Skip to main content

Where the CRA risk-assessment workflow lives

The full CRA risk-assessment and technical-documentation workflow is built into CVD Portal under Compliance → Products (https://cvdportal.com/products). It covers the documented cybersecurity risk assessment (CRA Article 13), STRIDE threat modelling, product classification and the Article 32 conformity route, the Annex I checklist, the EU Declaration of Conformity draft, the Annex VII technical-documentation index, CE marking guidance, the Annex II user-information sheet and assessment snapshots. It requires the Compliance plan or higher.

The standalone PortaRegulus CRA Compliance Tool (https://app.cra.portaregulus.com) previously provided this workflow as a companion product. Its capabilities have been merged into CVD Portal, so new compliance work should happen in the Products workspace here.