European Union: Joint regulatory and implementing technical standards on major incident reporting

Progress

Current status

processing consultation

04 Mar 2024 processing consultation

08 Dec 2023 in consultation

Scope

Implementers

Austria

Belgium

Bulgaria

Croatia

Cyprus

Czechia

Denmark

Estonia

Finland

France

Germany

Greece

Hungary

Ireland

Italy

Latvia

Lithuania

Luxembourg

Malta

Netherlands

Poland

Portugal

Romania

Slovakia

Slovenia

Spain

Sweden

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

digital payment provider (incl. cryptocurrencies)

DLT development

infrastructure provider: cloud computing, storage and databases

Government Branch

executive

Government Body

other regulatory body

Implementation Level

supranational

Timeline of events

04 Mar 2024

processing consultation

Closed consultation on Joint regulatory and implementing technical standards on major incident reporting

On 4 March 2024, the three European Supervisory Authorities (EBA, EIOPA and ESMA) closed their consultation on a draft joint technical standard on reporting major ICT-related incidents and notifying significant cyber threats under DORA. The standard…

Source

Event type order

Action type consultation closed

Government branch executive

Government body other regulatory body

08 Dec 2023

in consultation

Opened consultation on Joint regulatory and implementing technical standards on major incident reporting

On 8 December 2023, the three European Supervisory Authorities (EBA, EIOPA and ESMA) published and opened a consultation until 4 March 2024 on a draft joint technical standard on reporting major ICT-related incidents and notifying significant cyber …

Source

Event type order

Action type consultation opened

Government branch executive

Government body other regulatory body

Progress

Scope

Timeline of events

Closed consultation on Joint regulatory and implementing technical standards on major incident reporting

Opened consultation on Joint regulatory and implementing technical standards on major incident reporting

Related changes

European Union: Local operation requirement in Regulation on digital operational resilience for the financial sector (DORA)

European Union: Cybersecurity measures in Regulation on digital operational resilience for the financial sector (DORA)

European Union: Regulatory Technical Standards on the elements which a financial entity needs to determine and assess when subcontracting ICT services supporting critical or important functions

European Union: Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents

European Union: Regulatory Technical Standard on the harmonisation of conditions enabling the conduct of the oversight activities

European Union: Guidelines on the oversight cooperation and information exchange between the European Supervisory Authorities and the competent authorities

European Union: Regulatory Technical Standard specifying elements related to threat led penetration tests

European Union: Implementing Technical Standards to establish the template register of information for all contractual arrangements on the use of ICT services provided by third-party providers under DORA

European Union: Regulatory Technical Standards on specifying certain criteria and fees relating to critical ICT third-party service providers under DORA

European Union: Regulatory Technical Standards on specifying the criteria for the classification of ICT related incidents, materiality thresholds for major incidents and significant cyber threats under DORA

European Union: Regulatory Technical Standards to further harmonise ICT risk management tools, methods, processes and policies as mandated under DORA