DPP Readiness Assessment: 25 Questions Before You Build
Key Takeaways
- This 50-point assessment across five domains (product data, identifiers, supply chain, regulatory alignment, customer experience) reveals whether your organisation is ready to select a DPP platform — or whether platform selection will stall within months due to foundational gaps.
- Approximately 40% of manufacturers surveyed score below 17 ("Not Ready"), while only 15% score above 34 ("Ready to Implement") — most organisations need foundational data and operational work before platform procurement.
- Unit-level serialisation via GS1 Digital Link is a prerequisite for DPP compliance in most product categories; organisations using only 1D barcodes or SKU-level QR codes need to address this before anything else.
- DPP projects owned by product management or after-sales leadership deliver business outcomes; projects owned solely by IT or legal deliver compliance artefacts — ownership structure determines value extraction.
Most manufacturers approaching Digital Product Passport compliance are asking the wrong question first.
They want to know: which platform should we use? They're evaluating vendors, requesting demos, and building business cases for a technology investment. What they haven't done — and what consistently derails DPP projects six months in — is answer the more fundamental question: are we actually ready to use a DPP platform yet?
The gap between thinking you're ready and being ready is where EU compliance projects go to die. Data that doesn't exist can't be ingested. Suppliers who won't share composition data can't be forced to by a software contract. Packaging lines that can't print 2D barcodes can't be updated by a platform SLA.
| Key Metric | Value |
|---|---|
| Companies Scoring <17 (Not Ready) | ~40% of manufacturers surveyed |
| Companies Scoring 34–50 (Ready) | ~15% of manufacturers surveyed |
| Average Improvement from Assessment | +8–12 points within 6 months |
| Data Restructuring Cost | €5K–€50K depending on complexity |
| Platform Implementation Timeline | 4–8 weeks post-selection |
Readiness Assessment Platforms & Competitors
Several vendors offer DPP readiness diagnostic services: Segura focuses on chemical composition audits; Circularise provides blockchain-based traceability verification; Protokol offers distributed material tracking. BrandedMark differentiates by combining the readiness assessment framework with immediate onboarding to a production platform — converting audit findings directly into implementation roadmaps rather than requiring separate procurement cycles.
Platform selection is a week's work. Readiness is a programme. Do them in the right order.
This assessment is 25 questions across five domains. For each question, score yourself: 2 points if fully in place, 1 point if partially in place or in progress, 0 points if you don't have it yet. Maximum score: 50. Your score at the end tells you exactly what to do next.
Section 1: Product Data Foundation (Questions 1–5)
The DPP is only as good as the data behind it. Before you think about digital delivery, you need to know whether your underlying product data is structured, accurate, and accessible.
Q1: Do you know the material composition of each SKU at the component level?
Not just "steel, plastic, glass" at the product level — can you specify material type, grade, recycled content percentage, and chemical substances of concern (SVHC list) per component? The ESPR delegated acts for batteries, textiles, and electronics all require this level of granularity. If you have it, score 2. If you have high-level material data but not component-level breakdown, score 1. If you're relying on supplier spec sheets you haven't validated in years, score 0.
Q2: Do you have structured supplier data for all tier-1 inputs?
Supplier name, country, facility ID, and material certificates — for every tier-1 input to every SKU. If you manufacture 200 SKUs with 40 components each, this is a substantial data programme. Score 2 if you have it in a structured, queryable format. Score 1 if you have the data but it lives in PDFs, emails, or ERP fields that aren't DPP-ready. Score 0 if supplier data is held informally or is known to be incomplete.
Q3: Can you produce a Bill of Materials (BOM) per SKU that satisfies EU material transparency requirements?
The DPP-grade BOM is more demanding than a manufacturing BOM. It needs to include substance information, repairability data, and disassembly instructions alongside the standard component list. Score 2 if you have structured BOMs that could be mapped to DPP fields today. Score 1 if your BOMs are accurate but not in a DPP-compatible format. Score 0 if BOMs are inconsistent, outdated, or held in legacy systems.
Q4: Do you have documented repairability and disassembly information per product?
ESPR requires that products covered by delegated acts include information supporting repair: disassembly sequences, tool requirements, spare part availability, and estimated repair times. Some categories require a numerical repairability score. Score 2 if this information exists in structured form. Score 1 if you have service manuals but no structured repairability data. Score 0 if this data doesn't exist.
Q5: Do you have a defined data governance owner for product compliance data?
DPP data needs to be maintained, versioned, and auditable over the product's lifetime — which can be 10–15 years for durable goods. Someone needs to own that. Score 2 if you have a named owner with a defined process. Score 1 if responsibility is informally shared between product management and sustainability teams. Score 0 if no one has explicit ownership.
