ECI process

Stages

Identification

Apply sectoral criteria for critical infrastructures

Apply the definition of critical infrastructure, according to Article 2(a) of the directive

Apply transboundary element according to Article 2(b)

Apply cross-cutting criteria to identify potential ECIs

Designation

Inform other Member States affected by a potential ECI

Critical Infrastructure Warning Information Network (CIWIN)

Engage in bilateral/multilateral dialogue with the Member States

affected

Agree with the Member States affected on ECI

Inform European Commission and ECI owner/operator

Protection

Apply operator security plan (OSP) procedure in accordance with

Article 5 and Annex II, and review OSP regularly

Designate security liaison officer (Article 6)

Report to Commission every 2 years on types of risks, threats and vulnerabilities encountered per ECI sector

Classify reports at an appropriate level