Cyber Resilience Act Workshop

CRA Initial Assessment Workshop: After four hours, you will know what needs to be done.

An individual workshop for your company. We discuss your products, clarify your obligations and show you the next steps. This turns the CRA from a mandatory compliance topic into a competitive advantage in the market.

500+

companies advised

16+

years of experience in IT security and data protection

4 hours

to your initial CRA assessment

ISiCO impresses us in particular with its interdisciplinary approach: legally sound, technically well thought out and always with a business-oriented understanding of our challenges.

Why now?

Implementation deadlines are approaching.

The Cyber Resilience Act must be fully implemented by 11 December 2027. Reporting obligations will already apply from 11 September 2026. Without CRA conformity, your product will not receive CE marking. Without CE marking, there is no access to the EU market. That is why it is important to clarify scope, roles and obligations now.

Product

Products with digital elements

From smart light bulbs and baby monitors to connected industrial machinery: as soon as your product exchanges data with a device or network, it falls within the scope of the CRA. This applies to both hardware and software.

Role

Your role in the supply chain

Manufacturer, importer or distributor. Anyone who markets a product under their own name is also considered a manufacturer. Each role comes with its own obligations.

Obligations

What the CRA requires from you

Security from the outset, a list of your components in the form of an SBOM, an operational approach to vulnerability management and free updates throughout the entire support period. The CRA accompanies your product from design through to the end of support.

Your outcome

What you will take away after four hours

Clarity on scope

You will know to what extent the CRA applies to your relevant products and which role you have in the supply chain.

An honest view of the gaps

You will see, product by product, where you currently stand and where the largest gaps lie. This provides initial orientation for getting started. Greater depth follows later, when you need it.

A prioritised plan

You leave the workshop with prioritised areas for action and a 30/60/90-day roadmap. You know what matters first.

A sales argument

CRA conformity will become a prerequisite for contracts with customers and OEMs. Those who deliver early win tenders.

The offer

Der CRA Initial Assessment Workshop

An initial assessment for your product

What we review together

  • Product scope and your role under the CRA
  • Secure by Design and Secure SDLC
  • SBOM readiness and vulnerability management
  • Update and support processes
  • Initial review of your technical documentation as preparation for the product file

What you take away

  • CRA relevance assessment for your product
  • Prioritised areas for action
  • 30/60/90-day roadmap

The workshop provides an initial assessment and orientation for getting started. It does not replace a final product classification or a full conformity assessment.

Workshop

Duration 4 hours
Location Online, or on site upon request plus travel expenses
Number of participants No limit
Format Individually tailored to your company

We recommend involving management as well. CRA conformity is a matter of budget and prioritisation. Travel expenses apply if the workshop is held on site.

3.900 €

plus VAT

Submit a non-binding enquiry

How it works

Five steps to your initial assessment

Enquiry

You submit your enquiry via the form. Non-binding.

Initial consultation

We clarify your concerns and the framework.

Workshop

Four hours with your team, remotely or on site.

Outcome

Gap overview, prioritised areas for action and your 30/60/90-day roadmap.

Next step

Implementation of the measures together, if desired.

Dr Jan Scharfenberg – Managing Director & Partner

„The CRA sounds like an obligation. For me, it is an opportunity to finally make product security visible. In four hours, you will see which requirements apply to your product, where you currently stand and which steps matter first. You leave the meeting with clarity, a reliable plan and an argument that resonates with your customers.“

Client testimonials

What our clients rely on

„Working with ISiCO on our challenging project to implement an ISMS and achieve ISO certification was extremely positive. Thanks to the proactive, collaborative and solution-oriented support, we were able to complete the project in record time. ISiCO’s extensive professional expertise and experience was a key success factor."

Elisa Fahrenholz

Operations Project Manager (Legal/Compliance)

„ISiCO impresses us in particular with its interdisciplinary approach: legally sound, technically well thought out and always with a business-oriented understanding of our challenges."

Burç Kendir

CFO

The perfect start for CRA implementation

Our Initial Assessment Workshop is the best way to start implementing your CRA obligations. In a non-binding initial consultation, we will clarify together how your workshop should be structured.

Submit a non-binding enquiry