Version status: In force | Document consolidation status: No known changes
Version date: 18 September 2018 - onwards
Regulation 21 Security measures to be taken by relevant digital service providers
DRAFT To be revoked Head 49 - Revoke S.I. 360 of 2018 of the General Scheme - National Cyber Security Bill 2024
View:
(1) A relevant digital service provider shall identify and take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems used by it when offering a service set out in Schedule 2 in the Union.
(2) The measures to be taken under paragraph (1) shall, having regard to the state of the art -
(a) ensure a level of security of network and information systems appropriate to the risk posed, and
(b) take into account the following in accordance with the Implementing Regulation:
(i) the security of systems and facilities;
(iii) business continuity management;
(iv) monitoring, auditing and testing;
(v) compliance with international standards.