2024-12-18

Notice describing the ICT risk management framework under EU Regulation 2022/2554 (DORA)

The ACPR issues this notice to define the ICT risk management framework for insurance, reinsurance, and supplementary pension entities under the EU DORA regulation. It mandates specific governance, security, and operational policies, while distinguishing requirements between large entities and small supplementary pension organizations. The document also details reporting obligations for the Regular Supervisor Report and the annual review of the ICT risk management framework.

France

Autorite de Controle Prudentiel et de Resolution

Show thumbnailShow full textSourceAdd to collection

Show thumbnail