This document specifies an approach that supports the risk-based identification of cybersecurity, certification and assurance requirements to ICT products, processes…