DORA
DORA
RTS ICT Risk Management
Issues
| Summary |
Source |
|
+ RTS ICT Risk Management
|
|
|
---+ RTS ICT Risk Management T. I GENERAL PRINCIPLE
|
|
|
------+ RTS ICT Risk Management T. I Art. 1 Overall risk profile and complexity
|
|
|
---+ RTS ICT Risk Management T. II FURTHER HARMONISATION OF ICT RISK MANAGEMENT TOOLS, METHODS, PROCESSES, AND POLICIES IN ACCORDANCE WITH ARTICLE 15 OF REGULATION (EU) 2022/2554
|
|
|
------+ RTS ICT Risk Management T. II Ch. I ICT Security policies, procedures, protocols, and tools
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 1 Art. 2 General elements of ICT security policies, procedures, protocols, and tools
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 1 Art. 2 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 1 Art. 2 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 2 Art. 3 ICT risk management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 2 Art. 3 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 2 Art. 3 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 3 ICT asset management
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 4 ICT asset management policy
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 4 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 4 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 5 ICT asset management procedure
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 5 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 3 Art. 5 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Encryption and cryptography
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 Encryption and cryptographic controls
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 , 2
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 ,3 ,
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 , 4
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 6 , 5
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 Cryptographic key management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 , 2
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 , 3
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 , 4
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 4 Art. 7 , 5
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 5 ICT operations security
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 8 Policies and procedures for ICT operations
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 8 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 8 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 9 Capacity and performance management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 9 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 9 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 10 Vulnerability and patch management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 10 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 10 , 2
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 10 , 3
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 10 , 4
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 11 Data and system security
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 11 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 11 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 12 Logging
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 12 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 5 Art. 12 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Network security
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Art. 13 Network security management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Art. 13 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Art. 14 Securing information in transit
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Art. 14 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 6 Art. 14 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 7 ICT project and change management
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 ICT project management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 , 2
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 , 3
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 , 4
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 15 , 5
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 ICT systems acquisition, development, and maintenance
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 2
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 3
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 4
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 5
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 6
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 7
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 8
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 16 , 9
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 17 ICT change management
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 17 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 7 Art. 17 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. I Sec. 8
|
|
|
------------+ RTS ICT Risk Management T. II Ch. I Sec. 8 Art. 18 Physical and environmental security
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 8 Art. 18 , 1
|
|
|
---------------+ RTS ICT Risk Management T. II Ch. I Sec. 8 Art. 18 , 2
|
|
|
------+ RTS ICT Risk Management T. II Ch. II Human resources policy and access control
|
|
|
---------+ RTS ICT Risk Management T. II Ch. II Art. 19 Human resources policy
|
|
|
------------+ RTS ICT Risk Management T. II Ch. II Art. 19 , 1
|
|
|
---------+ RTS ICT Risk Management T. II Ch. II Art. 20 Identity management
|
|
|
------------+ RTS ICT Risk Management T. II Ch. II Art. 20 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. II Art. 20 , 2
|
|
|
---------+ RTS ICT Risk Management T. II Ch. II Art. 21 Access control
|
|
|
------------+ RTS ICT Risk Management T. II Ch. II Art. 21 , 1
|
|
|
------+ RTS ICT Risk Management T. II Ch. III ICT-related incident detection and response
|
|
|
---------+ RTS ICT Risk Management T. II Ch. III Art. 22 ICT-related incident management policy
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 22 , 1
|
|
|
