European Union: Regulatory Technical Standards to further harmonise ICT risk management tools, methods, processes and policies as mandated under DORA

Implemented Regulation on digital operational resilience for the financial sector (DORA) including local operation requirement

Implemented Regulation on digital operational resilience for the financial sector (DORA) including cybersecurity measures

Closed consultation on Regulatory Technical Standards on the elements which a financial entity needs to determine and assess when subcontracting ICT services supporting critical or important functions

Closed consultation on Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents

Closed consultation on Regulatory Technical Standard on the harmonisation of conditions enabling the conduct of the oversight activities

Closed consultation on Joint regulatory and implementing technical standards on major incident reporting

Closed consultation on Joint draft guidelines on the oversight cooperation and information exchange between the European Supervisory Authorities and the competent authorities

Closed consultation on specifying elements related to threat led penetration tests

Drafted Implementing Technical Standards to establish the template register of information for all contractual arrangements on the use of ICT services provided by third-party providers under DORA

Drafted Regulatory Technical Standards on the contractual arrangements on the use of ICT services supporting critical or important functions provided by ICT third-party service providers

Drafted Regulatory Technical Standard on the criteria for classification of ICT related incidents, materiality thresholds for major incidents/significant cyber threats under DORA