Search
9 results
Regulatory Technical Standards on the policy on ICT services supporting critical or important functions provided by ICT third-party service providers
Regulatory Technical Standards on criteria for the classification of ICT-related incidents
Draft RTS on ICT Risk Management Framework and on simplified ICT Risk Management Framework
EBA, EIOPA, and ESMA finalize draft Regulatory Technical Standards under DORA to harmonize ICT risk management tools, processes, and policies, including a simplified framework for certain financial entities, addressing proportionality, encryption, access control, and third-party ICT services.
Draft RTS to specify the policy on ICT services supporting critical or important functions
EBA, EIOPA, and ESMA finalize draft Regulatory Technical Standards under DORA to define requirements for financial entities' ICT third-party risk policies, including contractual arrangements, risk assessments, and business continuity for critical or important functions.
Draft RTS on classification of major incidents and significant cyber threats
EBA, EIOPA, and ESMA finalize draft Regulatory Technical Standards under DORA, defining criteria for classifying ICT-related incidents, materiality thresholds for major incidents, and significant cyber threats, with proportionality adjustments following public consultation.
Draft ITS on Register of Information
European Supervisory Authorities finalize draft Implementing Technical Standards for standardized templates under DORA, defining the register of ICT third-party service provider contractual arrangements to enhance digital operational resilience in the EU financial sector.
Regulatory Technical Standards on ICT risk management framework and on simplified ICT risk management framework
ESAs publish first set of rules under DORA for ICT and third-party risk management and incident classification
The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) published today the first set of final draft technical standards under the Digital Operational Resilience Act (DORA) aimed at enhancing the digital operational resilience of the EU financial sector by strengthening financial entities’ Information and Communication Technology (ICT) and third-party risk management and incident reporting frameworks.