TL;DR
๐ Five steps from assessment to issued MRCC Certificate.
๐ช The 5 steps
1๏ธโฃ Define your Product Estate
One estate = one product / one codebase-SBOM lineage / one EU market exposure. ๐ Add your first regulated product
2๏ธโฃ Run your Scope Review
RICE maps which EU frameworks apply (CRA, NIS2, AI Act, RED, DORA, combos). ๐ How NexCyber decides which regulations apply
3๏ธโฃ Close your Compliance Gap
Upload evidence (SBOM, policies, test reports, supplier attestations). Confidence levels update automatically. ๐ Build your evidence library
4๏ธโฃ Reach the confidence threshold
Each framework has a confidence threshold. When you cross it, your estate becomes MRCC-eligible. ๐ Reading your assessment results
5๏ธโฃ Request the MRCC
- Open your estate
- Click Request MRCC
- Our regulatory team reviews and signs
- You receive a signed PDF + a public verify URL
โฑ๏ธ Typical timeline
| Plan | First MRCC turnaround |
|---|---|
| Launch | 5-10 business days |
| Portfolio | 3-5 business days |
| Command | 1-3 business days (priority queue) |
| Strategic | Contractual SLA |
โก๏ธ Next
- ๐ Fastest path to your first MRCC
- ๐ก๏ธ Trust Passport vs MRCC
- ๐ Share your Trust Passport
๐ฌ Need help?
- Reach out via our live chat (bottom-right) โ Captain AI replies instantly, human experts within business hours.
- Email support@nexcyber.eu with
[P1]for Command/Strategic priority issues.
โน๏ธ Disclaimer โ RICE provides a readiness analysis, not legal advice. Final compliance may require legal review or notified body certification.
Last reviewed: 2026-06-02 ยท NexCyber Help Center