+RTS ICT Third-Party Service Providers Art. 6, 3
|
1. Overview
RTS ICT Third-Party Service Providers Art. 6, 3
3. The policy shall determine the due diligence process for selecting and assessing the prospective ICT third-party service providers and shall indicate which of the following elements are to be used for the required level of assurance on the ICT third-party service provider’s performance:
- (a) audits or independent assessments performed by the financial entity itself or on its behalf;
- (b) the use of independent audit reports made on request by the ICT third-party service provider;
- (c) the use of audit reports made by the internal audit function of the ICT third-party service provider;
- (d) the use of appropriate third-party certifications;
- (e) the use of other relevant information available to the financial entity or other information provided by the ICT third-party service provider.
1.1 References
1.2 Identified Requirements
1.3 Related Standards
2. Identified Requirements
Requirements
| Source |
Requirement |
3. Related Standards
Standards
| Source |
Requirement |
|