---------+ RTS ICT Risk Management T. II Ch. III Art. 23 Anomalous activities detection and criteria for ICT-related incidents detection and response
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 3
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 4
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 5
|
|
|
------------+ RTS ICT Risk Management T. II Ch. III Art. 23 , 6
|
|
|
------+ RTS ICT Risk Management T. II Ch. IV ICT business continuity management
|
|
|
---------+ RTS ICT Risk Management T. II Ch. IV Art. 24 Components of the ICT business continuity policy
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 24 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 24 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 24 , 3
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 24 , 4
|
|
|
---------+ RTS ICT Risk Management T. II Ch. IV Art. 25 Testing of the ICT business continuity plans
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 25 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 25 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 25 , 3
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 25 , 4
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 25 , 5
|
|
|
---------+ RTS ICT Risk Management T. II Ch. IV Art. 26 ICT response and recovery plans
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 26 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 26 , 2
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 26 , 3
|
|
|
------------+ RTS ICT Risk Management T. II Ch. IV Art. 26 , 4
|
|
|
------+ RTS ICT Risk Management T. II Ch. V Report on the ICT risk management framework review
|
|
|
---------+ RTS ICT Risk Management T. II Ch. V Art. 27 Format and content of the report on the review of the ICT risk management framework
|
|
|
------------+ RTS ICT Risk Management T. II Ch. V Art. 27 , 1
|
|
|
------------+ RTS ICT Risk Management T. II Ch. V Art. 27 , 2
|
|
|
---+ RTS ICT Risk Management T. III SIMPLIFIED ICT RISK MANAGEMENT FRAMEWORK FOR FINANCIAL ENTITIES REFERRED TO IN ARTICLE 16(1) OF REGULATION (EU) 2022/2554
|
|
|
------+ RTS ICT Risk Management T. III Ch. I
|
|
|
---------+ RTS ICT Risk Management T. III Ch. I Art. 28 Governance and organisation
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 2
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 3
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 4
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 5
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 28 , 6
|
|
|
---------+ RTS ICT Risk Management T. III Ch. I Art. 29 Information security policy and measures
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 29 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 29 , 2
|
|
|
---------+ RTS ICT Risk Management T. III Ch. I Art. 30 Classification of information assets and ICT assets
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 30 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 30 , 2
|
|
|
---------+ RTS ICT Risk Management T. III Ch. I Art. 31 ICT risk management
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 31 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 31 , 2
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 31 , 3
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 31 , 4
|
|
|
---------+ RTS ICT Risk Management T. III Ch. I Art. 32 Physical and environmental security
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 32 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 32 , 2
|
|
|
------------+ RTS ICT Risk Management T. III Ch. I Art. 32 , 3
|
|
|
------+ RTS ICT Risk Management T. III Ch. II
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 33 Access Control
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 33 , 1
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 34 ICT operations security
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 34 , 1
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 35 Data, system and network security
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 35 , 1
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 36 ICT security testing
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 36 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 36 , 2
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 36 , 3
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 37 ICT systems acquisition, development, and maintenance
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 37 , 1
|
|
|
---------+ RTS ICT Risk Management T. III Ch. II Art. 38 ICT project and change management
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 38 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. II Art. 38 , 2
|
|
|
------+ RTS ICT Risk Management T. III Ch. III
|
|
|
---------+ RTS ICT Risk Management T. III Ch. III Art. 39 Components of the ICT business continuity plan
|
|
|
------------+ RTS ICT Risk Management T. III Ch. III Art. 39 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. III Art. 39 , 2
|
|
|
---------+ RTS ICT Risk Management T. III Ch. III Art. 40 Testing of business continuity plans
|
|
|
------------+ RTS ICT Risk Management T. III Ch. III Art. 40 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. III Art. 40 , 2
|
|
|
------------+ RTS ICT Risk Management T. III Ch. III Art. 40 , 3
|
|
|
------+ RTS ICT Risk Management T. III Ch. IV
|
|
|
---------+ RTS ICT Risk Management T. III Ch. IV Art. 41 Format and content of the report on the review of the simplified ICT risk management framework
|
|
|
------------+ RTS ICT Risk Management T. III Ch. IV Art. 41 , 1
|
|
|
------------+ RTS ICT Risk Management T. III Ch. IV Art. 41 , 2
|
|
|
---+ RTS ICT Risk Management T. IV FINAL PROVISIONS
|
|
|
------+ RTS ICT Risk Management T. IV Art. 42
|
|
REGULATION (EU) 2022/2554 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
Issues
| Summary |
Source |
|
+ REGULATION (EU) 2022/2554 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
|
|
|
---+ DORA Ch. I General provisions
|
|
|
------+ DORA Ch. I Art. 1 Subject matter
|
|
|
---------+ DORA Ch. I Art. 1 1.
|
|
|
---------+ DORA Ch. I Art. 1 2.
|
|
|
---------+ DORA Ch. I Art. 1 3.
|
|
|
------+ DORA Ch. I Art. 2 Scope
|
|
|
---------+ DORA Ch. I Art. 2 1.
|
|
|
---------+ DORA Ch. I Art. 2 2.
|
|
|
---------+ DORA Ch. I Art. 2 3.