Section 1 maximum: 10 points
Section 2: Identifier and Standards Readiness (Questions 6–10)
The EU DPP mandates use of a unique product identifier. The industry standard — and the one referenced in GS1 Digital Link and ESPR guidance — is the serialised GTIN (SGTIN). If your identifier infrastructure isn't in place, no DPP platform can compensate for it.
Q6: Do you have a GS1 Company Prefix?
The GS1 Company Prefix is the root of every GTIN your products carry. If you sell through major retail, you almost certainly have one. If you sell direct or through distributors, you may not. Score 2 if you have a valid, active GS1 Company Prefix. Score 0 if you don't — obtaining one is a prerequisite, not a platform feature.
Q7: Can you serialise at the unit level — assigning a unique identifier per physical item, not just per SKU?
A SKU-level QR code gives you product-level data. A serialised unit-level identifier gives you ownership data, supply chain traceability, and anti-counterfeiting capability. The DPP requires unit-level serialisation for most categories. Score 2 if your production or packaging process already assigns unique serial numbers per unit. Score 1 if you serialise at batch level but not unit level. Score 0 if your products only carry SKU-level codes.
Q8: Are your identifiers formatted as GS1 Digital Link URIs?
A GS1 Digital Link URI encodes your GTIN (and optionally serial number, batch, expiry) into a web-resolvable URL that conforms to ISO/IEC 18975. It's the format required for DPP delivery via 2D barcode under ESPR (GS1 Digital Link Standard v1.3, ISO/IEC 18975:2022). Score 2 if your QR codes already use GS1 Digital Link format. Score 1 if you use QR codes but with proprietary URLs that could be migrated. Score 0 if you're using 1D barcodes only or QR codes with no standards alignment.
Q9: Is your packaging physically capable of carrying a 2D barcode (QR or DataMatrix) at compliant size and contrast?
This is an operational readiness question that often surprises teams. Small packaging, dark substrates, embossed finishes, and high-gloss laminates can all make scannable 2D code placement difficult or impossible without a packaging redesign. Score 2 if your current packaging carries a compliant 2D code already. Score 1 if you've assessed placement and have a clear path to inclusion in the next packaging cycle. Score 0 if you haven't assessed this yet.
Q10: Do you have a resolver infrastructure — or a platform that provides one — to route scans to the correct DPP?
When a customer, regulator, or supply chain partner scans the code on your product, the resolver decides where to send them. For DPP compliance, the resolver needs to be able to return machine-readable DPP data to authorised parties (customs, regulators) and human-readable content to consumers, from the same identifier. Score 2 if you have a resolver or a contracted platform that provides one. Score 1 if you're in evaluation. Score 0 if you haven't addressed resolver infrastructure yet.
Section 2 maximum: 10 points
Section 3: Supply Chain Access (Questions 11–15)
Knowing what data you need is different from being able to get it. Supply chain access is consistently the hardest part of DPP implementation for manufacturers who source globally.
Q11: Do your tier-1 suppliers provide structured material and substance data on request?
Score 2 if your supplier contracts already include data provision requirements and you receive structured data (IMDS, BOMcheck, or equivalent). Score 1 if suppliers will provide data when asked but it arrives in inconsistent formats. Score 0 if you have no formal mechanism for requesting supplier material data.
Q12: Do you have any visibility into tier-2 supplier data?
Tier-2 visibility — your suppliers' suppliers — is required for certain DPP categories, particularly batteries and electronics. This is the frontier where most manufacturer data programmes end. Score 2 if you have documented tier-2 data for critical inputs. Score 1 if you have partial tier-2 visibility for key materials. Score 0 if your supply chain data ends at tier-1.
Q13: Do you have documented chain-of-custody from raw material to finished good?
Chain-of-custody documentation supports both DPP data integrity and the broader due diligence requirements of the EU Corporate Sustainability Due Diligence Directive (CS3D). Score 2 if you have documented custody records. Score 1 if you have partial documentation with known gaps. Score 0 if custody documentation doesn't currently exist.
Q14: Can your ERP or PLM system export structured product data to an external platform?
The DPP platform needs to ingest your product data — and ideally keep it synchronised as specifications change. If your ERP exports are limited to CSV or require significant manual transformation, data maintenance becomes a manual programme risk. Score 2 if you have API-accessible product data. Score 1 if you can export structured files but not via API. Score 0 if data extraction requires significant manual effort.
Q15: Do you have a process for updating DPP content when product specifications change?
