Skip to content
SynergyBit
Other compliance

RED – radio equipment compliance (incl. RED DA)

Meet the cybersecurity requirements of the Radio Equipment Directive (RED) and the RED DA delegated act.

The Radio Equipment Directive (RED, 2014/53/EU) now also includes cybersecurity requirements. The RED DA delegated act activates Article 3(3) points (d) to (f) – protection of the network, personal data and against fraud – for wireless and connected devices.

We help you determine whether the RED DA applies to you, compare your device with the harmonised standard EN 18031 and prepare the technical documentation and the path to CE marking. We also align it with the CRA so the requirements do not overlap.

What you get

RED and RED DA impact assessment

Determining whether the device is radio equipment under the RED and whether the RED DA cybersecurity requirements (Art. 3(3) d–f) apply to it.

Gap analysis against EN 18031

Comparing the device with the harmonised standard EN 18031 (parts 1–3) and identifying the gaps.

Technical documentation

Preparing the technical documentation and evidence of meeting the RED cybersecurity requirements.

Conformity assessment and CE

Choosing the conformity assessment route (harmonised standards vs. notified body) and the basis for the EU declaration of conformity and CE.

How it works

  1. 01

    Impact assessment

    We determine whether the device falls under the RED and the cybersecurity RED DA, and identify the gaps against EN 18031.

  2. 02

    Documentation preparation

    We add the security measures and compile the technical documentation and evidence.

  3. 03

    Path to CE

    We prepare the conformity assessment and the basis for the EU declaration of conformity and CE marking.

Outcomes for you

  • Clarity on whether and how the RED DA applies to your device
  • Compliance with the harmonised standard EN 18031
  • Complete technical documentation
  • A basis for the EU declaration of conformity and CE

Frequently asked questions

Since when do the RED cybersecurity requirements apply?
The cybersecurity requirements under the RED DA delegated act apply from 1 August 2025. If you place wireless or connected devices on the EU market, it is wise to address compliance as soon as possible.
How does the RED relate to the CRA?
The RED DA and the CRA overlap on cybersecurity requirements for connected devices. The CRA is broader and is gradually becoming the main framework; we can align both so you do not address the same things twice.
What is the EN 18031 standard?
EN 18031 is a harmonised standard (parts 1–3) supporting fulfilment of the RED DA cybersecurity requirements. Compliance with it gives a presumption of conformity. We compare your device with its requirements.

Related services

Back to services

MDR – medical devices

Advisory and preparation for Regulation (EU) 2017/745 (MDR): classification, technical documentation, clinical evaluation, QMS and the path to CE marking.

Learn more

IVDR – in vitro diagnostics

Advisory and preparation for Regulation (EU) 2017/746 (IVDR): classification into classes A–D, technical documentation, performance evaluation, QMS and the path to CE marking.

Learn more

ISO 27001 – information security management

We help you implement an information security management system (ISMS) per ISO/IEC 27001 – from risk assessment to certification audit readiness.

Learn more

Start with CRA before the deadline catches up with you

A free consultation will quickly show you where you stand and the shortest path to compliance.

Book a consultation