|
|
|
---------+ DORA Ch. I Art. 2 4.
|
|
|
------+ DORA Ch. I Art. 3 Definitions
|
|
|
---------+ DORA Ch. I Art. 3 1. digital operational resilience
|
|
|
---------+ DORA Ch. I Art. 3 2.
|
|
|
---------+ DORA Ch. I Art. 3 3.
|
|
|
---------+ DORA Ch. I Art. 3 4.
|
|
|
---------+ DORA Ch. I Art. 3 5.
|
|
|
---------+ DORA Ch. I Art. 3 6.
|
|
|
---------+ DORA Ch. I Art. 3 7.
|
|
|
---------+ DORA Ch. I Art. 3 8.
|
|
|
---------+ DORA Ch. I Art. 3 9. operational or security payment-related incident
|
|
|
---------+ DORA Ch. I Art. 3 10. major ICT-related incident
|
|
|
---------+ DORA Ch. I Art. 3 11. major operational or security payment-related incident
|
|
|
---------+ DORA Ch. I Art. 3 12.
|
|
|
---------+ DORA Ch. I Art. 3 13.
|
|
|
---------+ DORA Ch. I Art. 3 14. cyber-attack
|
|
|
---------+ DORA Ch. I Art. 3 15. threat intelligence
|
|
|
---------+ DORA Ch. I Art. 3 16.
|
|
|
---------+ DORA Ch. I Art. 3 17. threat-led penetration testing (TLPT)
|
|
|
---------+ DORA Ch. I Art. 3 18. ICT third-party risk
|
|
|
---------+ DORA Ch. I Art. 3 19.
|
|
|
---------+ DORA Ch. I Art. 3 20.
|
|
|
---------+ DORA Ch. I Art. 3 21.
|
|
|
---------+ DORA Ch. I Art. 3 22. critical or important function
|
|
|
---------+ DORA Ch. I Art. 3 23. critical ICT third-party service provider
|
|
|
---------+ DORA Ch. I Art. 3 24. ICT third-party service provider established in a third country
|
|
|
---------+ DORA Ch. I Art. 3 25.
|
|
|
---------+ DORA Ch. I Art. 3 26.
|
|
|
---------+ DORA Ch. I Art. 3 27.
|
|
|
---------+ DORA Ch. I Art. 3 28. ICT subcontractor established in a third country
|
|
|
---------+ DORA Ch. I Art. 3 29.
|
|
|
---------+ DORA Ch. I Art. 3 30.
|
|
|
---------+ DORA Ch. I Art. 3 31.
|
|
|
---------+ DORA Ch. I Art. 3 32.
|
|
|
---------+ DORA Ch. I Art. 3 33.
|
|
|
---------+ DORA Ch. I Art. 3 34.
|
|
|
---------+ DORA Ch. I Art. 3 35.
|
|
|
---------+ DORA Ch. I Art. 3 36.
|
|
|
---------+ DORA Ch. I Art. 3 37.
|
|
|
---------+ DORA Ch. I Art. 3 38.
|
|
|
---------+ DORA Ch. I Art. 3 39.
|
|
|
---------+ DORA Ch. I Art. 3 40.
|
|
|
---------+ DORA Ch. I Art. 3 41.
|
|
|
---------+ DORA Ch. I Art. 3 42.
|
|
|
---------+ DORA Ch. I Art. 3 43.
|
|
|
---------+ DORA Ch. I Art. 3 44.
|
|
|
---------+ DORA Ch. I Art. 3 45.
|
|
|
---------+ DORA Ch. I Art. 3 46.
|
|
|
---------+ DORA Ch. I Art. 3 47.
|
|
|
---------+ DORA Ch. I Art. 3 48.
|
|
|
---------+ DORA Ch. I Art. 3 49.
|
|
|
---------+ DORA Ch. I Art. 3 50.
|
|
|
---------+ DORA Ch. I Art. 3 51.
|
|
|
---------+ DORA Ch. I Art. 3 52.
|
|
|
---------+ DORA Ch. I Art. 3 53.
|
|
|
---------+ DORA Ch. I Art. 3 54.
|
|
|
---------+ DORA Ch. I Art. 3 55. crypto-asset service provider
|
|
|
---------+ DORA Ch. I Art. 3 56. issuer of asset-referenced tokens
|
|
|
---------+ DORA Ch. I Art. 3 57.
