education icon indicating copy to clipboard operation
education copied to clipboard
verified publisher icon ossf

Create a "Doing Risk Assessments per the ENISA framework" Course

Open SecurityCaveman opened this issue 9 months ago • 2 comments

The CRA has requirements related to performing risk assessment but does not specify what the specific risk assessment requirements are. ENISA already has a risk management framework (https://www.enisa.europa.eu/topics/risk-management) that we believe might be used for the CRA requirement, or provide the underlying foundation for the CRA requirement.

Based on this we believe there is value in creating a course that explains the ENISA Risk Management framework.

SecurityCaveman avatar May 06 '25 14:05 SecurityCaveman

Sounds great! Per our discussion today, please send me an email, and I'll do some introductions.

david-a-wheeler avatar Nov 04 '25 16:11 david-a-wheeler

E-mail from Harald Fischer on 10 Nov 2025:

As discussed in the last CRA Awareness Working Group meeting. I'd like to push forward the idea of building an Essential Cybersecurity Risk Management for Digital Products | CRA Products training. For this you've offered to establish a contact with the LF education team so that I can start with them as well. In the meantime, I'll finish my draft of the structure of the course this week and would like to invite you David, CRob and Dave to give it a review.

Thanks for supporting me on this very new topic.

Best Regards Harald

David Wheeler has connected him with Flavia from LF Education, who provided a template and guidance docs.

SecurityCaveman avatar Nov 26 '25 13:11 SecurityCaveman