DPPs must remain accurate over the product's active life. If you change a component material, update a spare part number, or revise a repair procedure, the DPP needs to reflect it. Score 2 if you have a defined change management process that would include DPP updates. Score 1 if change management exists but doesn't currently cover digital product data. Score 0 if this process doesn't exist yet.
Section 3 maximum: 10 points
Section 4: Regulatory Alignment (Questions 16–20)
The ESPR framework covers many product categories, but not all at once. The delegated acts are being published on a rolling schedule, and the compliance timeline and specific data requirements vary by category. Regulatory alignment means knowing exactly which rules apply to your products, when, and what they require.
Q16: Do you know which ESPR delegated act applies to your product category?
As of early 2026, adopted or draft delegated acts cover: batteries, textiles and apparel, electronics and ICT, furniture, steel and aluminium, tyres, and detergents. If your products fall into one of these categories, you need to know which act governs you — they have different data fields, different timelines, and different grandfathering rules. Score 2 if you have confirmed your applicable delegated act. Score 0 if you haven't mapped your products to specific ESPR delegated acts yet.
Q17: Do you know your mandatory compliance deadline?
Deadlines differ by product category and company size. Batteries: phased from 2025. Textiles: anticipated 2027. Large manufacturers generally face earlier deadlines than SMEs. Score 2 if you have a confirmed date on your compliance roadmap. Score 1 if you have an estimated date but haven't validated it against the final delegated act text. Score 0 if you don't have a deadline mapped yet.
Q18: Do you understand the repairability and durability requirements for your product category?
Beyond data transparency, ESPR imposes design requirements: minimum spare part availability periods (often 7–10 years), repairability scoring for applicable categories, and prohibitions on certain design-for-obsolescence practices. These are product engineering requirements, not software requirements. Score 2 if your product design process already accounts for these requirements. Score 1 if you're aware of them but haven't assessed your current portfolio against them. Score 0 if this is new information.
Q19: Do you understand the economic operator data requirements — importer, distributor, and authorised representative obligations?
The DPP isn't just the manufacturer's responsibility. Importers, authorised EU representatives, and distributors all have defined obligations. If you sell into the EU through a distribution chain, you need to understand how DPP data flows to and from these parties. Score 2 if you have mapped obligations across your distribution structure. Score 1 if you've identified the issue but haven't resolved it contractually. Score 0 if you haven't assessed this yet.
Q20: Do you have a legal or regulatory affairs resource assigned to ESPR compliance?
ESPR compliance is not purely a technology programme. It requires interpretation of delegated act text, assessment of product conformity, and engagement with notified bodies (European Commission ESPR Implementation Guidance for Economic Operators, 2025). Score 2 if you have dedicated regulatory resource (internal or external counsel). Score 1 if regulatory responsibility is informally assigned alongside other duties. Score 0 if no one is currently tracking ESPR for your organisation.
Section 4 maximum: 10 points
Section 5: Customer Experience Layer (Questions 21–25)
Compliance is the floor, not the ceiling. A DPP that serves only regulators is a cost centre. A DPP that also serves customers — with setup guides, warranty registration, support content, and spare parts — is a revenue asset. This section assesses whether your DPP will deliver business value alongside compliance value.
Q21: Have you defined what the consumer-facing DPP experience will contain?
Regulators need machine-readable data. Customers need human-readable content. These aren't mutually exclusive — the same QR code can resolve to different views for different users. Score 2 if you have a defined consumer experience alongside the compliance data structure. Score 1 if you're thinking about consumer experience but haven't specified it. Score 0 if the DPP is being treated as a compliance data file with no consumer layer.
Q22: Do you have a post-purchase support content library (guides, videos, FAQs, troubleshooting) ready to attach to the DPP?
The customer experience layer of your DPP is only as good as the content behind it. If you don't have structured support content today, creating it is a content programme that runs in parallel with the technical DPP build. Score 2 if you have a structured, maintained content library. Score 1 if you have content but it's unstructured (PDFs, legacy web pages). Score 0 if support content is primarily delivered via call centre and hasn't been digitised.
Q23: Do you have a warranty registration journey that can be triggered from a product scan?
One of the highest-value post-purchase moments is at unboxing — when the customer scans for the first time and has the highest intent. If your DPP or connected product experience doesn't capture warranty registration in that moment, you're leaving customer data on the table. Score 2 if you have (or are planning) a scan-triggered registration journey. Score 1 if you have registration but it's accessed via a separate URL or manual process. Score 0 if you have no digital warranty registration today.
Q24: Do you have a spare parts catalogue or accessories listing that can be surfaced from the product scan?
