The EU Cyber Resilience Act (CRA)
UK | Active
The EU Cyber Resilience Act mandates that manufacturers of digital products, including software, must provide free security updates for at least five years, or for the product's expected lifetime if it's shorter. This applies to products sold within the EU. This means developers are obligated to address and fix vulnerabilities during this period and make those security updates available to users at no cost.
| Category | Industries | Standards | Link |
|---|---|---|---|
| Information Security | Technology | ISO 27001 | View Legislation |
Additional Data
| Employee Threshold | Turnover Threshold |
|---|---|
Need help?
If you have any questions or require support with legal compliance, please contact our team.
Powered by Clemark.Technology
Disclaimer: Errors and omissions excepted, Resilify and Assent are not legal advisors and we do not provide legal advice. However, over many years of implemented ISO Management Systems and undergoing external audit by Accredited Certification Bodies, we have developed a good understanding of how to comply with the legal and contractual clauses of many ISO standards.
To answer specific legal queries we can refer you to a properly qualified and experienced legal counsel.
