Guidelines on ICT and security risk management

Status: Final and awaiting translation into the EU official languages

These draft Guidelines establish requirements for credit institutions, investment firms and payment service providers (PSPs) on the mitigation and management of their information and communication technology (ICT) risks and aim to ensure a consistent and robust approach across the Single market. Once into force, these Guidelines will replace those on security measures for operational and security risks (EBA GL/2017/17), which will then be repealed.

Links

Guidelines on security measures for operational and security risks under the PSD2

Summary of document history

Current version Ongoing versions

Final report on Guidelines amending Guidelines on ICT risk and security management

Status: Not yet applicable
Application date:
Compliance deadline:

Documents

Final report on amending Guidelines on ICT risk and security management

(240.17 KB - PDF)

Download

Press contacts

Franca Rosa Congiu

press@eba.europa.eu
+33 1 86 52 7052
Follow @EBA_News

Organisation and governance

Legal and policy framework

Careers

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre