103 Expert

Cyber Resilience Act — Expert · Product security owner and supply-chain governance

For product security owners and technical leads. Implementation in the management system, vulnerability programs, supply-chain responsibility and links to NIS2 and the AI Act. Requires Cyber Resilience Act — Pro.

The top level in the CRA track. We go deep on how to anchor CRA requirements in a management system: product register, continuous vulnerability handling, coordinated reporting, supply-chain responsibility and audit trail — and how the CRA interacts with NIS2 and the AI Act.

Content

Implementation and governance

Build a CRA programme: roles, risk assessment, product classification and integration with existing governance.

Build a CRA programme
10 min
Risk assessment and product classification in practice
10 min
Integration with ISO 27001 and secure development
10 min
Quiz: Implementering i styringssystem
5 min

Vulnerability and incident handling in operation

Operational handling: PSIRT, triage, the reporting machinery (24h/72h/14d) and supplier management.

PSIRT: operational vulnerability handling
10 min
The reporting machinery (24h/72h/14d)
10 min
SBOM programme and supplier management
10 min
Quiz: Avvik, tilsyn og endringer
5 min

Conformity, audit and improvement

Technical documentation, conformity assessment, market surveillance, evidence and continuous improvement.

Technical documentation and conformity assessment in depth
10 min
Market surveillance and evidence
10 min
Maturity and continuous improvement
10 min
Quiz: Agentoppdatering og revisjonsspor
5 min

Duration: 1 h 15 min
Difficulty
Modules: 3
Lessons: 12
Certificate: Gold

Have an account? Log in