2024-03-29

DORA Update 3: ICT Risk Management

The Dutch Authority for the Financial Markets (AFM) issued this third update to guide financial entities on complying with the Digital Operational Resilience Act (DORA) ICT risk management requirements by the January 17, 2025 deadline. The document details the implementation of ICT risk management frameworks, Business Continuity Management, and specific regulatory technical standards covering asset management, encryption, and access control. It further distinguishes between full compliance obligations and the simplified framework available for smaller, non-complex institutions.

Netherlands

Autoriteit Financiele Markten

Show thumbnailShow full textSourceAdd to collection

Show thumbnail