Cyber Resilience Boost: Supporting capacity building for cyber resilience of products

The "Cyber Resilience Boost: Supporting capacity building for cyber resilience of products," also known as TEST-CERT-CZ, is a grant opportunity intended to enhance cyber resilience capabilities in line with the Cyber Resilience Act (CRA) requirements. The initiative, managed by the Czech National Coordination Centre (NCC-CZ) under the Digital Europe Programme, has a total budget of €320,000 and offers a maximum grant of €100,000 per project.

Eligible applicants include small and medium-sized enterprises (SMEs) involved in cybersecurity, ICT product testing, and certification processes. Future Conformity Assessment Bodies (CABs), accreditation bodies, and consortia of these entities are also eligible. The call aims to support the establishment of professional infrastructure, development of practical tools, and knowledge sharing to help organizations comply with the CRA.

The funding covers up to 50% of eligible project costs, and applicants are required to provide matched funding for the remaining 50%. The application process is open from September 15, 2025, until November 18, 2025, at 02:00 Brussels time. Proposals must demonstrate alignment with call objectives and potential for practical application.

Key thematic pillars addressed by the call include the establishment and development of CABs, development of documentation for CRA self-assessment, increasing SME preparedness and awareness, and promoting cooperation and standardization. Projects that receive funding are expected to demonstrate tangible outcomes and readiness for implementation, focusing more on application rather than early-stage research.

The geographic eligibility is restricted to EU Member States, including overseas territories, or EEA countries such as Norway, Iceland, and Liechtenstein. Overall, the initiative aims to enhance the capacity of the Czech and European markets in meeting regulatory demands and improving the security of ICT products and services.

The Cyber Resilience Boost: Supporting capacity building for cyber resilience of products call for proposals, also known as TEST-CERT-CZ, aims to bolster cyber resilience capabilities in line with the Cyber Resilience Act (CRA) requirements. The call specifically targets the development of professional infrastructure, tools, and knowledge essential for organizations involved with ICT products and services to meet their CRA obligations. This includes manufacturers, importers, certification bodies, and assessment entities.

The call is structured around four thematic pillars:

1. Support for the establishment and development of Conformity Assessment Bodies (CABs): This pillar focuses on enhancing the professional, technical, and procedural capabilities of certification bodies and testing laboratories to evaluate products with digital elements according to the CRA. The goal is to prepare CABs for future accreditation and regulatory demands, establish or strengthen laboratories capable of testing products as per CRA requirements, and implement assessment and certification procedures that align with expected harmonized EU standards and methodologies, facilitating preparation for accreditation or notification.

2. Development of support tools and documentation for CRA self-assessment: This pillar aims to equip manufacturers, importers, and distributors with practical tools to facilitate their CRA compliance. These tools include templates for technical documentation and declarations of conformity, methodological guides, checklists and instructions, and consultation or support services for self-assessment and risk assessment.

3. Increasing the preparedness and awareness of Small and Medium-sized Enterprises (SMEs): This pillar seeks to lower the barriers to entry for SMEs needing to comply with the CRA. Support will be provided through training activities such as practical workshops, e-learning tools, and webinars, as well as pilot implementations of CRA requirements, including conducting internal audits, preparing documentation, and aligning staff and internal processes with the CRA.

4. Support for cooperation, standardization, and sharing of best practices: This pillar promotes knowledge exchange among stakeholders in conformity assessment, government, standardization bodies, and the professional community. Support will be extended to international and interdisciplinary initiatives aimed at harmonizing approaches to the CRA, joint projects, working groups, participation in standardization activities, and the creation of community platforms or open databases of good practice.

The call's overall objective is to enhance the readiness of the Czech and European markets for CRA implementation and to expedite the development of practical support tools and services. It also aims to support SMEs in meeting new regulatory requirements without imposing undue burdens. Projects selected for funding must demonstrate clear alignment with the call's objectives and show potential for practical application of their results.

