Cenitia launchesLaunching September 2026 — first 250 founders get the launch price locked for life.

Reserve your spot →
Cenitia
How it worksLibraryGlossaryRegulationsToolsAbout
Reserve your spot
How it worksLibraryGlossaryRegulationsToolsAbout
← Tools

Is your product ready for the Cyber Resilience Act?

A free, deterministic self-assessment against the EU Cyber Resilience Act (Regulation (EU) 2024/2847). Answer 31 questions mapped to the Annex I essential requirements and reporting duties, and get a readiness score plus a prioritised list of gaps to close before 11 December 2027.

Before you start

  • • 31 questions across 5 areas — about 5 minutes.
  • • Each question maps to a specific requirement of the Cyber Resilience Act (Regulation (EU) 2024/2847).
  • • Scoring is deterministic and transparent — no AI, no black box. Answer honestly for a useful read.
  • • Nothing is sent anywhere or stored. The assessment runs entirely in your browser.

Orientation only — not a binding compliance assessment, and it creates no advisory relationship or liability.

Why not just ask a chatbot?

  • There is no AI in the score. Every question is a specific CRA Annex I requirement with its exact reference — the result is transparent and auditable, not an opinion.
  • You cannot put “the AI said so” in a Technical File. A self-assessment that maps to the regulation is defensible to a Notified Body; a chatbot answer is not.
  • Mapped to the current text of Regulation (EU) 2024/2847 with the real 11 Sep 2026 and 11 Dec 2027 dates — not a stale training snapshot.
  • Written by Inovasense engineers who ship CE-marked hardware.

It is the same discipline behind the product: Cenitia drafts compliance documents against the retrieved text of each regulation and your own engineering files, cites every claim, scores each section 0–1, and holds anything under 0.95 for human review before you sign — so a regulator never has to take “the AI said so” on trust. See how the engine works.

FAQ

Questions about this checker

  • How is the readiness score calculated?+

    Deterministically — there is no AI in the score. Each question maps to a specific Cyber Resilience Act Annex I requirement or reporting duty, your answers are weighted (yes, partial, or no), and the same answers always produce the same score. You can see exactly why each area scored as it did.

  • Does my data leave my browser?+

    No. The checker runs entirely in your browser — your answers are scored on your own device and are never sent to a server. There is no login and nothing is stored.

  • Is the result a compliance certificate?+

    No. It is a readiness self-assessment that highlights your gaps against the CRA Annex I essential requirements and prioritises what to close. It is not legal advice or a conformity assessment, and it does not replace a Notified Body where one is required.

  • When does the Cyber Resilience Act apply?+

    The Cyber Resilience Act (Regulation (EU) 2024/2847) applies in full from 11 December 2027. The obligation to report actively exploited vulnerabilities and severe incidents applies earlier, from 11 September 2026.

Go deeper: CRA Annex I explained · CRA timeline & reporting · CRA in the glossary

Cenitia

The EU compliance engine for hardware manufacturers. Cited drafts, electronic signing, regulation watching — all in one place.

A product of Inovasense s.r.o., Bratislava, Slovakia · Data hosted in Stockholm, EU

Site

  • How it works
  • Library
  • Glossary
  • Regulations
  • By product type
  • Tools
  • About

Legal

  • Imprint
  • Privacy
  • Terms

© 2026 Inovasense s.r.o. · cenitia.com

EU sovereign · EU data residency by design · Customer data never trains models