A national governmental or regulatory authority is responsible for carrying out the tasks assigned to it in the (NCCS Article 4).
Designated by each member state six months after entry into force (NCCS Article 4 Paragraph 1).
Shall coordinate and cooperate with cybersecurity competent authorities, NRAs, RP NCAs, CSIRTs, and other authorities determined by each Member State to ensure the fulfillment of NCCS and avoid duplication of tasks (NCCS Article 5).
May delegate tasks to other national authorities (NCCS Article 4 Paragraph 3).
Identify high-impact and critical-impact entities (NCCS Article 24 Paragrpah 2).
Approve the developed conditions and methodologies (NCCS Article 6 Paragraph 2).
Conduct cybersecurity risk assessments (NCCS Article 20 Paragraph 1).
Grant exemptions from minimum and advanced cybersecurity controls (NCCS Article 30 Paragraph 1).
May perform inspections of critical-impact entities according to national law to verify their compliance with the NCCS (NCCS Article 25).