The opening date for submissions is September 15, 2025, and the deadline for submission is November 18, 2025, at 02:00 Brussels time. The submission process is single-stage. The expected duration of participation is until December 30, 2026. The total funding available is 320,000 EUR. The project acronym is TEST-CERT-CZ, and the full name of the EU-funded project is Building Testing and Certification Capabilities in the Czech Republic. The grant agreement number is 101127940. The topic is DIGITAL-ECCC-2022-CYBER-03-TEST-CERT-CAPABILTIES Testing and Certification Capabilities.

The project proposal must be submitted via the application form, including mandatory annexes and any additional annexes to demonstrate eligibility, quality, applicability, and suitability within the context of sustainability. The NCC-CZ Council will appoint a member to manage the evaluation process based on the submission and sectoral focus. NCC-CZ administrators will assess formal compliance and substantive requirements, while independent evaluators will assess quality and material compliance according to the NCC-CZ Terms of Reference and the call.

The maximum financial support is EUR 100,000, covering 50% of eligible costs based on actual costs incurred. The final amount of support depends on the project's quality, budget consistency, and cost structure. Beneficiaries must regularly document actual expenditures, with reporting details specified in the grant agreement. Applicants must ensure compliance to prevent unlawful indirect State aid or double funding.

Eligible organizations include:

Small and medium-sized enterprises (SMEs) engaged in or interested in providing services in cybersecurity, ICT product testing, or certification processes. This includes enterprises developing and accrediting conformity assessment bodies (CABs), providing training for professionals involved in certification processes, or focusing on cybersecurity education and training, particularly in the context of certification and testing of ICT products under the IA EUCC/EUCC.

(Future) Conformity Assessment Bodies (CABs) interested in developing and accrediting CABs, seeking laboratory capacity for testing processes in the EU Common Criteria scheme, or providing training for professionals involved in certification processes.

Accreditation bodies.

Consortia and Partnerships of organizations working together on joint projects, effectively coordinating activities and resources to achieve the call's objectives.

Applicants must be established in an EU Member State (including overseas countries and territories) or an EEA country (Norway, Iceland, and Liechtenstein). The controlling person of the applicant must also be established or resident in one of these eligible countries. Eligibility is contingent upon meeting the objectives and requirements of the Digital Europe Programme, including financial and operational stability and the ability to manage EU-funded projects. Professional capacity will be assessed based on the application and evaluation criteria.

In summary, this call for proposals aims to strengthen cyber resilience by supporting the development of testing and certification capabilities within the Czech Republic and Europe. It targets SMEs, CABs, accreditation bodies, and consortia, providing funding and resources to enhance their ability to meet the requirements of the Cyber Resilience Act. The initiative focuses on building professional infrastructure, providing essential tools, and increasing knowledge to ensure that organizations can effectively comply with the CRA, thereby improving the overall security of ICT products and services.

Eligible Applicant Types: The eligible applicant types are small and medium-sized enterprises (SMEs) engaged in or interested in providing services in the field of cyber security, ICT product testing or certification processes, (future) Conformity Assessment Bodies (CABs), accreditation bodies, and consortia and partnerships which may include combinations of the above entities. Specifically, eligible SMEs are those interested in developing and accrediting a conformity assessment body (CAB), i.e., a certification body or testing laboratories in accordance with European standards, or in providing training for professionals involved in certification processes. Also eligible are enterprises that focus on education or training in the field of cyber security, especially in the context of certification and testing of ICT products, providing training to auditors, testers and other professionals involved in certification processes under the IA EUCC/EUCC. Eligible CABs are bodies that have an interest in developing and accrediting conformity assessment bodies (CABs), i.e., certification bodies or testing laboratories in accordance with European standards, or in providing training for professionals involved in certification processes, including institutions seeking to have laboratory capacity that can be used for testing processes in the EU Common Criteria scheme. Consortia and Partnerships are defined as groups of organizations, which may include combinations of the above entities, working together on joint projects. These consortia should be able to effectively coordinate activities and resources to achieve the objectives of the call.

