European Commission updated CRA Implementation fact page with implementation deliverables roadmap affecting how Annex I compliance will be operationalised

The European Commission updated its “Cyber Resilience Act – Implementation” fact page (last update shown as 4 March 2026). The page is an official implementation tracker listing adopted and planned secondary instruments and milestones (implementing/delegated acts, guidance, and standardisation deliverables). Although it does not amend Annex I baseline requirements, it is directly relevant for Annex I compliance planning because it signals when and how the CRA’s essential requirements may be supported by guidance, standards, and presumption-of-conformity mechanisms. Compliance teams should monitor these milestones to align product security engineering, technical documentation, and conformity assessment planning with forthcoming implementation supports.