By Dr. Sebastiaan Niels Hooghiemstra*
In May 2022, a provisional agreement on the Digital Operational Resilience Act (DORA) was reached that intends to introduce an upgraded and streamlined framework for the use of ICT by financial entities. The new framework targets a broad scope of EU financial entities and includes requirements related to (i) internal governance and ICT risk management, (ii) ICT-related incidents, (iii) digital operational resilience testing, (iv) information sharing, as well as (v) (critical) ICT third-party service providers. Although not yet finally adopted (expected before year-end), this contribution seeks on the basis of the finalized text that was published in June 2022, to provide an overview of its requirements and its impact on ...
|