Managing ICT third-party risk under DORA

September 25, 202314 min read

Requirements imposed on financial services institutions when procuring ICT services from third parties – regulation and best practice.

In this third article of our series on the EU’s Digital Operational Resilience Act (DORA), we look at the requirements imposed on financial services institutions when procuring ICT services from third parties. This article is written from the perspective of the financial services institutions themselves. However, it will

This

Critical third parties, Digital Operational Resilience Act, DORA, DORA Article 28, DORA Article 28(1)(b), DORA Article 3(18), DORA Article 3(21), DORA Article 3(5), DORA Article 30(1), DORA Article 30(2), DORA Article 4(2)t, DORA Recital 2, DORA Recital 29, DORA Recital 63, EBA, ESMA, EU, ICT risk, Network and Information Systems Regulations, NIS2, Operational resilience, PRA, Third-party risk management, UK

Subscribe to continue reading

Subscribe for free to read a limited selection of articles like this one, or get a premium plan for unlimited access to all of them and more.

Subscribe Sign in

What you get with a premium plan:

Ad-free experience across all content
Daily regulatory insight and practical guidance
Unlimited access to all articles
Exclusive interviews, event coverage, and in-depth analysis
Every podcast and video featuring trusted industry experts
Full set of Rules Navigator tools

Latest News

Former pharma CEO agrees $30k settlement with SEC over fraud allegations

DOJ fraud division launches west coast healthcare fraud ‘strike force’

DOJ and CFTC bring first parallel insider trading cases, signaling new enforcement era

Latest News

Former pharma CEO agrees $30k settlement with SEC over fraud allegations

FDA issues ‘largest-ever’ testing results for US infant formula

DOJ program invites data-mining whistleblowers

Latest News

Strategic privacy KPIs: Aligning metrics with program goals

"The most effective programs are built on principles that translate across borders," says Ericka Watson

UK government concerned about AI-driven cyber threats in wake of Mythos arrival

Latest News

A comprehensive guide to the FCA’s new non-financial misconduct rules

Podcast: Samantha Gloede, Global Head of Risk Services, KPMG

SIFMA Compliance and Legal Conference – a candid appraisal

Latest News

DOJ fraud division launches west coast healthcare fraud ‘strike force’

FDA issues ‘largest-ever’ testing results for US infant formula

DOJ and CFTC bring first parallel insider trading cases, signaling new enforcement era

Managing ICT third-party risk under DORA

Subscribe to continue reading

What you get with a premium plan: