Question 1

What is the EU Cyber Resilience Act?

Accepted Answer

The Cyber Resilience Act (EU 2024/2847) is a horizontal EU regulation setting cybersecurity requirements for products with digital elements placed on the EU single market.

Question 2

When does the CRA apply?

Accepted Answer

The CRA entered into force on 10 December 2024. Reporting obligations apply from 11 September 2026 and the full regulation applies from 11 December 2027.

Question 3

Which products fall under the CRA?

Accepted Answer

Products with digital elements — any software or hardware product and its remote data processing solutions, including software or hardware components being placed on the market separately — intended for direct or indirect logical or physical data connection to a device or network.

EU Cyber Resilience ActScope Assessment

EU Cyber Resilience Act
Scope Assessment