2025-04-09
Added · Updated
The CSSF issued Circular 25/882 to establish specific requirements for financial entities subject to the Digital Operational Resilience Act regarding their use of ICT third-party services. This directive mandates compliance with operational resilience standards to mitigate risks associated with external technology providers. The regulation aims to ensure that financial entities maintain robust ICT risk management frameworks in accordance with DORA provisions.
Published on 9 April 2025
Email this
Share this on LinkedIn
Share this on Facebook
CSSF circular
on requirements on the use of ICT third-party services for Financial Entities subject to the Digital Operational Resilience Act (DORA)
PDF (229.95Kb)
PDF (261.02Kb)