Regulatory Technical Standards on ICT risk management framework and on simplified ICT risk management framework

Status: Final draft RTS/ITS adopted by the EBA and submitted to the European Commission

The Regulatory Technical Standards on ICT risk management framework identify further elements related to ICT risk management with a view to harmonise tools, methods, processes and policies. These elements are complementary to those identified in DORA. The RTS identify the key elements that financial entities subject to the simplified regime and of lower scale, risk, size and complexity would need to have in place, setting out a simplified ICT risk management framework. The RTS ensure the ICT risk management requirements are harmonised among the different financial sectors.

Summary of document history

Previous versions Current version Ongoing versions

Draft Regulatory Technical Standards on ICT risk management framework and on simplified ICT risk management framework

Status: Not yet applicable
Application date:
Compliance deadline:

Documents

Draft RTS on ICT Risk Management Framework and on simplified ICT Risk Management Framework

(1.74 MB - PDF)

Download

Press contacts

Franca Rosa Congiu

Organisation and governance

Legal and policy framework

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre