Contents
Basics
- Introduction to the European regulations and their objectives in order to understand the framework and background.
- Classification of software and products with digital elements into risk classes in accordance with the Cyber Resilience Act (CRA) and the associated obligations.
Software Bill of Materials (SBOM)
- Contents.
- Detailed presentation of the software parts lists (SBOM).
- Solution approaches and standards such as the BSI guidelines for ensuring transparency and increasing security in the software supply chain (Software Supply Chain Security).
Security requirements and cybersecurity measures for software and products with digital elements in the CRA
- Content of cybersecurity strategies during development through to placing on the market and in the supply chain.
- New requirements such as security by design, update obligations across the entire product life cycle of software.
- The need for continuous safety management.
Conformity assessment procedure and CE marking
- Practice-oriented explanation of the requirements for conformity assessment procedures and obtaining the CE label for your products.
Scope of liability of the CRA for products with open source software code, including license management and liability exceptions
- Solutions for the secure handling of open source software elements in products in the supply chain.
- Liability.
Reporting obligations in the event of security incidents
- Overview of the reporting obligations and response options in the event of security incidents in order to prevent legal sanctions.
Implementation deadlines
- Timelines and deadlines for implementing the new regulations and requirements.
Legal consequences of violations
- Highlighting the consequences of non-compliance with the new regulations, including potential sanctions.
Outlook
- No-fault EU product liability for software, digital technologies and AI.
- Preparation for the upcoming changes due to the planned EU Product Liability Directive for defective software.
- Scope of the new regulations.
- Responsible parties and scope of liability.
- Solutions for reducing liability.
- Product liability for high-risk AI systems under the AI Regulation and the CRA.
Learning environment
Once you have registered, you will find useful information, downloads and extra services relating to this training course in your online learning environment.
Your benefit
- You will learn to understand the European regulations and their objectives in order to better understand the framework conditions and background.
- You will learn to classify software and products with digital elements into risk classes in accordance with the Cyber Resilience Act (CRA) and to recognize the associated obligations.
- You will learn in detail about the importance and structure of a Software Bill of Materials (SBOM) and how it contributes to increasing security in the software supply chain.
- You will learn to understand and apply the security requirements and cybersecurity measures for software and products with digital elements in the CRA.
- You will learn how to develop practical solutions for the conformity assessment procedure and to obtain the CE label for your products.
- You will learn about reporting obligations in the event of security incidents and how to respond in order to prevent legal sanctions.
Methods
Lecture with presentation, best-practice examples, discussions, exchange of experiences and networking among participants , exercises and application of what has been learned in small groups.
Recommended for
The training is aimed at managing directors, managers and Employees as well as IT experts, developers and programmers from providers or manufacturers of software or other technology who want to prepare for the new EU requirements at an early stage and reduce their liability risks. Compliance department Employees and in-house lawyers are also welcome to attend.
Previous technical knowledge of the basics of software programming and knowledge of OSS are an advantage.
Seminar evaluation for "Cyber Resilience Act & EU product liability"







41195
Start dates and details
Friday, 05.09.2025
09:00 am - 5:00 pm
- one joint lunch per full seminar day,
- Catering during breaks and
- extensive working documents.

Monday, 13.10.2025
09:00 am - 5:00 pm
Wednesday, 26.11.2025
09:00 am - 5:00 pm
- one joint lunch per full seminar day,
- Catering during breaks and
- extensive working documents.

Monday, 19.01.2026
09:00 am - 5:00 pm
Monday, 16.03.2026
09:00 am - 5:00 pm
- one joint lunch per full seminar day,
- Catering during breaks and
- extensive working documents.
- one joint lunch per full seminar day,
- Catering during breaks and
- extensive working documents.