Because the EU Cyber Resilience Act (CRA) regulates the security of all connectable software and hardware products, it impacts a wide range of economic operators within the European market, including manufacturers, software developers, distributors, importers and resellers that are involved in the supply of new or updated digital products. Under the CRA, manufacturers will be required to certify the cybersecurity of their products before they can be sold within the EU market.
Explore the CRA, its impact on European cybersecurity and the strategies manufacturers can adopt to ensure compliance by reading the full article here.
Prepare for the CRA with Brightsight
Do you need assurance that you product is resilient to cyber threats? Or do you want to become a key differentiator in the marketplace? Certification will certainly give you a competitive advantage. So, start your product certification journey with Brightsight today (contact brs.sales@sgs.com).
Our CRA services include:
General CRA framework workshop (2 hours)
Gain a foundational understanding of the European Union’s Cyber Resilience Act (CRA) through our comprehensive introductory workshop.
This session provides a clear overview of the regulation’s timelines, scope and key content. Participants will gain insights into the essential requirements and the strategic implications for their organization.
Product-specific CRA workshop with regulatory focus (4-6 hours)
Building upon the general CRA framework, this in-depth workshop delves into the specific implications of the CRA for your organization’s product(s).
Gain a full understanding of the CRA requirements that are already covered by the product-related standards and the CRA requirements that require further product-specific assessment.
This session includes the core content of the general workshop, augmented by 2-4 hours dedicated to:
Product-specific CRA gap assessment
Utilize our expertise to thoroughly assess your product(s) gaps against the CRA requirements.
This service contains a review of your existing documentation and processes against the CRA requirements in order to identify any discrepancies or gaps. It also includes a risk analysis review.
As output, our gap assessment offers actionable insights for remediation, helping you determine which CRA requirements your product conforms to and which ones it fails, and so needs improvement.
CRA support
Following the gap assessment, we can provide additional guidance to help you close the identified gaps and achieve CRA compliance.
CRA-ready certification
Upon a successful completion of the product-specific GAP assessment and after a closure of identified gaps, we offer a “CRA-ready” certificate.
This certification reflects the current status of your product’s alignment with the CRA essential requirements.
The findings from our gap assessment may also be leveraged during future conformity assessments with Notified Conformity Assessment Bodies (CABs), streamlining your product’s certification process.
What is next?
As of 11 December 2027, the CRA will become a mandatory certification. Don't wait, get ready now! Let's piece together the puzzle to achieve your product's CRA compliance — check out our latest brochure about the Cyber Resilience Act.
Enjoyed this article?
Stay up-to-date with our news, updates and latest developments by following us on LinkedIn.
