10 Sep 2025

Feedback on CRA risk assessment guidance

Introduction 

Risk assessment is foundational within the Cyber Resilience Act (CRA), both as a practice and a deliverable. Risk assessment forms the basis of compliant products and informs the technical information supplied to users. Manufacturers need clear guidance, maintaining proportionality and allowing freedom in their risk assessment practices. In this paper, DIGITALEUROPE outlines suggestions for more clarity in the final guidelines. 

Download the full document
For more information, please contact:
Sid Hollman
Policy Manager for Cybersecurity, Digital Infrastructure & Mobility
sid.hollman@digitaleurope.org +32 491 37 28 73
Milda Basiulyte
Senior Executive Director for Digital Policy
milda.basiulyte@digitaleurope.org +32 493 89 20 59
Alberto Di Felice
Policy and Legal Counsel
alberto.difelice@digitaleurope.org +32 471 99 34 25
Back to Cybersecurity
View the complete Position Paper
PDF
Our resources on Cybersecurity
25 Jul 2025 Policy Paper
Towards clear guidance for remote data processing solutions under the CRA
Read more
PDF
24 Jun 2025 Policy Paper
Updating the EU cybersecurity framework: Industry priorities for the Cybersecurity Act revision
Read more
PDF
04 Jun 2025 Publication & Brochure
Executive Brief: Removing regulatory burden for a more competitive and resilient Europe
Read more
View all resources
Hit enter to search or ESC to close
This website uses cookies
We use cookies and similar techonologies to adjust your preferences, analyze traffic and measure the effectiveness of campaigns. You consent to the use of our cookies by continuing to browse this website.
Decline
Accept