|
|
|
---------+ DORA Ch. I Art. 3 58.
|
|
|
---------+ DORA Ch. I Art. 3 59.
|
|
|
---------+ DORA Ch. I Art. 3 60.
|
|
|
---------+ DORA Ch. I Art. 3 61.
|
|
|
---------+ DORA Ch. I Art. 3 62.
|
|
|
---------+ DORA Ch. I Art. 3 63.
|
|
|
---------+ DORA Ch. I Art. 3 64.
|
|
|
---------+ DORA Ch. I Art. 3 65.
|
|
|
------+ DORA Ch. I Art. 4 Proportionality principle
|
|
|
---------+ DORA Ch. I Art. 4 1.
|
|
|
---------+ DORA Ch. I Art. 4 2.
|
|
|
---------+ DORA Ch. I Art. 4 3.
|
|
|
------+ DORA Ch. II ICT risk management
|
|
|
---------+ DORA Ch. II Sec. I Art. 5 Governance and organisation
|
|
|
------------+ DORA Ch. II Sec. I Art. 5 1.
|
|
|
------------+ DORA Ch. II Sec. I Art. 5 2.
|
|
|
------------+ DORA Ch. II Sec. I Art. 5 3.
|
|
|
------------+ DORA Ch. II Sec. I Art. 5 4.
|
|
|
---------+ DORA Ch. II Sec. II Art. 6 ICT risk management framework
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 4.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 5.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 6.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 7.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 8.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 9.
|
|
|
------------+ DORA Ch. II Sec. II Art. 6 10.
|
|
|
---------+ DORA Ch. II Sec. II Art. 7 ICT systems, protocols and tools
|
|
|
---------+ DORA Ch. II Sec. II Art. 8 Identification
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 4.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 5.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 6.
|
|
|
------------+ DORA Ch. II Sec. II Art. 8 7.
|
|
|
---------+ DORA Ch. II Sec. II Art. 9 Protection and prevention
|
|
|
------------+ DORA Ch. II Sec. II Art. 9 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 9 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 9 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 9 4.
|
|
|
---------+ DORA Ch. II Sec. II Art. 10 Detection
|
|
|
------------+ DORA Ch. II Sec. II Art. 10 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 10 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 10 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 10 4.
|
|
|
---------+ DORA Ch. II Sec. II Art. 11 Response and recovery
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 4.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 5.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 6.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 7.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 8.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 9.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 10.
|
|
|
------------+ DORA Ch. II Sec. II Art. 11 11.
|
|
|
---------+ DORA Ch. II Sec. II Art. 12 Backup policies and procedures, restoration and recovery procedures and methods
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 4.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 5.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 6.
|
|
|
------------+ DORA Ch. II Sec. II Art. 12 7.
|
|
|
---------+ DORA Ch. II Sec. II Art. 13 Learning and evolving
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 3.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 4.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 5.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 6.
|
|
|
------------+ DORA Ch. II Sec. II Art. 13 7.
|
|
|
---------+ DORA Ch. II Sec. II Art. 14 Communication
|
|
|
------------+ DORA Ch. II Sec. II Art. 14 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 14 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 14 3.
|
|
|
---------+ DORA Ch. II Sec. II Art. 15 Further harmonisation of ICT risk management tools, methods, processes and policies
|
|
|
---------+ DORA Ch. II Sec. II Art. 16 Simplified ICT risk management framework
|
|
|
------------+ DORA Ch. II Sec. II Art. 16 1.
|
|
|
------------+ DORA Ch. II Sec. II Art. 16 2.
|
|
|
------------+ DORA Ch. II Sec. II Art. 16 3.
|
|
|
---------+ DORA Ch. III ICT-related incident management, classification and reporting
|
|
|
------------+ DORA Ch. III Art. 17 ICT-related incident management process
|
|
|
---------------+ DORA Ch. III Art. 17 1.
|
|
|
---------------+ DORA Ch. III Art. 17 2.
|
|
|
---------------+ DORA Ch. III Art. 17 3.
|
|
|
------------+ DORA Ch. III Art. 18 Classification of ICT-related incidents and cyber threats
|
|
|
---------------+ DORA Ch. III Art. 18 1.
|
|
|
---------------+ DORA Ch. III Art. 18 2.
|
|
|
---------------+ DORA Ch. III Art. 18 3.
|
|
|
---------------+ DORA Ch. III Art. 18 4.
