Guidance UpdateLiveGuidance UpdateNews

European Commission CRA summary page updated, reiterating staged application dates and the role of Annex I essential requirements in compliance evidence

EU Cyber Resilience Act (CRA) - Annex I Baseline RequirementsEuropean Commission (DG CONNECT)EU

Announced

Dec 3, 2025

Description

The European Commission updated its CRA summary page (last update shown: 3 December 2025). The page reiterates CRA staged application dates and explains how manufacturers must evidence compliance with the Annex I essential cybersecurity requirements (baseline requirements) through risk assessment, technical documentation, and conformity assessment. This Commission-maintained summary supports compliance interpretation and program planning but does not change the legal text of Annex I.

Sources

OfficialThe Cyber Resilience Act - Summary of the legislative text

European Commission CRA summary page updated, reiterating staged application dates and the role of Annex I essential requirements in compliance evidence

Description

Sources

Get compliance alerts for EU Cyber Resilience Act (CRA) - Annex I Baseline Requirements