Insights & Articles

After the scope check, CRA classification begins. Using DrakeUp as a practical example, this article shows how manufacturers identify their product's core functionality, determine the relevant CRA category and assess the likely conformity assessment path.

In this article, I begin my series on the practical application of the Cyber Resilience Act to my own software product. Using my PowerPoint plugin DrakeUp as an example, I reflect on whether and why an Office web add-in might fall under the CRA, the role of web services and remote data processing, and why I want to understand CRA readiness as a quality feature from the start.