Aftermarket revenue from spare parts, accessories, and consumables is a significant margin opportunity for durable goods manufacturers — and it's most effectively captured when the customer is already holding the product. Score 2 if you have a structured spare parts catalogue that could be linked to a product identifier. Score 1 if spare parts data exists but isn't in a format ready for digital surfacing. Score 0 if spare parts are sold exclusively through third-party channels with no direct catalogue.
Q25: Is your post-purchase experience strategy owned at a senior level — not just delegated to IT or compliance?
DPP projects that live only in IT or legal tend to deliver compliance artefacts. DPP projects that have a champion in product management, marketing, or after-sales tend to deliver business outcomes. The technology is the same; the ambition is different. Score 2 if a senior business stakeholder owns the connected product / DPP programme. Score 1 if ownership is shared but not clearly led. Score 0 if the programme is owned entirely by IT or regulatory affairs.
Section 5 maximum: 10 points
Your Score: What It Means
Add up your scores across all five sections.
0–16: Not Ready — Audit First
Your DPP project needs a data and operations foundation before platform selection makes sense. Signing a software contract now means paying for a platform you can't fill with data. The priority work is: product data audit, supplier engagement programme, and identifier strategy. Use the next 3–6 months to build the foundation. Revisit platform selection once you score above 17.
Start here: What is a Digital Product Passport?
17–33: Gaps to Fill — Use the DPP Playbook
You have meaningful foundations in place but identifiable gaps that will block implementation if left unaddressed. The good news: at this score range, the gaps are typically known and manageable. Prioritise the sections where you scored lowest. Regulatory alignment and supply chain access are the most common weak points at this stage — they're also the ones that take the longest to resolve, so address them in parallel with platform evaluation rather than sequentially.
Start here: DPP Implementation for Mid-Market Manufacturers
34–50: Ready to Implement
Your foundations are in place. Platform selection and implementation are the right next steps. Focus your vendor evaluation on resolver infrastructure, GS1 Digital Link compliance, consumer experience capability, and the ability to maintain and update DPP content over the product's lifetime without developer involvement. A no-code experience layer matters — your DPP content will change, and change management should not require a release cycle.
Start here: Beyond Compliance — How DPPs Become Product Identity
The Question Behind the Questions
Every section of this assessment points to the same underlying truth: DPP readiness is a data and operations programme, not a software procurement. The platform is the last piece, not the first.
The manufacturers who will hit their compliance deadlines without disruption are the ones who started the data work early — before the vendor conversations, before the board presentations, before the clock started ticking on their delegated act deadline. If your score today is lower than you expected, the honest response isn't to accelerate platform selection. It's to accelerate the foundational work that makes platform selection meaningful.
The GS1 Sunrise 2027 milestone — the point at which 2D barcodes become the primary point-of-sale scan standard — is the infrastructure deadline running in parallel with ESPR compliance. Your packaging, identifier, and resolver readiness needs to serve both. That alignment is worth building into your programme plan now, not retroactively.
BrandedMark is the product operating system for physical goods — including GS1 Digital Link identifiers, EU DPP compliance, and a consumer experience layer built into the same platform. When you're ready to implement, see how it works.
Frequently Asked Questions
How often should I re-run this assessment?
Run an initial assessment now to establish your baseline. Re-assess every 6 months if you're actively working on DPP implementation — you'll see your score improve section by section as you close gaps. Once you reach a score of 34+, re-assessment becomes less critical, but staying abreast of regulatory changes (new delegated acts, registry updates) means the assessment remains a useful quarterly reference.
If I score 0–16, how long will it take to reach 17+?
Most organisations in this band can improve to 17–25 within 3–4 months by focusing on the data audit (Section 1) and regulatory mapping (Section 4). These are foundational steps that unblock everything else. The identifier and supply chain sections typically take longer — 4–6 months — because they require external engagement.
Which sections matter most if I'm short on time?
If you must prioritise: Section 4 (Regulatory Alignment) and Section 1 (Product Data Foundation) first. Knowing which regulations apply to which products is prerequisite. Having structured data is the operational foundation. Sections 2 and 3 (identifiers and supply chain) will follow naturally once you understand scope and data requirements.
Should I use this assessment internally or hire consultants to run it?
The assessment is designed for honest self-evaluation by internal teams. Consultants will validate findings but shouldn't be the sole source of input — your teams know your data landscape better than anyone external. The most productive approach: have internal stakeholders (product, IT, supply chain, legal) complete the assessment independently, then align as a group and bring in external expertise for the gaps where internal knowledge is weakest.