Public CommentProposedPublic CommentGuidance UpdateProposed Regulation

European Commission publishes draft CRA guidance for feedback (consultation open until 31 March 2026)

EU Cyber Resilience Act (CRA) — Annex III (Important products with digital elements)European CommissionEU

Announced

Mar 3, 2026

Description

The European Commission published draft guidance to assist companies in applying the Cyber Resilience Act and opened it for feedback. The draft guidance addresses CRA scope and implementation topics that can materially affect Annex III ‘important products’ compliance planning, including treatment of remote data processing solutions, free and open-source software, ‘support periods’, and the interplay between the CRA and other EU legislation. The Commission’s feedback window is open until 31 March 2026.

Sources

OfficialCommission publishes for feedback draft guidance to assist companies in applying the Cyber Resilience Act | Shaping Europe’s digital future
OfficialDraft Commission guidance on the Cyber Resilience Act

European Commission publishes draft CRA guidance for feedback (consultation open until 31 March 2026)

Description

Sources

Get compliance alerts for EU Cyber Resilience Act (CRA) — Annex III (Important products with digital elements)