Your DORA questions answered – Business resilience more broadly
This fifth of a series of articles covering a practical session organised by Ashurst focuses on business resilience questions connected to DORA.
Please enjoy this free trial of our subscription content service, for a limited time only.
EU DORA RTS - third party contractual arrangements - Art 8
DORA Article 30(2)-(3) outlines the minimum elements that must be included in any contractual arrangements on the use of ICT services:
The policy needs to specify that the contractual arrangements must include:
The final responsibility for inspection, audit and testing rests with the financial entity who can employ the following in order to carry these out:
The financial entity cannot only rely on third party certification or reports supplied by the ICT third-party service provider and these can only be used if the financial entity:
Any material changes to these arrangements must be:
By all parties
Your DORA questions answered – Business resilience more broadly
This fifth of a series of articles covering a practical session organised by Ashurst focuses on business resilience questions connected to DORA.
Thomas Hyrkiel3 min read
Your DORA questions answered – CIFs
This third of a series of six articles covering a practical session organised by Ashurst focuses on critical or important functions.
Thomas Hyrkiel4 min read
Your DORA questions answered – Extraterritoriality and interaction with existing rules
This last of a series of six articles covering a practical session organised by Ashurst focuses on how DORA will interact with existing rules as well as its extraterritorial effects.
Thomas Hyrkiel3 min read
Technology
Your DORA questions answered – Business resilience more broadly
Technology
Your DORA questions answered – CIFs
Technology
Your DORA questions answered – Extraterritoriality and interaction with existing rules
The mass data breach of the infamous Ashley Madison website offers insight into data privacy and cybersecurity.
Alice Wallbank | Shoosmiths5 min read
A faulty code resulted in one of the most widespread tech outages in recent years for companies using Windows.
Julie DiMauro3 min read
The RTSs focus on ICT-incident reporting, ICT risk management and contractual relationships with third-parties supporting critical or important functions
Thomas Hyrkiel1 min read
How mandatory contract provisions under DORA map to existing regulatory regimes in respect of outsourcing arrangements and highlighting some of the gaps.
Ashurst Partner Bradley Rice addressed some of the key practical challenges of DORA at Global Relay’s gathering of compliance professionals.
Thomas Hyrkiel4 min read
Latest State of Application Security report from web security firm Cloudflare reveals the size of the challenge.
Martin Cloake2 min read
An interdisciplinary approach between firms and their service providers is crucial to successfully "tame" DORA says PJ Di Giammarino of JWG.
PJ Di Giammarino | JWG5 min read
Covering application of the Guide; overview of the ECB's supervisory expectations, including governance of cloud services and BCPs; and the DORA timetable.
Further Reading