Directive
The CER Directive represents a fundamental step in strengthening the resilience of critical entities within the European Union.
It was established to ensure the continuity of essential services, protecting them from physical risks and cross-border threats.
Directive 2022/2557
Critical Entities Resilience (CER)
The CER Directive aims to ensure that public or private entities deemed ‘critical’ due to the infrastructures they manage or the services they provide have appropriate measures in place to guarantee the continuity of such services even in the presence of adverse or catastrophic events—so-called ‘Operational Resilience.’
This concept, resilience, is generally managed through the disciplines of Business Continuity and Crisis Management, which establish the measures and activities to be undertaken should an unlikely but high-impact risk materialize as an actual event. Since a catastrophic event, however unlikely, can always occur (consider COVID), organizations subject to the CER must have defined the following during normal times:
Methods to minimize the likelihood that applicable risks jeopardize the provision of services;
Procedures and tools to be used in order to maintain their services even during critical events that could not otherwise be mitigated.
Directive
Directive 2022/2557
Critical Entities Resilience (CER)
The CER Directive aims to ensure that public or private entities deemed ‘critical’ due to the infrastructures they manage or the services they provide have appropriate measures in place to guarantee the continuity of such services even in the presence of adverse or catastrophic events—so-called ‘Operational Resilience.’
This concept, resilience, is generally managed through the disciplines of Business Continuity and Crisis Management, which establish the measures and activities to be undertaken should an unlikely but high-impact risk materialize as an actual event. Since a catastrophic event, however unlikely, can always occur (consider COVID), organizations subject to the CER must have defined the following during normal times:
Methods to minimize the likelihood that applicable risks jeopardize the provision of services;
Procedures and tools to be used in order to maintain their services even during critical events that could not otherwise be mitigated.
The CER Directive represents a fundamental step in strengthening the resilience of critical entities within the European Union.
It was established to ensure the continuity of essential services, protecting them from physical risks and cross-border threats.
Our Approach
CER
Business Continuity is a discipline supported by structured international best practices; in particular, ISO 22301 and other standards in the 22300 series outline how to structure business processes in order to maintain adequate Operational Resilience.
By August 17, 2026, pursuant to Decree 134/2024 (transposing the CER Directive), the affected entities will be notified and will have a 10-month window to align their processes and infrastructures with the new Italian regulatory requirements.
What We Offer
Gerico, which stands for GEstione dei RIschi e Continuità Operativa (Risk Management and Business Continuity), was founded by professionals who have been working in these fields for over 20 years and hold the highest level of certification from the DRI-I (Disaster Recovery Institute International – USA) and the BCI (Business Continuity Institute – UK).
Our experience makes us uniquely qualified, having worked on major European projects such as IRRIIS and STRUCTURES, and having supported large infrastructures in the Oil & Gas and Telco sectors, as well as medium-sized entities (Water, Transport, and Industry), for years in defining and verifying Business Continuity and Crisis Management plans for their business processes.
