Add explainer to the standards section on the rationale for vertical standards (answers #313) #316
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added an explanation of vertical standards in relation to the CRA. Signed-off-by: Jordan Maris <[email protected]>
Signed-off-by: Jordan Maris <[email protected]>
Signed-off-by: Tobie Langel <[email protected]>
tobie
requested changes
Nov 5, 2025
Contributor
|
Thanks @jmaris! This is super useful and an under documented part of the FAQs. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds an entry to the standards section on the rationale for the vertical standards. It is an answer to issue #313
Proposal for a question for the Q&A: I thought the CRA would be focussed on broad horizontal standards? What are these vertical standards and why are they so strict?
Proposed Answer:
The CRA classified types of digital products based on the risk they pose. For higher risk Class I and II products, to achieve a presumption of conformity through compliance with standards, manufacturers must also comply with the relevant vertical standards, as per Articles 7 and 32 of the Cyber Resilience Act.
A list of Class I and II products can be found in Annex III of the CRA. You can find a list of requested vertical standards the European Commission have requested in Annex I of the CRA Standardisation Request.