obligationsLevel 1

Manufacturer Obligations

Under the Cyber Resilience Act manufacturers of digital products placed on the EU market must embed security by design, carry out risk assessments, supply timely patches and updates, keep detailed technical documentation, and promptly disclose any vulnerabilities. They also must follow conformity-assessment procedures and cooperate with supervisory authorities.

GET/api/v1/systems/reg_eu_cra/nodes/obligations

Manual TranscriptionPublic Domain (EUR-Lex)Source

Hierarchy Explorer

Hierarchy ExplorerChevron to expand - click title to open

reporting_vulnActively Exploited Vulnerability Reporting - 24h (Art 14)

risk_assessCybersecurity Risk Assessment (Art 13)

sbomSoftware Bill of Materials (SBOM) (Art 13(11))

security_updatesSecurity Updates for Product Lifetime (Art 13(8))

Cross-system equivalences0

No cross-system equivalences mapped for this node.

Report a data issue