Guidelines on ICT Risk Assessment under SREP (EBA-GL-2017-05)_EN.pdf
EBA guidelines outlining ICT risk assessment criteria for competent authorities under the Supervisory Review and Evaluation Process (SREP), ensuring consistent supervisory practices for institutions' ICT governance, risk exposures, and controls as part of EU banking supervision.