EU Cyber Resilience Act Legal Text - Quick Access
Jump to a specific part of this legal text quickly.
Back to full legal text- Chapter 1 (Art. 1 - 12) — General Provisions
- Article 1: Subject matter
- Article 2: Scope
- Article 3: Definitions
- Article 4: Free movement
- Article 5: Procurement or use of products with digital elements
- Article 6: Requirements for products with digital elements
- Article 7: Important products with digital elements
- Article 8: Critical products with digital elements
- Article 9: Stakeholder consultation
- Article 10: Enhancing skills in a cyber resilient digital environment
- Article 11: General product safety
- Article 12: High-risk AI systems
- Chapter 2 (Art. 13 - 26) — Obligations of economic operators and Provisions in relation to free and open-source software
- Article 13: Obligations of manufacturers
- Article 14: Reporting obligations of manufacturers
- Article 15: Voluntary reporting
- Article 16: Establishment of a single reporting platform
- Article 17: Other provisions related to reporting
- Article 18: Authorised representatives
- Article 19: Obligations of importers
- Article 20: Obligations of distributors
- Article 21: Cases in which obligations of manufacturers apply to importers and distributors
- Article 22: Other cases in which obligations of manufacturers apply
- Article 23: Identification of economic operators
- Article 24: Obligations of open-source software stewards
- Article 25: Security attestation of free and open-source software
- Article 26: Guidance
- Chapter 3 (Art. 27 - 34) — Conformity of the product with digital elements
- Article 27: Presumption of conformity
- Article 28: EU declaration of conformity
- Article 29: General principles of the CE marking
- Article 30: Rules and conditions for affixing the CE marking
- Article 31: Technical documentation
- Article 32: Conformity assessment procedures for products with digital elements
- Article 33: Support measures for microenterprises and small and medium-sized enterprises, including start-ups
- Article 34: Mutual recognition agreements
- Chapter 4 (Art. 35 - 51) — Notification of conformity assessment bodies
- Article 35: Notification
- Article 36: Notifying authorities
- Article 37: Requirements relating to notifying authorities
- Article 38: Information obligation on notifying authorities
- Article 39: Requirements relating to notified bodies
- Article 40: Presumption of conformity of notified bodies
- Article 41: Subsidiaries of and subcontracting by notified bodies
- Article 42: Application for notification
- Article 43: Notification procedure
- Article 44: Identification numbers and lists of notified bodies
- Article 45: Changes to notifications
- Article 46: Challenge of the competence of notified bodies
- Article 47: Operational obligations of notified bodies
- Article 48: Appeal against decisions of notified bodies
- Article 49: Information obligation on notified bodies
- Article 50: Exchange of experience
- Article 51: Coordination of notified bodies
- Chapter 5 (Art. 52 - 60) — Market surveillance and Enforcement
- Article 52: Market surveillance and control of products with digital elements in the Union market
- Article 53: Access to data and documentation
- Article 54: Procedure at national level concerning products with digital elements presenting a significant cybersecurity risk
- Article 55: Union safeguard procedure
- Article 56: Procedure at Union level concerning products with digital elements presenting a significant cybersecurity risk
- Article 57: Compliant products with digital elements which present a significant cybersecurity risk
- Article 58: Formal non-compliance
- Article 59: Joint activities of market surveillance authorities
- Article 60: Sweeps
- Chapter 6 (Art. 61 - 62) — Delegated powers and Committee procedure
- Article 61: Exercise of the delegation
- Article 62: Committee procedure
- Chapter 7 (Art. 63 - 65) — Confidentiality and Penalties
- Article 63: Confidentiality
- Article 64: Penalties
- Article 65: Representative actions
- Chapter 8 (Art. 66 - 71) — Transitional and Final Provisions
- Article 66: Amendment to Regulation (EU) 2019/1020
- Article 67: Amendment to Directive (EU) 2020/1828
- Article 68: Amendment to Regulation (EU) No 168/2013
- Article 69: Transitional provisions
- Article 70: Evaluation and review
- Article 71: Entry into force and application
- ANNEXES
- Article ANNEX I : ESSENTIAL CYBERSECURITY REQUIREMENTS
- Article ANNEX II : INFORMATION AND INSTRUCTIONS TO THE USER
- Article ANNEX III : IMPORTANT PRODUCTS WITH DIGITAL ELEMENTS
- Article ANNEX IV : CRITICAL PRODUCTS WITH DIGITAL ELEMENTS
- Article ANNEX V : EU DECLARATION OF CONFORMITY
- Article ANNEX VI : SIMPLIFIED EU DECLARATION OF CONFORMITY
- Article ANNEX VII : CONTENT OF THE TECHNICAL DOCUMENTATION
- Article ANNEX VIII : CONFORMITY ASSESSMENT PROCEDURES