ICT third-party service providers
9.1 Within 30 working days following the receipt of the annual oversight plan according to point 7.1, competent authorities should submit to the Lead Overseer a list of measures concerning critical ICT third-party providers which they plan to take during the period covered by the annual oversight plan.
9.2 Where competent authorities intend to take measures concerning the critical ICT third-party provider in addition to those included in the list referred to in point 9.1, competent authorities should submit to the Lead Overseer an updated list of measures concerning critical ICT third- party providers.
9.3 The list of measures referred to in points 9.1 and 9.2 should include the following information for every envisaged measure:
• the name of the relevant critical ICT third-party provider;
• the name of the financial entity using the relevant critical ICT third-party provider;
• description and envisaged reasonable timeline of the measure;
• re
…