EU DORA RTS - Third party contractual arrangements

Rule Collection

Sets out the detailed requirements for the policy that financial entities will need to have in place in connection with their use of ICT third-party service providers supporting critical or important functions.

Rule Overview

Jurisdiction: European Union

Regulator: ESMA

Topic: Resilience

Overview
Rules in This Collection
Notable
Latest News
Further Reading

The policy is to be a part of the financial entity’s ICT risk management framework, is to apply on an individual and, where relevant, sub-consolidated and consolidated basis and must be regularly reviewed.

Article 1
Risk profile and complexity
Article 2
Group application
Article 3
Governance arrangements
Article 4
Contract life cycle
Article 5
Ex-ante risk assessment
Article 6
Due diligence
Article 7
Conflicts of interest
Article 8
Contractual clauses
Article 9
Monitoring arrangements
Article 10
Exit and termination
Notable
Your DORA questions answered – Business resilience more broadly

Your DORA questions answered – Business resilience more broadly

This fifth of a series of articles covering a practical session organised by Ashurst focuses on business resilience questions connected to DORA.

Your DORA questions answered – CIFs

Your DORA questions answered – CIFs

This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.

Your DORA questions answered – ICT services in scope

Your DORA questions answered – ICT services in scope

This second of a series of six articles covering a practical session organised by Ashurst focuses on the ICT services in scope of DORA.

Technology

Your DORA questions answered – Business resilience more broadly

Technology

Your DORA questions answered – CIFs

Technology

Your DORA questions answered – ICT services in scope

Latest News More on DORA