How do I do a GPSR risk assessment if there is no template or methodology provided?

Default hero background
Uncategorized
Jason van de Zande

If there is no official GPSR template, you can still carry out a compliant risk assessment by using a clear, repeatable structure: define the product and users, identify hazards across the full product lifecycle, rate each risk by severity and likelihood, apply controls, and document the residual risk and required warnings. A good GPSR risk assessment also links to traceability, post-market monitoring, and the documents you can show authorities upon request.

What is a GPSR risk assessment, and what does it need to cover?

A GPSR risk assessment is a documented analysis showing how a consumer product meets the general safety requirement under the General Product Safety Regulation (EU) 2023/988 (GPSR). It explains what could cause harm under normal use and reasonably foreseeable misuse, what you did to prevent that harm, and what risks remain. It should be specific to the product, not a generic checklist.

Core elements typically expected include:

  • Product description, variants, materials, key components, and intended use
  • Target users and vulnerable users (for example, children and older adults)
  • Reasonably foreseeable misuse and abnormal but predictable conditions
  • Hazard identification (what can cause harm)
  • Risk estimation using severity and likelihood
  • Risk evaluation (whether the risk is acceptable, and why)
  • Risk control measures and rationale
  • Residual risk after controls, plus required warnings and instructions
  • Traceability inputs (model identifiers, and batch or serial logic where applicable)
  • Links to post-market monitoring, complaints handling, and corrective actions
  • Recordkeeping, version control, and who approved the assessment

How can you build a GPSR risk assessment methodology from scratch?

You can build a GPSR methodology from scratch by using a simple, auditable process that you apply consistently to every product. The goal is not a perfect scoring system; it is a defensible decision trail showing that you identified hazards, reduced risks, and documented what remains. Keep the method consistent across models and updates.

  1. Define scope: product, variants, accessories, software features, and user groups.
  2. Map the lifecycle: manufacture, packaging, transport, installation, use, maintenance, charging, storage, and disposal.
  3. Identify hazards by category: mechanical, electrical, thermal, chemical, flammability, choking, strangulation, microbiological (if relevant), radiation, and software or cyber risks where digital functions can affect safety.
  4. Choose a risk matrix: for example, a 3×3 or 5×5 severity-versus-likelihood table, and define what each level means in writing.
  5. Document assumptions: environment, user behavior, foreseeable misuse, and any limits of use.
  6. Select controls using a hierarchy: design out the hazard first, then guards or protective measures, then warnings and instructions.
  7. Verify controls: inspections, tests, supplier checks, and label or instruction reviews.
  8. Record residual risk and your acceptance criteria, then set triggers for review (design changes, new complaints, new standards, or new hazard information).

Where relevant, align your assessment with applicable European standards or other technical specifications. Standards can support a presumption of safety when relevant references are published, but they do not prevent authorities from acting if evidence shows a product is dangerous.

What evidence and documents should support your GPSR risk assessment?

Your GPSR risk assessment should be backed by objective evidence that your controls exist and work. Think of the assessment as the “story,” and the supporting documents as the “proof.” Under the GPSR, market surveillance authorities can request safety information, and you should be able to provide it promptly and consistently with your product and listing.

  • Test reports (in-house or third-party) relevant to identified hazards
  • Certificates where relevant (only when they genuinely apply to the product and risk)
  • Bill of materials, critical component specifications, and chemical compliance information where applicable
  • Design drawings, schematics, and key tolerances affecting safety
  • Label artwork, packaging safety information, and user instructions in required languages
  • Manufacturing and quality control checks (incoming inspection, final inspection, and traceability records)
  • Supplier declarations and change control records
  • Evidence under other EU product legislation, if applicable (the GPSR is separate from CE-marking regimes, but it can overlap for risks not covered elsewhere)
  • Post-market procedures: complaint handling, accident intake, corrective actions, and recall readiness

If you sell online, keep identifiers, warnings, and safety information consistent across the product, packaging, and the online offer, because mismatches often trigger documentation requests.

How does EARP help with GPSR risk assessments and EU Responsible Person requirements?

We help you turn a “no template” situation into a structured GPSR risk assessment package and keep it ready for authority or marketplace requests. We also act as the EU Responsible Person (an economic operator established in the Union) when you need one to place products on the EU market under the GPSR and to support obligations under the Market Surveillance Regulation (EU) 2019/1020 (MSR).

  • We review and validate your GPSR risk assessment structure, hazard coverage, and residual risk logic
  • We check documentation completeness and consistency (product, labels, instructions, and listings)
  • We store and manage technical documentation so it is available when requested by authorities
  • We act as a liaison with national market surveillance authorities, and we notify the manufacturer of risks as required under Article 4 of the MSR
  • We provide clear guidance on what to prepare for online marketplace compliance workflows

See our services, or contact us to discuss your product and the fastest way to get your GPSR risk assessment and EU Responsible Person setup in order.

Related Articles