|
|
|
------------+ DORA Ch. III Art. 19 Reporting of major ICT-related incidents and voluntary notification of significant cyber threats
|
|
|
---------------+ DORA Ch. III Art. 19 1.
|
|
|
---------------+ DORA Ch. III Art. 19 2.
|
|
|
---------------+ DORA Ch. III Art. 19 3.
|
|
|
---------------+ DORA Ch. III Art. 19 4.
|
|
|
---------------+ DORA Ch. III Art. 19 5.
|
|
|
---------------+ DORA Ch. III Art. 19 6.
|
|
|
---------------+ DORA Ch. III Art. 19 7.
|
|
|
---------------+ DORA Ch. III Art. 19 8.
|
|
|
------------+ DORA Ch. III Art. 20 Harmonisation of reporting content and templates
|
|
|
------------+ DORA Ch. III Art. 21 Centralisation of reporting of major ICT-related incidents
|
|
|
---------------+ DORA Ch. III Art. 21 1.
|
|
|
---------------+ DORA Ch. III Art. 21 2.
|
|
|
---------------+ DORA Ch. III Art. 21 3.
|
|
|
------------+ DORA Ch. III Art. 22 Supervisory feedback
|
|
|
---------------+ DORA Ch. III Art. 22 1.
|
|
|
---------------+ DORA Ch. III Art. 22 2.
|
|
|
------------+ DORA Ch. III Art. 23 Operational or security payment-related incidents concerning credit institutions, payment institutions, account information service providers, and electronic money institutions
|
|
|
---+ DORA Ch. IV Digital operational resilience testing
|
|
|
------+ DORA Ch. IV Art. 24 General requirements for the performance of digital operational resilience testing
|
|
|
---------+ DORA Ch. IV Art. 24 1.
|
|
|
---------+ DORA Ch. IV Art. 24 2.
|
|
|
---------+ DORA Ch. IV Art. 24 3.
|
|
|
---------+ DORA Ch. IV Art. 24 4.
|
|
|
---------+ DORA Ch. IV Art. 24 5.
|
|
|
---------+ DORA Ch. IV Art. 24 6.
|
|
|
------+ DORA Ch. IV Art. 25 Testing of ICT tools and systems
|
|
|
---------+ DORA Ch. IV Art. 25 1.
|
|
|
---------+ DORA Ch. IV Art. 25 2.
|
|
|
---------+ DORA Ch. IV Art. 25 3.
|
|
|
------+ DORA Ch. IV Art. 26 Advanced testing of ICT tools, systems and processes based on TLPT
|
|
|
---------+ DORA Ch. IV Art. 26 1.
|
|
|
---------+ DORA Ch. IV Art. 26 2.
|
|
|
---------+ DORA Ch. IV Art. 26 3.
|
|
|
---------+ DORA Ch. IV Art. 26 4.
|
|
|
---------+ DORA Ch. IV Art. 26 5.
|
|
|
---------+ DORA Ch. IV Art. 26 6.
|
|
|
---------+ DORA Ch. IV Art. 26 7.
|
|
|
---------+ DORA Ch. IV Art. 26 8.
|
|
|
---------+ DORA Ch. IV Art. 26 9.
|
|
|
---------+ DORA Ch. IV Art. 26 10.
|
|
|
---------+ DORA Ch. IV Art. 26 11.
|
|
|
------+ DORA Ch. IV Art. 27 Requirements for testers for the carrying out of TLPT
|
|
|
---------+ DORA Ch. IV Art. 27 1.
|
|
|
---------+ DORA Ch. IV Art. 27 2.
|
|
|
---------+ DORA Ch. IV Art. 27 3.
|
|
|
---+ DORA Ch. V Managing of ICT third-party risk
|
|
|
------+ DORA Ch. V Sec. I
|
|
|
---------+ DORA Ch. V Sec. I Art. 28 General principles
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 1.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 2.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 3.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 4.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 5.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 6.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 7.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 8.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 9.
|
|
|
------------+ DORA Ch. V Sec. I Art. 28 10.
|
|
|
---------+ DORA Ch. V Sec. I Art. 29 Preliminary assessment of ICT concentration risk at entity level
|
|
|
------------+ DORA Ch. V Sec. I Art. 29 1.
|
|
|
------------+ DORA Ch. V Sec. I Art. 29 2.
