Publication date:July 13, 2026
The SME Cyber Resilience Maturity Assessment Model provides a structured approach for micro, small and medium-sized enterprises (SMEs) to evaluate and strengthen their overall cyber resilience, while taking into account the requirements of the Cyber Resilience Act (CRA).
The model is primarily intended for organisations that manufacture and place products with digital elements on the market, as these are directly subject to CRA requirements. However, it can also be used by other organisations involved in the product life cycle, such as integrators or service providers, to assess and improve their product security practices.
Additional materials