1. European
  2. Legislation (EU)
  3. EU Regulations
  4. 2022
Date-stamp loading
  1. Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance) (Digital Operational Resilience Act (DORA) / Regulation on digital operational resilience for the financial sector)
  2. Chapter V Managing of ICT third-party risk (arts. 28-44)
Previous Next

Chapter V Managing of ICT third-party risk (arts. 28-44)

Comparing proposed amendment...
Section I Key principles for a sound management of ICT third-party risk (arts. 28-30)
Entered into force
 Article 28 General principles
Entered into force
 Article 29 Preliminary assessment of ICT concentration risk at entity level
Entered into force
 Article 30 Key contractual provisions
Section II Oversight Framework of critical ICT third-party service providers (arts. 31-44)
Entered into force
 Article 31 Designation of critical ICT third-party service providers
Entered into force
 Article 32 Structure of the Oversight Framework
Entered into force
 Article 33 Tasks of the Lead Overseer
Entered into force
 Article 34 Operational coordination between Lead Overseers
Entered into force
 Article 35 Powers of the Lead Overseer
Entered into force
 Article 36 Exercise of the powers of the Lead Overseer outside the Union
Entered into force
 Article 37 Request for information
Entered into force
 Article 38 General investigations
Entered into force
 Article 39 Inspections
Entered into force
 Article 40 Ongoing oversight
Entered into force
 Article 41 Harmonisation of conditions enabling the conduct of the oversight activities
Entered into force
 Article 42 Follow-up by competent authorities
Entered into force
 Article 43 Oversight fees
Entered into force
 Article 44 International cooperation
Previous Next