CRA reporting obligations apply from 11 September 2026. What you need to have in place →
Joglekar.
EU Cyber Resilience Act · Functional Safety · Product Cybersecurity

The CRA is a legal text. Your team needs a plan.

Independent consulting for manufacturers of products with digital elements. I turn regulation and standards into a concrete, prioritized roadmap for your product — and help your engineers execute it.

Automotive & MobilityIndustrial & Connected DevicesAutonomous Systems

Sound familiar?

Most engagements start with one of these four situations.

“A key customer sent us a CRA questionnaire — and the answers are due.”

CRA readiness →

“We're adding connectivity to our product and don't know which regulations now apply.”

Scoping & classification →

“Our assessor flagged gaps in the safety documentation — and the milestone is fixed.”

Functional safety →

“Our safety and security teams produce documents that contradict each other.”

Safety–security integration →

Services

Engagements scoped to what your product actually needs — from a short readiness check to hands-on support through conformity assessment.

Core focus

CRA Readiness & Compliance

The Cyber Resilience Act applies to nearly every hardware and software product sold in the EU. I help you determine exactly what it requires of your product — then close the gaps in the right order: scoping, gap analysis, Article 14 reporting, technical documentation, and team training.

See what's included →

Functional Safety

Safety lifecycle support along IEC 61508, ISO 26262, and SOTIF — safety planning, hazard and risk analysis, safety concepts, and safety cases that stand up to assessment.

Standards & deliverables →

Product Cybersecurity

Cybersecurity engineering along ISO/SAE 21434 and related frameworks — TARA, cybersecurity concepts, and one methodology shared with your safety work.

Standards & deliverables →

How an engagement works

No retainers you don't need, no hundred-page reports nobody reads. Every engagement starts small and earns its next step.

Scoping call

A free conversation about your product and where you stand. You leave with a clear picture of what applies to you — whether or not we work together.

Assessment

A focused gap analysis against the requirements that matter for your product class. The result: a prioritized roadmap your team can execute.

Implementation

Hands-on support where you need it — processes, documentation, reviews, training — until your team runs it without me.

Latest insights

Practical breakdowns of the CRA and its neighbors — written for engineers and product owners, not lawyers.

CRA · Scoping

Does the CRA apply to your product? A 10-minute check

Products with digital elements, risk classes, open source — how to work out quickly whether you're in scope, and what your class means.

Read →
CRA · Article 14

What you must be able to report by 11 September 2026

The reporting obligations arrive before the rest of the regulation — with a 24-hour clock. What a process that can meet it looks like.

Read →
Safety × Security

CRA and functional safety: one documentation set, not two

Teams with a safety process already own most of what the CRA asks for. How to reuse it instead of building a parallel workstream.

Read →

Get in touch

Describe your product and where you stand — even roughly. I typically reply within one business day. Or write directly to jyohan@joglekar.de.