Search
94 results
Joint Guidelines on estimation of aggregated annual costs and losses caused by major ICT-related incidents
Joint Technical Standards on major incident reporting
Consultation paper on Joint draft RTS specifying elements related to threat led penetration tests
European Supervisory Authorities (ESAs) consult on draft Regulatory Technical Standards outlining requirements for threat-led penetration tests under DORA, covering methodology, scope, and reporting to strengthen financial sector cyber resilience by March 2024.
Consultation paper on Joint draft guidelines on the oversight cooperation and information exchange between the ESAs and the competent authorities
European Supervisory Authorities (ESAs) consult on draft joint guidelines for oversight cooperation and information exchange with competent authorities under Regulation (EU) 2022/2554, aiming to strengthen supervisory coordination and transparency by March 2024.
Consultation paper on Joint draft technical standards on major incident reporting
EBA consultation on draft technical standards under DORA for reporting major incidents and significant cyber threats, defining content, formats, timelines, and procedures for financial entities.
Consultation on Joint draft RTS on the harmonisation of conditions enabling the conduct of the oversight activities
EBA and ESAs consult on draft regulatory technical standards to harmonise conditions for oversight activities under Regulation (EU) 2022/2554, covering requirements for effective supervision and stakeholder feedback until March 2024.
Consultation paper on Joint draft Guidelines on estimation of aggregated annual costs and losses caused by major ICT-related incidents
EBA, EIOPA, and ESMA consult on joint guidelines under DORA for financial entities to estimate and report aggregated annual costs and losses from major ICT-related incidents, ensuring harmonisation, proportionality, and consistency with incident classification and reporting standards.
Consultation paper on Joint draft RTS on subcontracting ICT services supporting critical or important functions
European Supervisory Authorities consult on draft regulatory technical standards outlining requirements for financial entities assessing ICT subcontracting of critical or important functions under DORA (Regulation (EU) 2022/2554).
Consultation on Joint draft Guidelines on estimation of aggregated annual costs and losses caused by major ICT-related incidents
Consultation on Joint draft RTS on the harmonisation of conditions enabling the conduct of the oversight activities Introductory note
Consultation on Joint draft guidelines on the oversight cooperation and information exchange between the ESAs and the competent authorities
Consultation on Joint draft RTS specifying elements related to threat led penetration tests
Consultation on Joint draft technical standards on major incident reporting
Joint Regulatory Technical Standards on subcontracting ICT services supporting critical or important functions
Joint Regulatory Technical Standards on the harmonisation of conditions enabling the conduct of the oversight activities
2023 09 29 ESAs letter to COM on DORA technical advice.pdf
ESAs response to European Commission's request for technical advice on designation criteria and fees for the DORA oversight framework
ESAs specify criticality criteria and oversight fees for critical ICT third-party providers under DORA in response to the European Commission’s call for advice
The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today published their joint response to the European Commission’s Call for Advice on two EC delegated acts under the Digital Operational Resilience Act (DORA) specifying further criteria for critical ICT third-party service providers (CTPPs) and determining oversight fees levied on such providers.
ESA 2023 22 - ESAs report on the landscape of ICT TPPs.pdf
ESAs Report on the landscape of ICT third-party providers in the EU
ESAs publish Report on the landscape of ICT third-party providers in the EU
The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) have today published an indicative overview of information and communication technology (ICT) third-party providers (TTP) as part of their preparations for the Digital Operational Resilience Act (DORA). The analysis aims to map the provision of ICT services by TPPs to financial entities in the European Union and to support the ESAs’ policy making process in light of the European Commission’s call for advice to further specify the criteria for critical ICT TPPs and to determine oversight fees.