Funding Type: The funding type is a grant. The maximum amount of financial support is EUR 100,000, and projects will be financed at 50% of the eligible costs. This means the beneficiary will receive support equal to one half of the eligible costs incurred in the implementation of the project. Projects will be funded on the basis of actual costs.

Consortium Requirement: Both single applicants and consortia are eligible. The text explicitly mentions "Consortia and Partnerships" as eligible applicant types, indicating that groups of organizations working together on joint projects are encouraged.

Beneficiary Scope (Geographic Eligibility): The geographic eligibility includes EU Member States (including overseas countries and territories) and EEA countries (Norway, Iceland, and Liechtenstein). The controlling person of the Applicant, whether a commercial corporation or a natural person, must also be established or resident in one of the eligible countries.

Target Sector: The target sector is cyber security, specifically focusing on cyber resilience, ICT product testing and certification, and conformity assessment. The call aims to support the building and strengthening of capacities in the field of cyber resilience in accordance with the Cyber Resilience Act (CRA) requirements.

Mentioned Countries: Czech Republic, Norway, Iceland, Liechtenstein. The call is managed by the NCC-CZ Council, which implies a focus on the Czech Republic, and the EEA countries Norway, Iceland, and Liechtenstein are explicitly mentioned as eligible locations.

Project Stage: The project stage appears to be focused on development, validation, and demonstration. The call supports the establishment and development of conformity assessment bodies, the development of support tools and documentation, increasing preparedness of SMEs, and supporting cooperation and standardization. These activities suggest projects that are beyond the initial research phase and are moving towards practical application and implementation.

Funding Amount: The funding range is up to EUR 100,000 per project. The total funding available for the call is EUR 320,000. The projects will be financed at 50% of the eligible costs.

Application Type: The application type is an open call, as indicated by the statement that the project proposal will be submitted via the application form attached to this call for proposals. The deadline model is single-stage.

Nature of Support: Beneficiaries will receive money in the form of a grant. The grant will cover 50% of the eligible costs incurred during the project implementation.

Application Stages: The application process appears to be single-stage, as indicated by the "Deadline model single-stage". The evaluation process involves assessment of formal compliance, acceptability, quality, and compliance with material requirements.

Success Rates: The success rates are not explicitly mentioned.

Co-funding Requirement: Yes, there is a co-funding requirement. The projects will be financed at 50% of the eligible costs, meaning the beneficiary must provide the remaining 50% of the funding.

Summary:

This opportunity, titled "Cyber Resilience Boost: Supporting capacity building for cyber resilience of products," is a grant program aimed at strengthening cyber resilience within the Czech Republic and the European market in accordance with the Cyber Resilience Act (CRA). It is managed by the NCC-CZ Council and falls under the EU Digital Europe Programme. The call seeks to support the development of professional infrastructure, tools, and knowledge capacities that will enable organizations operating in the field of ICT products and services to effectively fulfill their obligations under the CRA.

The call is structured around four main thematic pillars: supporting the establishment and development of conformity assessment bodies (CABs), developing support tools and documentation for CRA self-assessment, increasing the preparedness and awareness of small and medium-sized enterprises (SMEs), and supporting cooperation, standardization, and sharing of best practices.

Eligible applicants include SMEs, (future) CABs, accreditation bodies, and consortia of these entities, established in EU Member States or EEA countries. The maximum grant amount is EUR 100,000, covering 50% of eligible project costs, requiring the applicant to provide the remaining 50% as co-funding. The application process is single-stage, with proposals submitted via an application form with mandatory annexes. The evaluation process includes assessment of formal compliance, acceptability, quality, and compliance with material requirements by NCC-CZ administrators and independent evaluators.

The overall goal is to enhance the readiness of the Czech and European markets for the implementation of the CRA, accelerate the creation of practical support tools and services, and support SMEs in meeting new regulatory requirements. The call aims to improve cyber resilience by focusing on testing and certification capabilities, supporting the development of professional infrastructure, tools, and knowledge capacities. The opening date for submission is September 15, 2025, and the deadline is November 18, 2025. The full name of the EU funded project is Building Testing and Certification Capabilities in the Czech Republic.