+RTS ICT Risk Management T. III Ch. II Art. 36 ICT security testing
---+RTS ICT Risk Management T. III Ch. II Art. 36 , 1
---+RTS ICT Risk Management T. III Ch. II Art. 36 , 2
---+RTS ICT Risk Management T. III Ch. II Art. 36 , 3
|
1. Overview
RTS ICT Risk Management T. III Ch. II Art. 36 ICT security testing
ICT security testing
| Summary |
Regulation |
|
RTS ICT Risk Management T. III Ch. II Art. 36 , 1
|
1. The financial entities referred to in Article 16(1) of Regulation (EU) 2022/2554 shall establish and implement an ICT security testing plan to validate the effectiveness of their ICT security measures developed in accordance with Articles 33, 34 and 35 and Articles 37 and 38 of this Regulation. Financial entities shall ensure that that plan considers threats and vulnerabilities identified as part of the simplified ICT risk management framework referred to in Article 31 of this Regulation.
|
|
RTS ICT Risk Management T. III Ch. II Art. 36 , 2
|
2. The financial entities referred to in paragraph 1 shall review, asses and test ICT security measures, taking into consideration the overall risk profile of the ICT assets of the financial entity.
|
|
RTS ICT Risk Management T. III Ch. II Art. 36 , 3
|
3. The financial entities referred to in paragraph 1 shall monitor and evaluate the results of the security tests and update their security measures accordingly without undue delay in the case of ICT systems supporting critical or important functions.
|
1.1 References
1.2 Identified Requirements
1.3 Related Standards
2. Identified Requirements
Requirements
| Source |
Requirement |
3. Related Standards
Standards
| Source |
Requirement |
|