Search
Consultation paper on Joint draft RTS on subcontracting ICT services supporting critical or important functions
Joint Regulatory Technical Standards on subcontracting ICT services supporting critical or important functions
Consultation on Joint draft Guidelines on estimation of aggregated annual costs and losses caused by major ICT-related incidents
Consultation on Joint draft RTS on the harmonisation of conditions enabling the conduct of the oversight activities Introductory note
Consultation on Joint draft guidelines on the oversight cooperation and information exchange between the ESAs and the competent authorities
Consultation on Joint draft RTS specifying elements related to threat led penetration tests
Consultation on Joint draft technical standards on major incident reporting
Joint Regulatory Technical Standards on the harmonisation of conditions enabling the conduct of the oversight activities
2023 09 29 ESAs letter to COM on DORA technical advice.pdf
ESAs response to European Commission's request for technical advice on designation criteria and fees for the DORA oversight framework
ESAs specify criticality criteria and oversight fees for critical ICT third-party providers under DORA in response to the European Commission’s call for advice
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today published their joint response to the European Commission’s Call for Advice on two EC delegated acts under the Digital Operational Resilience Act (DORA) specifying further criteria for critical ICT third-party service providers (CTPPs) and determining oversight fees levied on such providers.
ESA 2023 22 - ESAs report on the landscape of ICT TPPs.pdf
ESAs Report on the landscape of ICT third-party providers in the EU
ESAs publish Report on the landscape of ICT third-party providers in the EU
The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have today published an indicative overview of information and communication technology (ICT) third-party providers (TTP) as part of their preparations for the Digital Operational Resilience Act (DORA). The analysis aims to map the provision of ICT services by TPPs to financial entities in the European Union and to support the ESAs’ policy making process in light of the European Commission’s call for advice to further specify the criteria for critical ICT TPPs and to determine oversight fees.
ESAs Joint Committee Technical standards under the Digital Operational Resilience Act (DORA)
ESAs consult on the first batch of DORA policy products
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) launched today a public consultation on the first batch of policy products under the Digital Operational Resilience Act (DORA). This includes four draft regulatory technical standards (RTS) and one set of draft implementing technical standards (ITS). These technical standards aim to ensure a consistent and harmonised legal framework in the areas of ICT risk management, major ICT-related incident reporting and ICT third-party risk management. The consultation runs until 11 September 2023.
Discussion paper on two delegated acts specifying further criteria for critical ICT third-party service providers (CTPPs) and determining oversight fees levied on such providers
ESAs launch discussion on criteria for critical ICT third-party service providers and oversight fees
The European Supervisory Authorities (EBA, EIOPA and ESMA - ESAs) today published a joint Discussion Paper seeking stakeholders’ input on aspects of the Digital Operational Resilience Act (DORA). This Discussion Paper follows the European Commission’s request for technical advice on the criteria for critical ICT third-party providers (CTPPs) and the oversight fees to be levied on them. Interested stakeholders are invited to provide their input by 23 June 2023.
ESAs Discussion Paper CfA DORA_criticality criteria and OVS fees.pdf
Joint ESAs Discussion paper on DORA - criteria for critical ICT third-party service providers (CTPPs) and oversight fees