Regulatory Alerts2024-06-27
DORA Update 4: Managing, Classifying, and Reporting ICT-Related Incidents
The Dutch Authority for the Financial Markets (AFM) issued this fourth update to guide financial entities on implementing Digital Operational Resilience Act (DORA) requirements for ICT incident management before the January 17, 2025 deadline. The document details mandatory procedures for detecting, classifying, and reporting major ICT incidents and significant cyber threats, including strict timelines for initial, interim, and final notifications to regulators. It further outlines the specific criteria for impact assessment and introduces the upcoming AFM Portal as the designated online environment for submitting these regulatory reports.
Share