/EC | ||
—Storage system operators as defined in point (10) of Article 2 of Directive 2009/73/EC | ||
—LNG system operators as defined in point (12) of Article 2 of Directive 2009/73/EC | ||
—Natural gas undertakings as defined in point (1) of Article 2 of Directive 2009/73/EC | ||
—Operators of natural gas refining and treatment facilities | ||
2.Transport | (a)Air transport | —Air carriers as defined in point (4) of Article 3 of Regulation (EC) No 300/2008 of the European Parliament and of the Councilc |
—Airport managing bodies as defined in point (2) of Article 2 of Directive 2009/12/EC of the European Parliament and of the Councild, airports as defined in point (1) of Article 2 of that Directive, including the core airports listed in Section 2 of Annex II to Regulation (EU) No 1315/2013 of the European Parliament and of the Councile, and entities operating ancillary installations contained within airports | ||
—Traffic management control operators providing air traffic control (ATC) services as defined in point (1) of Article 2 of Regulation (EC) No 549/2004 of the European Parliament and of the Councilf | ||
(b)Rail transport | —Infrastructure managers as defined in point (2) of Article 3 of Directive 2012/34/EU of the European Parliament and of the Councilg | |
—Railway undertakings as defined in point (1) of Article 3 of Directive 2012/34/EU, including operators of service facilities as defined in point (12) of Article 3 of Directive 2012/34/EU | ||
(c)Water transport | —Inland, sea and coastal passenger and freight water transport companies, as defined for maritime transport in Annex I to Regulation (EC) No 725/2004 of the European Parliament and of the Councilh, not including the individual vessels operated by those companies | |
—Managing bodies of ports as defined in point (1) of Article 3 of Directive 2005/65/EC of the European Parliament and of the Councili, including their port facilities as defined in point (11) of Article 2 of Regulation (EC) No 725/2004, and entities operating works and equipment contained within ports | ||
—Operators of vessel traffic services as defined in point (o) of Article 3 of Directive 2002/59/EC of the European Parliament and of the Councilj | ||
(d)Road transport | —Road authorities as defined in point (12) of Article 2 of Commission Delegated Regulation (EU) 2015/962l responsible for traffic management control | |
—Operators of Intelligent Transport Systems as defined in point (1) of Article 4 of Directive 2010/40/EU of the European Parliament and of the Councilk | ||
3.Banking | Credit institutions as defined in point (1) of Article 4 of Regulation (EU) No 575/2013 of the European Parliament and of the Councilm | |
4.Financial market infrastructures | —Operators of trading venues as defined in point (24) of Article 4 of Directive 2014/65/EU of the European Parliament and of the Counciln | |
—Central counterparties (CCPs) as defined in point (1) of Article 2 of Regulation (EU) No 648/2012 of the European Parliament and of the Councilo | ||
5.Health sector | Health care settings (including hospitals and private clinics) | Healthcare providers as defined in point (g) of Article 3 of Directive 2011/24/EU of the European Parliament and of the Councilp |
6.Drinking water supply and distribution | Suppliers and distributors of water intended for human consumption as defined in point (1)(a) of Article 2 of Council Directive 98/83/ECq but excluding distributors for whom distribution of water for human consumption is only part of their general activity of distributing other commodities and goods which are not considered essential services | |
7.Digital Infrastructure | —IXPs | |
—DNS service providers | ||
—TLD name registries | ||
ANNEX IIIU.K. TYPES OF DIGITAL SERVICES FOR THE PURPOSES OF POINT (5) OF ARTICLE 4
1.
Online marketplace.
2.
Online search engine.
3.
Cloud computing service.
Options/Help
Print Options
PrintThe Whole Directive
PrintThe Annexes only
Mae deddfwriaeth ar gael mewn fersiynau gwahanol:
Y Diweddaraf sydd Ar Gael (diwygiedig):Y fersiwn ddiweddaraf sydd ar gael o’r ddeddfwriaeth yn cynnwys newidiadau a wnaed gan ddeddfwriaeth ddilynol ac wedi eu gweithredu gan ein tîm golygyddol. Gellir gweld y newidiadau nad ydym wedi eu gweithredu i’r testun eto yn yr ardal ‘Newidiadau i Ddeddfwriaeth’.
