CRA Compendium

CRA Knowledge Base

Everything about the Cyber Resilience Act in one place

The comprehensive reference for manufacturers, importers, and distributors. Quickly find answers on all CRA topics - from scope and obligations to deadlines.

71

Articles

130

Recitals

VIII

Annexes

50+

FAQ Entries

22

Blog Guides

CRA Legal Text

CRA Legal Text

71

All 71 articles across 8 chapters - the complete regulation text with cross-references to recitals and annexes.

Browse

Recitals

130

130 recitals providing context and interpretive guidance for practical application of the regulation.

Browse

Annexes

8

8 annexes including essential cybersecurity requirements, declaration of conformity, and assessment procedures.

Browse

CRA Compared

How does the CRA differ from other regulations and standards? 9 detailed comparisons with gap analysis.

VSCRA vs. NIS 2VSCRA vs. ISO 27001VSCRA & CE MarkingVSCRA vs. REDVSCRA vs. Machinery RegulationVSCRA vs. IEC 62443VSCRA vs. DORAVSCRA vs. ETSI EN 303 645

Guides & Resources

Frequently Asked Questions

Practical answers to the most important questions - from scope and open source to reporting obligations.

View FAQ

CRA Guide

Comprehensive guide covering timeline, obligations, conformity assessment, and practical recommendations.

Open

CRA & Switzerland

Specific information for Swiss manufacturers: EU market access, Motion 24.3810, and dual compliance strategy.

Open

CRA Relief for SMEs

What relief measures the CRA provides for micro, small, and medium-sized enterprises — and where the limits are.

Open

Blog & Guides

22 expert articles on CRA compliance, SBOM, vulnerability management, conformity assessment, and industry requirements.

View Blog

CRA Maturity Assessment

Free readiness check: Where does your company stand on CRA compliance? Get results in 15-20 minutes.

Start

Key Deadlines

1

10 December 2024

CRA enters into force

2

11 September 2026

Reporting obligations begin (Art. 14)

3

11 December 2027

Full enforcement - non-compliant products lose EU market access

Editorial Standards

This knowledge base is editorially managed by Maximilian Heck, Lead Consulting at Think Ahead Technologies GmbH. As a CRA expert with direct consulting experience with manufacturers of connected products in the EU, he is responsible for the accuracy of all content.

Legal texts (articles, recitals, annexes) are reproduced directly from Regulation (EU) 2024/2847 as published in the Official Journal of the European Union. FAQ answers include precise source references to specific CRA articles and recitals.

Content is updated when regulatory changes or new ENISA guidance are published. Last review: March 2026. Corrections or additions can be reported to kunnus@think-ahead.tech.