Data & Privacy
- Data Act
- Data Governance Act
- ePrivacy Directive
- GDPR
AI & Trust
- Artificial Intelligence Act
- Product Liability Directive
Cybersecurity
- Cyber Resilience Act
- Cybersecurity Act
- DORA
- NIS2
Digital Services & Media
- Digital Markets Act
- Digital Services Act
- European Media Freedom Act
Cyber Resilience Act
- Recitals
CHAPTER I
GENERAL PROVISIONSArticles 1 — 12
CHAPTER II
OBLIGATIONS OF ECONOMIC OPERATORS AND PROVISIONS IN RELATION TO FREE AND OPEN-SOURCE SOFTWAREArticles 13 — 26
CHAPTER III
CONFORMITY OF THE PRODUCT WITH DIGITAL ELEMENTSArticles 27 — 34
CHAPTER IV
NOTIFICATION OF CONFORMITY ASSESSMENT BODIESArticles 35 — 51
CHAPTER V
MARKET SURVEILLANCE AND ENFORCEMENTArticles 52 — 60
CHAPTER VI
DELEGATED POWERS AND COMMITTEE PROCEDUREArticles 61 — 62
CHAPTER VII
CONFIDENTIALITY AND PENALTIESArticles 63 — 65
CHAPTER VIII
TRANSITIONAL AND FINAL PROVISIONSArticles 66 — 71
ANNEXES
Understanding the Cyber Resilience Act
Regulation (EU) 2024/2847 of the European Parliament and of the Council of 23 October 2024 on horizontal cybersecurity requirements for products with digital elements and amending Regulations (EU) No 168/2013 and (EU) No 2019/1020 and Directive (EU) 2020/1828 (Cyber Resilience Act)
23 October 2024
11 December 2027. Application timelines for some Articles differ (Article 71)
Market surveillance authorities
To ensure a high level of cybersecurity of products with digital elements and their integrated remote data processing solutions.
Manufacturers of products with digital elements
Importers of products with digital elements
Distributors of products with digital elements
- Ensuring that a product with digital elements placed on the market is designed, developed and produced in accordance with the essential cybersecurity requirements (Annex I)
- Exercising due diligence when integrating components sourced from third parties so that those components do not compromise the cybersecurity of the product with digital elements (Article 13)
CRAon StreamLex, what can I find?
Guidance (guidelines, recommendations, etc.) and templates issued by ENISA and European Commission relevant to the Cyber Resilience Act
Legislation (decisions, implementing decisions, implementing regulation, etc.) adopted by the European Commission relevant to the Cyber Resilience Act
Relevant registers maintained by the ENISA and the European Commission relevant to the Cyber Resilience Act
ENISA and European Commission consultations, press releases, internal documents, annual reports, leaflets and similar information materials and ad hoc statements that do not constitute guidance
Draft versions of ENISA and European Commission guidance or templates (e.g., issued for the purposes of public consultation) and invalidated guidance and templates (e.g., documents superseded by other guidance)
Documents issued by the national authorities relevant to the Cyber Resilience Act
EU and national court judgments