Gwreiddiol (Fel y’i mabwysiadwyd gan yr UE): Mae'r wreiddiol version of the legislation as it stood when it was first adopted in the EU. No changes have been applied to the text.
Pwynt Penodol mewn Amser: This becomes available after navigating to view revised legislation as it stood at a certain point in time via Advanced Features > Show Timeline of Changes or via a point in time advanced search.
Gweler y wybodaeth ychwanegol ochr yn ochr â’r cynnwys
Rhychwant ddaearyddol: Indicates the geographical area that this provision applies to. For further information see ‘Frequently Asked Questions’.
Dangos Llinell Amser Newidiadau: See how this legislation has or could change over time. Turning this feature on will show extra navigation options to go to these specific points in time. Return to the latest available version by using the controls above in the What Version box.
Dewisiadau Agor
Dewisiadau gwahanol i agor deddfwriaeth er mwyn gweld rhagor o gynnwys ar y sgrin ar yr un pryd
Rhagor o Adnoddau
Gallwch wneud defnydd o ddogfennau atodol hanfodol a gwybodaeth ar gyfer yr eitem ddeddfwriaeth o’r tab hwn. Yn ddibynnol ar yr eitem ddeddfwriaeth sydd i’w gweld, gallai hyn gynnwys:
- y PDF print gwreiddiol y fel adopted version that was used for the EU Official Journal
- rhestr o newidiadau a wnaed gan a/neu yn effeithio ar yr eitem hon o ddeddfwriaeth
- pob fformat o’r holl ddogfennau cysylltiedig
- slipiau cywiro
- dolenni i ddeddfwriaeth gysylltiedig ac adnoddau gwybodaeth eraill
Llinell Amser Newidiadau
Mae’r llinell amser yma yn dangos y fersiynau gwahanol a gymerwyd o EUR-Lex yn ogystal ag unrhyw fersiynau dilynol a grëwyd ar ôl y diwrnod ymadael o ganlyniad i newidiadau a wnaed gan ddeddfwriaeth y Deyrnas Unedig.
Cymerir dyddiadau fersiynau’r UE o ddyddiadau’r dogfennau ar EUR-Lex ac efallai na fyddant yn cyfateb â’r adeg pan ddaeth y newidiadau i rym ar gyfer y ddogfen.
Ar gyfer unrhyw fersiynau a grëwyd ar ôl y diwrnod ymadael o ganlyniad i newidiadau a wnaed gan ddeddfwriaeth y Deyrnas Unedig, bydd y dyddiad yn cyd-fynd â’r dyddiad cynharaf y daeth y newid (e.e. ychwanegiad, diddymiad neu gyfnewidiad) a weithredwyd i rym. Am ragor o wybodaeth gweler ein canllaw i ddeddfwriaeth ddiwygiedig ar Ddeall Deddfwriaeth.
Rhagor o Adnoddau
Defnyddiwch y ddewislen hon i agor dogfennau hanfodol sy’n cyd-fynd â’r ddeddfwriaeth a gwybodaeth am yr eitem hon o ddeddfwriaeth. Gan ddibynnu ar yr eitem o ddeddfwriaeth sy’n cael ei gweld gall hyn gynnwys:
- y PDF print gwreiddiol y fel adopted fersiwn a ddefnyddiwyd am y copi print
- slipiau cywiro
liciwch ‘Gweld Mwy’ neu ddewis ‘Rhagor o Adnoddau’ am wybodaeth ychwanegol gan gynnwys
- rhestr o newidiadau a wnaed gan a/neu yn effeithio ar yr eitem hon o ddeddfwriaeth
- manylion rhoi grym a newid cyffredinol
- pob fformat o’r holl ddogfennau cysylltiedig
- dolenni i ddeddfwriaeth gysylltiedig ac adnoddau gwybodaeth eraill
Mae’r holl gynnwys ar gael dan Drwydded Llywodraeth Agored v3.0 ac eithrio ble nodir yn wahanol. Yn ychwanegol mae’r safle hwn â chynnwys sy’n deillio o EUR-Lex, a ailddefnyddiwyd dan delerau Penderfyniad y Comisiwn 2011/833/EU ar ailddefnyddio dogfennau o sefydliadau’r UE. Am ragor o wybodaeth gweler ddatganiad cyhoeddus Swyddfa Gyhoeddiadau’r UE ar ailddefnyddio.