1. Do you develop or integrate products with embedded software, firmware or connectivity that are sold or distributed in the EU?

2. Does your product connect or interact with other systems, networks or devices?

3. Do you have a defined process for assigning cybersecurity requirements at system, software and hardware level?

4. Can you trace those requirements from a risk analysis (TARA or equivalent) through to their implementation?

5. Could you demonstrate with evidence how you manage the cybersecurity of your product throughout its development?