ICT security and cyber risk monitoring

Objective of ICT security and cyber risk monitoring

What cyber threats should be taken into consideration when evaluating the ICT risks

DORA implementation and subjects

Necessity to introduce DORA

Summary of DORA Level 2 Regulation

Compliance with the new framework as of 17 January 2025 has to be ensured by the following categories of financial entities

Regulatory framework under DORA

Regulatory Technical Standards (RTS) and Implementing Technical Standards (ITS)

Incident reporting

Obligation to report major ICT-related incidents

File formats for incident and cyber threat reports

Overview of annual costs and losses caused by significant ICT-related incidents

Management of ICT third-party service providers

Third-party risk management (TPRM)

Summary of TPRM under DORA

Requirements for submitting Registers of Information (RoI) of ICT third-party service providers

Example of types of ICT third-party service providers

Guidance on ICT Documentation Requirements for Financial Market Participants Initiating Business Activities

Read more