Annex VII is the backbone of your CRA compliance file. Point 1 covers the general product description including intended purpose, software versions, and user information per Annex II. Point 2 covers design, development, production, and vulnerability handling processes — including the SBOM and CVD policy. Point 3 is the cybersecurity risk assessment per Art. 13. Point 4 documents the support period rationale. Point 5 covers harmonised standards and certification schemes applied. Point 6 addresses test reports. Point 7 is the EU declaration of conformity. Point 8 is the SBOM available to authorities on request. CRACheck structures all eight into a single technical documentation package. 15–25 minutes. €149.
€149 one-time · 8-document ZIP · 15–25 minutes · Browser-side
Annex VII lists 8 mandatory elements. Art. 31(1) says the documentation shall contain "at least" these elements. A technical file that includes the risk assessment (point 3) and declaration (point 7) but omits the SBOM (points 2b, 8), CVD policy (point 2b), and support period justification (point 4) is incomplete under the regulation.
Art. 31(2) requires the documentation to be "continuously updated, where appropriate, at least during the support period." A technical file frozen at the date of market placement becomes non-compliant as the product evolves, dependencies change, and vulnerabilities are discovered.
Art. 31(4) requires the documentation to be "drawn up in an official language of the Member State in which the notified body is established or in a language acceptable to that body." For Default-category products using Module A (self-assessment), this is less critical, but for Important/Critical products requiring notified body involvement, language compliance matters.
8 PDF documents generated from your data. Each cites the specific article of Regulation (EU) 2024/2847 it complies with.
Determines the conformity assessment route under Art. 32. Default products use Module A (Annex VIII). Important Class I/II and Critical products may require Modules B+C or H.
The core deliverable. Implements all 8 points of Annex VII: product description (1), design/SBOM/CVD/update (2a-c), risk assessment (3), support period (4), standards (5), tests (6), declaration (7), SBOM note (8).
Per Art. 13(2)–(3) and Annex I Part I. Feeds directly into Annex VII point 3.
Per Annex II. Referenced by Annex VII point 1(d).
Per Art. 28 and Annex V. Inserted as Annex VII point 7.
Per Annex I, Part II, point (5). Referenced by Annex VII point 2(b).
Per Art. 14. Documents the manufacturer's reporting process per Annex VII point 2(b). Art. 14(2): early warning within 24h, notification within 72h, final report within 14 days.
Maps the documentation lifecycle: creation before market placement, continuous updates during support period, 10-year retention per Art. 13(13).
See before you buy — Download sample dossier (PDF, fictional company) — Real structure, real articles, real format. Fictional data.
Generated from your data, in your browser. No data leaves your device.
Engaging a CRA compliance firm to build the complete Annex VII technical file: product analysis, risk assessment, standards mapping, SBOM integration, CVD policy drafting, declaration, and test report coordination.
CRACheck generates the complete Annex VII technical documentation structure: all 8 points, with cross-references between the risk assessment and the product description, between the SBOM and the CVD policy, between the support period and the obligations calendar. It produces 8 PDFs as a coherent documentation package per Art. 31.
CRACheck does not perform the conformity assessment under Art. 32. It does not act as a notified body. It does not execute test procedures per Annex VII point 6 — you must run the tests and input the results. It does not certify your product. CRACheck structures the documentation; you provide the substance.
The technical documentation is not the product. It is the regulatory proof that the product was designed, developed, and produced in compliance. CRACheck builds the proof structure.
Art. 64(2).
Art. 64(3).
Art. 64(4).
| Criterion | No documentation | CRA consultant | RE-adapted CE file | CRACheck |
|---|---|---|---|---|
| All 8 Annex VII points | Missing | Yes | Partial — cybersecurity gaps | Yes — structured |
| Cross-referencing between documents | None | Manual | None | Automatic |
| Time to deliverable | — | 8–16 weeks | 4–6 weeks | 15–25 minutes |
| Cost | €0 (+ market ban risk) | €15K–€30K | €5K–€12K | €149 one-time |
Each product with digital elements requires its own Annex VII technical file per Art. 31. A product family with 20 SKUs means 20 technical files. Volume pricing: €99/product (10-pack) or €79/product (30-pack).
Request volume pricingCRACheck generates a structured document according to Article 31 and Annex VII of Regulation (EU) 2024/2847 based on the information you provide. The accuracy, completeness, and truthfulness of your product data, test results, and risk assessment inputs is your responsibility as manufacturer.
We guarantee that the document structure follows Article 31 and Annex VII of Regulation (EU) 2024/2847 and that all legal references cited are correct. We do not guarantee that a specific technical file will be accepted by a notified body or market surveillance authority in a specific case.
CRACheck is not legal advice. For specific situations involving notified body selection, harmonised standard applicability, or market surveillance proceedings, consult with a qualified regulatory professional.