Consultation paper on Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents (JC 2023 68)

Comparison of Draft Technical Standards: Consultation Paper vs Final Report

The ESAs second set of technical standards under the DORA aimed at enhancing the digital operational resilience of the EU financial sector by strengthening financial entities’ ICT and third-party risk management and incident reporting frameworks.

RTS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats	Consultation	Final Report	Comparison
ITS on the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats	Consultation	Final Report	Comparison
RTS on the harmonization of conditions enabling the conduct of the oversight activities	Consultation	Final Report	Comparison
RTS specifying the criteria for determining the composition of the joint examination team (JET)	Consultation	Final Report	Comparison
RTS on threat-led penetration testing (TLPT)	Consultation	Final Report	Comparison
Guidelines on the estimation of aggregated costs/losses caused by major ICT-related incidents	Consultation	Final Report	Comparison
Guidelines on oversight cooperation	Consultation	Final Report	Comparison

Consultation dated 27 November 2023 and made available 8 December 2023.

Accompanying documents

Digital Operational Resilience Act (DORA): public consultation on the second batch of policy products
Consultation paper on Joint draft RTS on subcontracting ICT services supporting critical or important functions (JC 2023 67)
Consultation on Joint draft RTS on the harmonisation of conditions enabling the conduct of the oversight activities (JC 2023 69)
Consultation paper on Joint draft technical standards on major incident reporting (JC 2023 70)
Consultation paper on Joint draft guidelines on the oversight cooperation and information exchange between the ESAs and the competent authorities (JC 2023 71)
Consultation paper on Joint draft RTS specifying elements related to threat led penetration tests (JC 2023 72)

Comparing proposed amendment...


	1. Executive Summary
	Next steps
	2. Background and rationale
	Background
	Rationale
	Estimation of gross and net costs and losses in its interplay with other mandates under DORA
	Determining the timeframe and data source for the estimation of annual costs and losses
	3. Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents
	Status of these Joint Guidelines
	Reporting Requirements
	Title I - Subject matter, scope, addressees, and definitions
	Subject matter and Scope of application
	Addressees
	Definitions
	Title II - Implementation
	Date of application
	Title III - Provisions on the estimation of aggregated annual costs and losses of major ICT-related incidents
	Annex: Reporting template for gross and net costs and losses in an accounting year
	4. Accompanying documents
	4.1 Cost-Benefit Analysis / Impact Assessment
	4.2 Overview of questions for consultation

Page overview

RELATED

Document overview

Set a date to view the document

Text comparison

Print / Export Options

Export

Report template

Bookmarks

Search within this document

Consultation paper on Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents (JC 2023 68)

Request a trial

The best way to experience Better Regulation is to try it - free and without obligation.

Set a date to view the document

Text comparison

Print / Export Options

Export

Report template

Bookmarks

Search within this document

Share

Consultation paper on Joint Guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents (JC 2023 68)

Log in

Request a trial

The best way to experience Better Regulation is to try it - free and without obligation.