The research presented within this paper was conducted as part of a 2-year project (Project MARC) to develop and render operational a mechanism to assess the risk of theft of electronic products. Clarke and Newman (Secured goods by design - a plan for security coding of electronic products. London: Department of Trade and Industry, 2002) proposed the use of two checklists-one to measure vulnerability, the other to measure security-as a means of categorising products according to their vulnerability to theft. Consultation with key stakeholders yielded the common view that such a mechanism was worth pursuing, but that it must reflect the language of those who would use it. An extensive consultation with stakeholders from ten European member states ensued. Participants were asked to rate a range of electronic products in terms of vulnerability and security, and to explain their ratings. Their responses were used to develop two checklists that incorporate a variety of factors, weighted according to the frequency with which they were expressed. The crime vulnerability checklist developed within this paper is judged fit-for-purpose as a provisional measurement but we urge caution in relation to the security checklist.