Classifying products under the CRA: a practical guide to Annex III
Annexe III CRA Conformité Cybersécurité Marquage CE

Classifying products under the CRA: a practical guide to Annex III

Product classification under the CRA (standard, important Class I or Class II) determines the conformity assessment module, and with it whether a notified body is required. For an SME manufacturer, the difference easily amounts to €15,000–50,000 and six to twelve months of additional timeline. This guide provides a practical reading of Annex III, incorporates the Implementing Regulation (EU) 2025/2392, and addresses the most common application cases for alarm, IoT and network equipment manufacturers.

 1 May 2026  13 min
The Cyber Resilience Act: mapping a new regulatory framework
CRA Conformité Cybersécurité EN 304 632 Marquage CE

The Cyber Resilience Act: mapping a new regulatory framework

Regulation (EU) 2024/2847 introduces a compliance logic that the connected electronics sector had not encountered under previous directives: a cybersecurity obligation running throughout the product lifecycle, not merely at the point of placing on the market. This article maps the regulation's internal structure (scope, classification, conformity assessment modules and the two-speed timeline) for manufacturers beginning their compliance work today.

 1 May 2026  15 min
All ANFR Annexe III Article 14 CRA CVD Conformité Conformité CE Contrôle de marché Cybersécurité DDADUE DGCCRF Directive Machines Directive RED Dossier technique Due diligence EN 18031 EN 304 632 Firmware Gestion des vulnérabilités Marquage CE PSIRT SBOM Surveillance du marché