Cyber Resilience Act, Article 41 - Subsidiaries of and subcontracting by notified bodies
1. Where a notified body subcontracts specific tasks connected with conformity assessment or has recourse to a subsidiary, it shall ensure that the subcontractor or the subsidiary meets the requirements set out in Article 39 and shall inform the notifying authority accordingly.
2. Notified bodies shall take full responsibility for the tasks performed by subcontractors or subsidiaries wherever they are established.
3. Activities may be subcontracted or carried out by a subsidiary only with the agreement of the manufacturer.
4. Notified bodies shall keep at the disposal of the notifying authority the relevant documents concerning the assessment of the qualifications of the subcontractor or the subsidiary and the work carried out by them under this Regulation.
Cyber Resilience Act Final Text
You may also visit: