Back to news

CRACoWi: Your Digital Assistant for Cyber Resilience Act Compliance

30. Jul 2025

In October 2024, the European Union adopted the Cyber Resilience Act (CRA), introducing mandatory cybersecurity requirements for all digital products sold in the EU. Together with the NIS2 Directive, which strengthens cybersecurity obligations for companies and critical infrastructure, these regulations mark a turning point for building a safer digital ecosystem in Europe.

To support businesses – especially SMEs – in meeting these new obligations, the EU-funded project CRACoWi was launched. Bringing together 14 partners from Greece, Germany, Cyprus, and Slovenia, CRACoWi is developing the Cyber Resilience Act – Compliance Wizard: an innovative digital assistant that helps companies ensure compliance with CRA in a simple and efficient way.

What does CRACoWi deliver?

  • Automated compliance assessments – AI-powered self-checks against CRA requirements.

  • Automated documentation support – generating conformity and technical files for certification.

  • Security by design and by default – embedding robust security throughout the product lifecycle.

  • SME-tailored guidance – practical tools and resources for smaller companies with limited capacities.

Who must comply with the CRA?

The CRA applies to all manufacturers and providers of products with digital elements placed on the EU market, including:

  • Manufacturers of hardware and software (inside and outside the EU if selling into the EU),

  • Importers and distributors responsible for placing these products on the market,

  • Software developers, including open-source if used commercially,

  • Small and medium-sized enterprises (SMEs), with some simplified support measures.

The scope covers a wide range of products: smart devices (IoT, wearables, home tech), software (apps, SaaS, operating systems), connected industrial equipment, and embedded systems in vehicles, energy, and healthcare.

Benefits for companies

With CRACoWi, businesses will be able to:

  • save time and costs on CRA compliance,

  • enhance the security of their products and services,

  • gain customer trust and improve competitiveness in the EU and beyond,

  • avoid risks of heavy fines (up to €15 million or 2.5% of global turnover) and product recalls.

Linking CRA and NIS2

CRACoWi directly supports companies in meeting the CRA obligations while also strengthening readiness for the broader NIS2 requirements. Together, these frameworks create a foundation for companies to achieve true cyber resilience – from product development to daily operations.

In doing so, CRACoWi contributes to the EU’s vision of a secure, trustworthy, and resilient digital economy.

👉 Learn more: www.cracowi.eu

CRA Co Wi visual big
DIGITAL SKILLS AND JOBS PLATFORM LOGO TAGLINE HRES 01 scaled Previous post

“Just getting started”: Slovenia celebrates the end of a national project that reached hundreds of thousands from all over Europe

Artboard 10 copy Next post

DIHS Contributes to International Dialogue on Cyber Resilience at the Euro-Atlantic Resilience Forum 2025

Read also

All news