Regulatory Alerts2024-01-17
Final report on draft RTS on ICT Risk Management Framework and on simplified ICT Risk Management Framework
The European Supervisory Authorities issued final draft Regulatory Technical Standards to harmonize ICT risk management tools and processes for financial entities under the Digital Operational Resilience Act. The standards introduce a risk-based and proportional approach, removing specific governance awareness requirements while clarifying rules for network security, encryption, and business continuity. These technical standards are submitted to the European Commission for adoption and are expected to apply from 17 January 2025.
Share