Overview Next training
Duration
2 days
Time
from 09h00 - 17h00
Next training date
18 november until 19 november 2026
Next training location
Park Inn By Radisson, Diegem
Our teachers for the training: CRA Lead Implementer
About this training
The CRA deadlines are ticking. Those who act now stay ahead.
The Cyber Resilience Act imposes obligations on every company that places products with digital elements on the EU market. This two-day training turns that uncertainty into a concrete plan — not yet another explanation of the law, but its actual implementation: scope, classification, SBOM, reporting obligations and documentation, for your own products.
Delivered by a cyber lawyer and a product security expert, together. With exam and certificate. You leave with a defensible action plan you can put to use right away.
Two days
legal + technical
exam + certificate
max. 20 participants
legal + technical
exam + certificate
max. 20 participants
Information session
September 8, 17h00 (CEST) | Online information session
Get to know the instructors, discover the training’s approach, and gain a clear picture of what you’ll concretely take back to your practice. Ask your questions directly and find out whether the CRA Lead Implementer training fits your role and ambitions.
Why take this training
What you’ll get out of it:
Decide with confidence. Know which products fall within scope, which class they’re in, and what you need to do.
Be ready for the reporting obligation. A process that’s in place before the deadline — no panic at the first incident.
Speak one language. Legal and technical, so that legal, engineering and management finally understand each other.
Prove it. Documentation that withstands an inspection by the CCB or the FPS Economy.
Turn it into an edge. Answer customer questionnaires with confidence, or build out a CRA service line as an advisor.
Target audience
This is for you if you have to put the CRA into practice.
- You lead the CRA effort internally as CISO, product security, compliance, legal, quality or product management at a manufacturer, importer or distributor.
- Or you advise clients as a consultant or lawyer looking to build out a CRA service line.
No prior knowledge required. Feel free to bring along a colleague from another discipline: the legal + technical tandem is precisely what makes it work.
Learning objectives
After these two days, you’ll be able to:
determine whether and how the CRA applies to your products;
classify your products and choose the right conformity route;
translate Annex I into a concrete to-do list (secure design, secure updates, SBOM);
set up a vulnerability reporting process that meets the deadlines;
build the required technical documentation and EU declaration of conformity;
present a defensible roadmap to your management.
Teaching approach
- Two experts, live. A lawyer and a practitioner — legal question, technical answer, and vice versa.
- Practice-oriented. Work on real products and bring your own product list: you’ll classify it on day one.
- Small group. Maximum 20 participants, with room for your situation.
- Complete package. Preparatory material in advance, a printed syllabus, and digital tools and templates.
End result
A certificate that means something. You sit an exam and, upon passing, receive the “CRA Lead Implementer” certificate — a guarantee of knowledge, not an attendance certificate, that you can show in quotes and tenders.
And it stays current. You get access to annual update sessions, so your certificate grows along with new standards and regulations.
How to prepare
No prior knowledge required. Want a head start anyway? Read through the text of the CRA (Regulation (EU) 2024/2847) and the European Commission’s FAQ beforehand. Before the start, we’ll send you targeted preparatory material and a short intake quiz.
The instructors
Maxim Baele
Product security expert (Toreon), chapter leader OWASP Belgium. Ten years of experience in secure-by-design; helps companies get CRA-ready on a daily basis.
Pedro Demolder
IP/IT and data protection lawyer (Timelex), guest professor of cybersecurity at the Brussels School of Competition. Translates European cyber regulation into everyday practice.
Price
€1.495
VAT exclusive
Price for public sector organisations: €1,195
The price covers a total of 2 days and includes lunch, coffee, refreshments and course materials for each session.
SME Portfolio – higher subsidy for the CYBERSECURITY theme: 45% for small enterprises and 35% for medium-sized enterprises.
Book a Call
Planning 2026 - 2027
Name
Date
Location
Language
Register