Reg (EU) 2024/2847Generate dossier — €149
LIVE — Enforcement tracker · Deadline dashboard · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL & 12 official sourcesView regulatory intelligence →

Your software company in Hyderabad or Chennai manages 10 or 15 European client projects simultaneously. Three of them added CRA clauses to their contracts this quarter. By next quarter, it will be seven. You need a repeatable process — not one-off responses. CRACheck standardises Annex VII documentation across your entire EU portfolio. 15 minutes per product. €149 each.

Software companies in Hyderabad and Chennai have built their businesses on European client relationships. The delivery model is mature: dedicated teams, sprint ceremonies, quarterly business reviews. Now the quarterly reviews include a new topic: Regulation (EU) 2024/2847 compliance. The first client asks politely. The second client includes it in the SOW. The third client makes it a gate criterion for the next phase. Responding project-by-project is expensive and inconsistent. CRACheck provides a repeatable process: each project manager runs the 15–25 minute questionnaire per product, downloads the 8-PDF ZIP, and delivers it with the sprint artefacts. €149 per product. 100% browser-side. Standardised format across all EU projects.

Generate Annex VII dossier — €149Free: check if your product is in scope

€149 one-time · 8-document ZIP · 15–25 minutes · Browser-side

Regulation (EU) 2024/2847 · Art. 31 + Annex VII · 8 documents · 100% browser-side — your data never leaves your device

Key numbers

10+ projects
If 3 EU clients added CRA clauses this quarter, the rest will follow. Standardise now.
15–25 min
Per product per project. Any project manager can run it.
€149
Per product. Add to each project's compliance line item.

How it works

1
Audit your EU project portfolio
Identify all active projects delivering software to EU clients. Flag those with existing CRA contract clauses. Prioritise by contract renewal date.
2
Create an internal CRA process
Designate one person per project to own the CRACheck run. Typically the tech lead or project manager with architecture knowledge.
3
Run CRACheck for each product
15–25 minutes. Standardised questionnaire ensures consistent quality across projects.
4
Download and archive
Store each project's 8-PDF ZIP in your delivery management system. Tag with client name, product, and generation date.
5
Deliver with sprint artefacts
Include the Annex VII dossier in the standard delivery checklist for all EU projects.
6
Review quarterly
At each QBR, confirm that the Annex VII dossier is current. Regenerate if the product architecture changed significantly.

Three mistakes to avoid

COMMON MISTAKE

"We will create a compliance department when more clients ask"

Creating a compliance department takes 6–12 months and costs ₹50–80 lakh annually. CRACheck replaces the need for a dedicated CRA compliance function. Each project manager generates the documentation independently. No hiring. No training. No department.

COMMON MISTAKE

"One CRA response template can cover all our EU projects"

Each product with digital elements requires its own Annex VII documentation under Article 31 of Regulation (EU) 2024/2847. A generic template is not a product-specific dossier. CRACheck generates product-specific documentation from engineering inputs — different products, different answers, different dossiers.

COMMON MISTAKE

"Our EU clients are asking too early — enforcement is in 2027"

Article 71(2) of Regulation (EU) 2024/2847 sets full enforcement at 11 December 2027. But Article 14 (vulnerability reporting) applies from 11 September 2026. And Annex VII §2 requires documentation of the design and development process — not just the final product. Clients who are preparing documentation now are following the regulation's logic: document as you build, not retroactively.

What the ZIP contains

8 PDF documents generated from your data. Each cites the specific article of Regulation (EU) 2024/2847 it complies with.

1

Product Classifier

Per-project product classification.

2

Technical Documentation

Annex VII per product. Each project gets its own.

3

Risk Assessment

Art. 13(2) per product. Different architectures, different threat models.

4

User Information

Annex II per product.

5

Declaration of Conformity

Art. 28 + Annex V per product.

6

CVD Policy

Annex I Part II §5. Can be company-wide if vulnerability handling is centralised.

7

Notification Template

Art. 14 ENISA notification. Art. 14(2): early warning within 24h, notification within 72h, final report within 14 days.

8

Obligations Calendar

Key dates.

Mira antes de comprar — Descargar dossier de muestra (PDF, empresa ficticia) — Estructura real, artículos reales, formato real. Datos ficticios.

Generated from your data, in your browser. No data leaves your device.

What you pay

🧾 COMPLIANCE DEPARTMENT (ANNUAL COST)
₹50–80 lakh/year
Hiring, training, tools, ongoing overhead.
✓ CRACHECK
€149
15 dossiers = €2,235. 15 hours total. No hiring. No department.

