ESAs Publish Second Batch of Policy Products under DORA

ESAs Publish Second Batch of Policy Products under DORA

By Ez-XBRL Team 29 July, 2024
news

July 17, 2024

The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) published the second batch of policy products under the Digital Operational Resilience Act (DORA). This batch consists of four final draft regulatory technical standards (RTS), one set of Implementing Technical Standards (ITS) and 2 guidelines, all of which aim at enhancing the digital operational resilience of the EU’s financial sector.

The package focuses on the reporting framework for ICT-related incidents (reporting clarity, templates) and threat-led penetration testing while also introducing some requirements on the design of the oversight framework, which enhance the digital operational resilience of the EU financial sector, thus also ensuring continuous and uninterrupted provision of financial services to customers and safety of their data.

The ESAs are publishing the following final draft technical standards :
– RTS and ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats;
– RTS on the harmonization of conditions enabling the conduct of the oversight activities;
– RTS specifying the criteria for determining the composition of the joint examination team (JET); and
– RTS on threat-led penetration testing (TLPT).

The set of guidelines include :
– Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents; and
– Guidelines on oversight cooperation.

To find out more details please visit : https://www.eiopa.europa.eu/