2019-09-12

Reporting of Material Information Technology and Cyber Incidents

The Prudential Authority issued Directive D2/2019 to mandate standardized reporting of material information technology and cyber incidents by banks, controlling companies, and foreign branches. Institutions must establish robust governance structures and incident management frameworks to ensure adequate oversight of critical IT functions and infrastructure. Upon discovering a material event, entities must notify the Authority within one day, submit a standardized report form, and provide a detailed root cause and impact analysis within 14 days.

South Africa

South African Reserve Bank

Show thumbnailShow full textSourceAdd to collection

Show thumbnail