Ensure that the activation of backup systems will not jeopardize the security of ICT systems or the availability, authenticity, integrity or confidentiality of data. For example through the execution of periodic restore tests based on the backup, restoration, and recovery procedures. 

Ensure that when restoring backup data using self-managed systems, that systems are used that are both physically and logically segregated from the source system to ensure protection. Furthermore, the backup systems shall be securely protected from any unauthorized access or IT corruption and allow for timely restoration. Institutions must validate that the highest level of data integrity is maintained when restoring backups.

Additionally for central counterparties: the recovery plans shall enable the recovery of all transactions at the time of disruption to allow the central counterparty to continue to operate with certainty and to complete settlement on the scheduled date.

Additionally for data reporting service providers*: the providers shall additionally maintain adequate resources and have back-up and restoration facilities in place in order to offer and maintain their services at all times.

*For definition of DRSP see: https://www.esma.europa.eu/esmas-activities/markets-and-infrastructure/data-reporting-services-providers