Logo
StreamLex Home
Logo
StreamLex Home
Laws
Laws
Recitals
Recitals
News
Trackers
Resources
Contact
About Us
News
Recitals
Trackers
Resources
Newsletter
Terms of Use
Privacy Notice
LinkedIn
undefined | StreamLex

CRA FAQ

Frequently Asked Questions on the Cyber Resilience Act

This document outlines a preliminary set of technical FAQs to assist stakeholders with the implementation of the Cyber Resilience Act (Regulation (EU) 2024/2847). It addresses recurring questions about the scope, definitions, interplay with other legislation, classification of products, manufacturer obligations, conformity assessments, and the transition period. The FAQs clarify compliance expectations, especially in relation to risk assessments, vulnerability management, product categories (default, important, critical), and alignment with existing EU laws like the GDPR, Data Act, and Machinery Regulation. It serves as a non-binding, living document prepared by Commission services to guide early compliance efforts.

Metadata

Author: European Commission

Status: Adopted / Published

Adoption date: 2025-12-03

Last updated: 23 Dec 2025

Category: Miscellaneous

Subcategory: Other official document

Relevant laws and articles:

CRA
2
3
5
6
7
8
9
10
11
12
13
15
16
17
18
19
20
21
22
23
24
25
27
34
35
36
38
41
43
44
50
54
55
56
57
58
69
Source URL:https://digital-strategy.ec.europa.eu/en/library/cyber-resilience-act-implementation-frequently-asked-questions

© 2026 StreamLex

NewsletterAbout UsTerms of UsePrivacy NoticeManage Cookies

© 2026 StreamLex