+Suitability Criteria

1. Overview

Suitability Criteria

Ensure that the third-party service provider has the business reputation, sufficient abilities, expertise and adequate financial, human and technical resources, information security standards, appropriate organisational structure (including risk management and internal controls) and, if applicable, the required authorisation(s) or registration(s) to provide ICT services supporting the critical or important functions in a reliable and professional manner.

Summary	Standard

1.1 References

1.2 Identified Requirements

1.2 Related Regulation

2. Identified Requirements

Requirements
Source	Requirement

3. Related Regulations

Regulations
Source	Regulation

NOREA -
NOREA, de beroepsorganisatie van IT-auditors - DORA in Control Framework