Technical File

The Technical File (sometimes called Technical Documentation) is the complete body of evidence a manufacturer must assemble to demonstrate that a product meets all applicable EU directive and regulation requirements. It is a legal obligation under every major CE marking directive — the manufacturer does not submit it to anyone during normal market placement, but must be able to produce it to market surveillance authorities within a defined period (typically 10 days) if requested. It must be retained for a minimum of 10 years after the last unit is placed on the market.

Mandatory Contents

The exact required contents vary by directive but the Technical File for a typical connected hardware product covers:

Product Description

• General product description and intended use
• Product variants and models covered
• Product photographs and diagrams

Design Documentation

• Complete electrical schematics and PCB layout files
• Bill of Materials (BOM) with manufacturer part numbers
• Block diagram of system architecture
• Description of all software and firmware components
• Software Bill of Materials (SBOM) — mandatory for CRA-covered products

Applicable Directives and Standards

• List of all EU directives and regulations the product is declared to comply with
• List of harmonised standards applied (fully or partially), with justification for any partial application
• Where harmonised standards are not applied, the technical specification used and the rationale

Risk Assessment

• Documented risk assessment following the applicable methodology:
  • EN ISO 12100 for Machinery Regulation
  • EN 62368-1 or EN 60335-1 for LVD
  • CRA Annex I security assessment for connected products

Test Reports

• Accredited laboratory test reports for all mandatory tests (EMC, LVD, RED, etc.)
• Pre-compliance screening records
• Functional safety calculations (SIL/PLr) where applicable

CRA-Specific Additions (from December 2027)

• Vulnerability management policy
• SBOM (Software Bill of Materials) in machine-readable format
• Secure development lifecycle documentation
• Description of how the 5-year security update commitment is fulfilled
• Incident response procedure

Declaration of Conformity

• The signed Declaration of Conformity (which references the Technical File) is included as the final document

Common Mistakes

Myth: The Technical File is the CE certificate. There is no “CE certificate” issued by anyone for most products. The manufacturer’s Declaration of Conformity (DoC) is the legal declaration; the Technical File is the supporting evidence. Notified Bodies issue attestation certificates for specific directives (Machinery safety-critical functions, MDR), but these are separate from technical files.

Myth: A Technical File prepared at launch is sufficient for life. Technical Files must be kept current. If the product changes (new component, firmware update changing security behaviour, new vulnerability discovered), the file must be updated. The CRA makes this explicit — the SBOM and vulnerability management records are living documents.

Myth: The Technical File belongs to whoever made the board. Legal responsibility for the Technical File belongs to the EU market entity who placed the product on the market — the manufacturer or EU-based authorised representative. If you import a product from outside the EU and re-badge it, you assume full Technical File responsibility.

Official References

• Decision No 768/2008/EC — New Legislative Framework (NLF) — EUR-Lex (defines Technical File requirements across all CE directives)
• Directive 2014/35/EU (LVD) — Annex III — EUR-Lex (example of Technical File requirements for LVD-covered products)
• Regulation (EU) 2024/2847 (CRA) — Annex VII — EUR-Lex (CRA-specific Technical File additions: SBOM, vulnerability policy)