|
|
|
---------+ DORA Ch. V Sec. I Art. 30 Key contractual provisions
|
|
|
------------+ DORA Ch. V Sec. I Art. 30 1.
|
|
|
------------+ DORA Ch. V Sec. I Art. 30 2.
|
|
|
------------+ DORA Ch. V Sec. I Art. 30 3.
|
|
|
------------+ DORA Ch. V Sec. I Art. 30 4.
|
|
|
------------+ DORA Ch. V Sec. I Art. 30 5.
|
|
|
---------+ DORA Ch. V Sec. II Oversight Framework of critical ICT third-party service providers
|
|
|
------------+ DORA Ch. V Sec. II Art. 31 Designation of critical ICT third-party service providers
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 5.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 6.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 7.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 8.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 9.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 10.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 11.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 12.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 31 13.
|
|
|
------------+ DORA Ch. V Sec. II Art. 32 Structure of the Oversight Framework
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 5.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 6.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 7.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 8.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 32 9.
|
|
|
------------+ DORA Ch. V Sec. II Art. 33 Tasks of the Lead Overseer
|
|
|
---------------+ DORA Ch. V Sec. II Art. 33 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 33 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 33 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 33 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 33 5.
|
|
|
------------+ DORA Ch. V Sec. II Art. 34 Operational coordination between Lead Overseers
|
|
|
---------------+ DORA Ch. V Sec. II Art. 34 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 34 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 34 3.
|
|
|
------------+ DORA Ch. V Sec. II Art. 35 Powers of the Lead Overseer
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 5.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 6.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 7.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 8.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 9.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 10.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 35 11.
|
|
|
------------+ DORA Ch. V Sec. II Art. 36 Exercise of the powers of the Lead Overseer outside the Union
|
|
|
---------------+ DORA Ch. V Sec. II Art. 36 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 36 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 36 3.
|
|
|
------------+ DORA Ch. V Sec. II Art. 37 Request for information
|
|
|
---------------+ DORA Ch. V Sec. II Art. 37 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 37 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 37 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 37 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 37 5.
|
|
|
------------+ DORA Ch. V Sec. II Art. 38 General investigations
|
|
|
---------------+ DORA Ch. V Sec. II Art. 38 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 38 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 38 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 38 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 38 5.
|
|
|
------------+ DORA Ch. V Sec. II Art. 39 Inspections
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 5.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 6.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 39 7.
|
|
|
------------+ DORA Ch. V Sec. II Art. 40 Ongoing oversight
|
|
|
---------------+ DORA Ch. V Sec. II Art. 40 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 40 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 40 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 40 4.
|
|
|
------------+ DORA Ch. V Sec. II Art. 41 Harmonisation of conditions enabling the conduct of the oversight activities
|
|
|
---------------+ DORA Ch. V Sec. II Art. 41 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 41 2.
|
|
|
------------+ DORA Ch. V Sec. II Art. 42 Follow-up by competent authorities
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 2.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 3.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 4.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 5.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 6.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 7.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 8.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 9.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 10.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 42 11.
|
|
|
------------+ DORA Ch. V Sec. II Art. 43 Oversight fees
|
|
|
---------------+ DORA Ch. V Sec. II Art. 43 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 43 2.
|
|
|
------------+ DORA Ch. V Sec. II Art. 44 International cooperation
|
|
|
---------------+ DORA Ch. V Sec. II Art. 44 1.
|
|
|
---------------+ DORA Ch. V Sec. II Art. 44 2.
|
|
|
---+ DORA Ch. VI Information-sharing arrangements
|
|
|
------+ DORA Ch. VI Art. 45 Information-sharing arrangements on cyber threat information and intelligence
|
|
|
---------+ DORA Ch. VI Art. 45 1.
|
|
|
---------+ DORA Ch. VI Art. 45 2.
|
|
|
---------+ DORA Ch. VI Art. 45 3.
|
|
|
---+ DORA Ch. VII Competent authorities
|
|
|
------+ DORA Ch. VII Art. 46 Competent authorities
|
|
|
------+ DORA Ch. VII Art. 47 Cooperation with structures and authorities established by Directive (EU) 2022/2555
|
|
|
---------+ DORA Ch. VII Art. 47 1.
|
|
|
---------+ DORA Ch. VII Art. 47 2.
|
|
|
---------+ DORA Ch. VII Art. 47 3.
