European Commission updates CRA conformity assessment page clarifying conformity routes for demonstrating compliance with essential requirements (Annex I)

The European Commission updated its official CRA “Conformity assessment” page (last update shown: 12 January 2026). The page provides implementation guidance relevant to demonstrating compliance with CRA Annex I essential cybersecurity requirements by clarifying conformity assessment routes (including when self-assessment may apply versus when involvement of notified bodies is required for important/critical product categories). It also links to the CRA’s annexes on EUR-Lex and references the implementing regulation on technical descriptions of important/critical product categories, which influences which conformity assessment procedures apply—thereby affecting how Annex I baseline requirements are assessed and evidenced in technical documentation.