Beta

Source: OJ L, 2024/1774, 25.6.2024

EN

Recital 13 Responsible vulnerability disclosure

To ensure timely and transparent communication of potential security threats that could impact the financial entity and its stakeholders, financial entities should establish procedures for the responsible disclosure of ICT vulnerabilitiesmeans a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited; to clients, counterparts, and the public. When establishing those procedures, financial entities should consider factors, including the severity of the vulnerabilitymeans a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited;, the potential impact of such vulnerabilitymeans a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited; on stakeholders, and the readiness of a fix or mitigation measures.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

springlex@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod