Search every question across CRA sub-FAQs

It can cover products with digital elements or product categories concerned by the approved quality system.

That is one reason module H can be attractive for manufacturers with many products or frequent changes, provided the notified body approves the system and its scope.

Yes.

The quality system must be assessed by a notified body, and the manufacturer remains under notified-body surveillance after approval.

It must ensure compliance of the covered products with Part I of Annex I and compliance of the manufacturer's vulnerability-handling processes with Part II of Annex I.

It must also cover the relevant lifecycle stages, including design, development, final product inspection and testing, and vulnerability handling, and it must remain effective throughout the support period.

The application to the notified body must include:

- the manufacturer details and, where relevant, the authorised representative's details

- the technical documentation for one model of each category of products intended to be manufactured or developed

- the quality-system documentation

- a declaration that the same application has not been lodged with any other notified body

Yes.

Module H does not replace the Article 31 and Annex VII documentation duties. The application must include technical documentation for one model of each covered product category, and the Commission FAQ notes that this documentation may form part of the quality-system documentation.

The quality-system documentation must systematically describe, among other things:

- quality objectives and management responsibilities

- the standards and specifications to be applied

- the means used where relevant harmonised standards or technical specifications are not applied in full

- design and development controls and verification techniques

- production, quality-control, and quality-assurance techniques

- examinations and tests and how often they are carried out

- quality records

- how the manufacturer monitors the effective operation of the quality system

Yes.

Annex VIII Part IV point 3.2 distinguishes between the technical design and development specifications relevant to Part I of Annex I and the procedural specifications relevant to Part II of Annex I. In practice, module H covers both product compliance and the manufacturer's vulnerability-handling processes.

The notified body assesses whether the quality system satisfies the CRA requirements in Annex VIII Part IV point 3.2.

The audit team must include at least one member experienced in the relevant product field and technology, and the audit must include an assessment visit to the manufacturer's premises where such premises exist. The auditing team also reviews the submitted technical documentation to verify the manufacturer's ability to identify the applicable CRA requirements and carry out the necessary examinations.

No.

The CRA allows the notified body to presume conformity for elements of the quality system that comply with the corresponding specifications of the national standard implementing the relevant harmonised standard or technical specification. But the notified body still has to assess and approve the system under module H.

The Commission FAQ also says that accreditation against the ISO 9000 series does not by itself entitle a manufacturer to use module H without CRA notified-body involvement.

The manufacturer must undertake to fulfil the obligations arising from the approved quality system and maintain it so that it remains adequate and efficient.

The notified body's notification to the manufacturer must contain the conclusions of the audit and the reasoned assessment decision.

The manufacturer must keep the notified body informed of any intended change to the quality system.

The notified body then evaluates the proposed changes and decides whether the modified system still satisfies the requirements or whether reassessment is necessary.

Often yes, but only within an approved quality-system framework.

The Commission FAQ says module H may be particularly considered by manufacturers that place numerous product types on the market or products subject to frequent updates, because it provides a more versatile framework than module B+C. That does not remove the need for notified-body assessment of the system and later changes to it.

The notified body must carry out surveillance to make sure the manufacturer fulfils the obligations arising from the approved quality system.

For that purpose, the manufacturer must allow access to the relevant design, development, production, inspection, testing, and storage sites and provide the quality-system documentation and quality records needed for assessment.

Yes.

The notified body must carry out periodic audits to make sure the manufacturer maintains and applies the quality system, and it must provide the manufacturer with an audit report.

No.

Even under module H, the manufacturer ensures and declares on its sole responsibility that the covered products or product categories satisfy the applicable requirements. The notified body assesses and surveils the quality system, but the manufacturer's legal responsibility remains.

Under module H, the manufacturer affixes the CE marking to each individual compliant product and the notified body's identification number follows the CE marking.

The identification number is affixed by the notified body itself or under its instructions.

It is tied to each product model.

Annex VIII Part IV point 5.2 requires a written declaration of conformity for each product model, and the declaration must identify the product model for which it has been drawn up.

The manufacturer must keep, at the disposal of national authorities, for at least 10 years after placing on the market or for the support period, whichever is longer:

- the technical documentation

- the quality-system documentation

- approved changes to the quality system

- the notified body's decisions and reports

- the declaration of conformity for each product model

The notified body must inform its notifying authorities about quality-system approvals issued or withdrawn, and it must also inform other notified bodies about approvals it has refused, suspended, or withdrawn and, on request, about approvals it has issued.

Yes, but only where the mandate expressly covers them.

Under Annex VIII Part IV point 8, the authorised representative may fulfil the manufacturer's obligations relating to the application, quality-system changes, declaration, and record-retention steps on the manufacturer's behalf and under the manufacturer's responsibility.