talltree.tech

Sample report

See what a serious CRA gap assessment looks like.

A fictional but realistic 13-page report for Lumeon Devices Ltd, a UK/EU manufacturer of connected commercial-lighting controls. It shows the structure, tone and level of specificity a buyer should expect before asking for a real assessment.

CRA Annex I Firmware evidence OTA SBOM Vulnerability handling

Request the PDF

The form opens an email to TallTree for manual fulfilment. No automation is assumed for this first version.

Inside the report

Built like a deliverable, not a brochure.

The sample is written in a calm audit-report register. It shows the kind of evidence, finding structure and remediation roadmap a real engagement should produce.

Executive view

One-page summary

Readiness rating, priority findings, decision points and the commercial risk in language a leadership team can use.

Engineering view

Findings with evidence

Each finding names the assessed area, evidence reviewed, regulatory relevance, risk, remediation and estimated effort.

Programme view

Six-month roadmap

Sequenced remediation across quick wins, architecture decisions, process work and evidence-file stabilisation.

After the sample

A real report is scoped to one product version and one decision.

If the sample helps you see the work your own team needs, the next step is a Product Security Readiness Call. Write to support@talltree.tech.