If you've started looking into GPSR compliance, you've probably hit this question quickly: do I need a 50-page document, or will a few paragraphs do?

Because as a small business owner you wear a lot of hats already, and spending days creating long documentation does not feel like a great use of your time – even if it could open up a new market to you.

The short answer is that GPSR doesn't set a page count or a fixed template.

What it requires is that your risk assessment is proportionate to the product and its risks.

That sounds vague, but it's actually useful, because it means a simple product with a low risk profile genuinely doesn't need the same depth as a complex one.

Here's what that looks like in practice with a few examples of how this works in practice from our clients (RepGuardia represent over 100 small business owners selling into the EU and we’ve reviewed all their Risk Assessments, so we know this in detail!):

What GPSR actually asks for

Under GPSR, your risk assessment needs to identify the hazards your product could reasonably present, evaluate the likelihood and severity of harm, and document what you've done to reduce those risks.

The Risk Assessment should also reference any relevant standards you've applied, such as CE marking standards, and explain why your product meets them.

That's the core of it. And whilst the EU don’t provide templates, here at RepGuardia we do provide a template if you’re not sure how to present this information – and over 15 examples from a range of product types so you can see how to complete the templates in practice.

Everything else builds from there depending on your product category.

Simple products: what "proportionate" looks like

Take a decorative ceramic mug with no electrical components, no moving parts, and no intended use by children.

The risk assessment for that product can be relatively brief. You'd cover material safety (lead-free glazes, food-safe certification if applicable), physical hazards (breakage, sharp edges), and any relevant EU standards. A well-structured two-to-three page document can be sufficient.

Compare that to a baby carrier, a children's toy with small parts, or a product with electrical components. Those categories carry higher inherent risk and will need more detailed analysis. You'd be expected to address specific hazard categories in more depth, reference category-specific standards, and document your testing evidence.

What "documented" means

Your risk assessment needs to exist as a written record. We know as you developed your product you will have had these conversations about making them safe – it’s just naturally part of the process. A Risk Assessment is really just a written record of those conversations and considerations you’ve already made.

Your Risk Assessment should be specific to your product, not a generic template that could apply to anything. If a market surveillance authority in an EU member state requests your technical documentation, your risk assessment is part of what you'd provide and it needs to match with what they’re seeing in the box.

That means it needs to be clear enough that someone reading it, without knowing your product, could follow your reasoning.

Common gaps we see

At RepGuardia we have over 100 clients who are GPSR compliant with our EU Representation Service. The most frequent issue isn't that assessments are too short. It's that they're too generic.

We love using AI to create documents and help break through that ‘blank page’ feeling of not knowing where to start. But you cannot submit something entirely created by ChatGPT – it doesn’t know your products, the manufacturing process or your components in the detail you do.

A risk assessment that lists potential hazards without connecting them to your specific product, your materials, your manufacturing process, or your intended user doesn't demonstrate that you've actually assessed anything.

Do you need a professional to write it?

Absolutely not if you are a small business with a low risk product – which is the kind of business owner RepGuardia supports. For higher-risk product categories, it may well be worth getting technical input.

What matters is that whoever produces your Risk Assessment understands the product, the intended users, and the relevant standards.

If you're selling straightforward general consumer goods and you understand your product well (which likely you do, as you’re probably also the producer or designer!), you can confidently produce a compliant assessment yourself, provided you know what to include (which is where RepGuardia’s templates and examples come in).

The practical takeaway

When writing a Risk Assessment: match the depth to the risk.

A short but thorough assessment for a low-risk product is more compliant than a long generic one that doesn't address the actual hazards. Quality not quantity!

Focus on specificity, reference your standards correctly, and make sure your reasoning is legible to someone who doesn't know your product. Simple, straightforward language is your friend.

If you're not sure whether your current risk assessment covers what it needs to, that's a good question to bring to your Authorised Representative.

If you want to find out more about signing up with RepGuardia as your EU Authorised Representative, check out our service.