Two layers of responsibility

● WHAT CRACHECK DOES

Documentation generation

Standardises Annex VII documentation across all your EU projects. Each project manager runs CRACheck independently. 15–25 minutes per product. €149 each.

∅ WHAT CRACHECK DOES NOT DO

What falls outside CRACheck

Does not centralise your vulnerability handling (you need internal processes for that). Does not perform conformity assessment for your clients (Art. 32). Does not replace project-level security reviews.

We standardise the documentation. You manage the projects.

Enforcement regime

Article 64 of Regulation (EU) 2024/2847.

🇪🇺
Non-compliance with Annex I + Art. 13, 14
€15M / 2.5%

Art. 64(2). Applied to the manufacturer — your clients. Contractual liability affects you across multiple projects simultaneously.

🇪🇺
Missing documentation (Art. 31)
€10M / 2%

Art. 64(3).

🇪🇺
Incorrect information
€5M / 1%

Art. 64(4).

Alternatives

AlternativeCostWhat you get
Compliance department₹50-80 lakh/yearDedicated team. 6–12 months to set up. Ongoing overhead.
Consultant per project€5,000–€10,000 × NDocumentation per project. Months. Does not scale.
Ad-hoc responses per PMFree + inconsistencyDifferent formats per project. Clients notice.
CRACheck × N products€149 × NStandardised format. 15 min/product. Scales to any portfolio size.

Your company runs 10, 20 or 50 EU projects?

Each product needs its own Annex VII dossier. At scale, the per-licence cost is the smallest line item in your project budget. Contact us for company-wide volume pricing.

Request Volume Pricing
One-business-day response

What CRACheck guarantees and what it does not

CRACheck generates a structured document under Article 31 and Annex VII of Regulation (EU) 2024/2847 from the information you provide. The accuracy of the information is your responsibility for each project.

We guarantee the document structure follows Annex VII and the legal references are correct. We do not guarantee acceptance by any specific client or market surveillance authority.

CRACheck is not legal advice. For company-wide CRA strategy, consult a regulatory consultancy.

Frequently asked questions

Can CRACheck scale to 20+ EU projects simultaneously?
Yes. Each project manager runs CRACheck independently for their product. There is no central bottleneck. The questionnaire takes 15–25 minutes. The output format is identical across all projects, ensuring consistency for your EU clients.
Should we run CRACheck at the start of each project or at delivery?
At the start, with updates at delivery. Annex VII §2 of Regulation (EU) 2024/2847 requires documentation of the design and development process. Starting at the beginning captures architecture decisions in real time. Update the dossier at delivery to reflect any changes. CRACheck allows 10 regenerations per licence.
Can we use a single CVD policy across all projects?
If your company has a centralised vulnerability handling process, one CVD policy can apply across all projects. CRACheck generates the policy per product, but the vulnerability disclosure contact and response timelines can be consistent company-wide.
Our Hyderabad and Chennai offices work on different projects. Does location matter?
Location does not affect CRA obligations. The regulation applies to the product, not the development location. Whether the code is written in Hyderabad, Chennai, or both, the Annex VII documentation is per product.
Is it a subscription?
No. One-time payment per product. 30 days editing, 10 regenerations.
Can I request a refund?
Art. 16(m) Directive (EU) 2011/83. Activation = express consent. Refunds only for reproducible technical failures.
What if the regulation changes?
Regenerate at no additional cost during your licence period.

Official legal sources

⚠️ Important notice: CRACheck is a self-assessment documentation tool, not legal advice and not a third-party audit. The document under Article 31 and Annex VII of Regulation (EU) 2024/2847 is generated from your input data. You are responsible for the accuracy of the data you provide. CRACheck does not replace a qualified professional assessment.

Standardise CRA documentation across your EU project portfolio. 15 minutes per product. Start now.

Eight documents. Annex VII fully structured. Regulation (EU) 2024/2847. Your data stays on your device. The ZIP you download is yours forever.

€149 one-time
8 documents · Consistent format · Scales to any portfolio · 100% browser-side
Generate Annex VII dossier — €149

Related landings

📱 Mobile apps

CRA compliance mobile app agency Bangalore Pune — EU
📋 RFP

CRA clause in European RFP — Indian IT services
🏗️ Outsourcing

CRA requirements outsourcing agency India — EU project
✓ Last regulatory check: 28 April 2026 · No substantive changes detected · View history