1. For the purposes of carrying out the duties laid down in this Section, the Lead Overseer shall have the following powers in respect of the critical ICT third-party service providers:
(a) to request all relevant information and documentation in accordance with Article 37;
(b) to conduct general investigations and inspections in accordance with Articles 38 and 39, respectively;
(c) to request, after the completion of the oversight activities, reports specifying the actions that have been taken or the remedies that have been implemented by the critical ICT third-party service providers in relation to the recommendations referred to in point (d) of this paragraph;
(d) to issue recommendations on the areas referred to in Article 33(3), in particular concerning the following:
(i) the use of specific ICT security and quality requirements or processes, in particular in relation to the roll-out of patches, updates, encryption and other security measures which the Lead Overseer deems relev
…