The three European Supervisory Authorities (ESAs) published, on January 17th, the first package of regulatory technical standards, with a view to implementing the provisions that reinforce the digital operational resilience framework in the European Union, established by the DORA Regulation (Regulation (EU) 2022/2554).
The First Package of Regulatory Instruments (RTS) encompasses the following matters:
- ICT risk management,
- the classification of serious cyber incidents as well as cyber threats considered to be significant,
- the policy on ICT services in support of critical functions provided by third parties,
- the Implementing Technical Standards (ITS), which set out the templates for recording information.
The RTS are available here and the First Package of Regulatory Instruments (RTS) is available here.