|
|
|
---------+ DORA Ch. VII Art. 47 4.
|
|
|
------+ DORA Ch. VII Art. 48 Cooperation between authorities
|
|
|
---------+ DORA Ch. VII Art. 48 1.
|
|
|
---------+ DORA Ch. VII Art. 48 2.
|
|
|
------+ DORA Ch. VII Art. 49 Financial cross-sector exercises, communication and cooperation
|
|
|
---------+ DORA Ch. VII Art. 49 1.
|
|
|
---------+ DORA Ch. VII Art. 49 2.
|
|
|
------+ DORA Ch. VII Art. 50 Administrative penalties and remedial measures
|
|
|
---------+ DORA Ch. VII Art. 50 1.
|
|
|
---------+ DORA Ch. VII Art. 50 2.
|
|
|
---------+ DORA Ch. VII Art. 50 3.
|
|
|
---------+ DORA Ch. VII Art. 50 4.
|
|
|
---------+ DORA Ch. VII Art. 50 5.
|
|
|
---------+ DORA Ch. VII Art. 50 6.
|
|
|
------+ DORA Ch. VII Art. 51 Exercise of the power to impose administrative penalties and remedial measures
|
|
|
---------+ DORA Ch. VII Art. 51 1.
|
|
|
---------+ DORA Ch. VII Art. 51 2.
|
|
|
------+ DORA Ch. VII Art. 52 Criminal penalties
|
|
|
---------+ DORA Ch. VII Art. 52 1.
|
|
|
---------+ DORA Ch. VII Art. 52 2.
|
|
|
------+ DORA Ch. VII Art. 53 Notification duties
|
|
|
------+ DORA Ch. VII Art. 54 Publication of administrative penalties
|
|
|
---------+ DORA Ch. VII Art. 54 1.
|
|
|
---------+ DORA Ch. VII Art. 54 2.
|
|
|
---------+ DORA Ch. VII Art. 54 3.
|
|
|
---------+ DORA Ch. VII Art. 54 4.
|
|
|
---------+ DORA Ch. VII Art. 54 5.
|
|
|
---------+ DORA Ch. VII Art. 54 6.
|
|
|
------+ DORA Ch. VII Art. 55 Professional secrecy
|
|
|
---------+ DORA Ch. VII Art. 55 1.
|
|
|
---------+ DORA Ch. VII Art. 55 2.
|
|
|
---------+ DORA Ch. VII Art. 55 3.
|
|
|
---------+ DORA Ch. VII Art. 55 4.
|
|
|
------+ DORA Ch. VII Art. 56 Data Protection
|
|
|
---------+ DORA Ch. VII Art. 56 1.
|
|
|
---------+ DORA Ch. VII Art. 56 2.
|
|
|
---+ DORA Ch. VIII Delegated acts
|
|
|
------+ DORA Ch. VIII Art. 57 Exercise of the delegation
|
|
|
---------+ DORA Ch. VIII Art. 57 1.
|
|
|
---------+ DORA Ch. VIII Art. 57 2.
|
|
|
---------+ DORA Ch. VIII Art. 57 3.
|
|
|
---------+ DORA Ch. VIII Art. 57 4.
|
|
|
---------+ DORA Ch. VIII Art. 57 5.
|
|
|
---------+ DORA Ch. VIII Art. 57 6.
|
|
|
---+ DORA Ch. IX Transitional and final provisions
|
|
|
------+ DORA Ch. IX Sec. I Art. 58 Review clause
|
|
|
---------+ DORA Ch. IX Sec. I Art. 58 1.
|
|
|
---------+ DORA Ch. IX Sec. I Art. 58 2.
|
|
|
---------+ DORA Ch. IX Sec. I Art. 58 3.
|
|
|
------+ DORA Ch. IX Sec. II Amendments
|
|
|
---------+ DORA Ch. IX Sec. II Art. 59 Amendments to Regulation (EC) No 1060/2009
|
|
|
---------+ DORA Ch. IX Sec. II Art. 60
|
|
|
---------+ DORA Ch. IX Sec. II Art. 61
|
|
|
---------+ DORA Ch. IX Sec. II Art. 62
|
|
|
---------+ DORA Ch. IX Sec. II Art. 63
|
|
|
---------+ DORA Ch. IX Sec. II Art. 64
|
|
Impressum