Beta

Source: OJ L, 2024/1502, 30.5.2024

EN

Recital 2 Importance of activities supported by ICT services

The extent to which an ICT service provided by an ICT third-party service provider means an undertaking providing ICT services; supports critical or important functions means a function, the disruption of which would materially impair the financial performance of a financial entity, or the soundness or continuity of its services and activities, or the discontinued, defective or failed performance of that function would materially impair the continuing compliance of a financial entity with the conditions and obligations of its authorisation, or with its other obligations under applicable financial services law; of the financial entity is considered a crucial element of the criticality assessment in general. Therefore, the importance of the activities of the financial entitiesas defined in Article 2, points (a) to (t) that are supported by ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; should be integrated in all sub-criteria considered as part of the first step. Consequently, there should not be a distinct quantitative assessment related to the criticality of the functions of the financial entitiesas defined in Article 2, points (a) to (t) as part of the first step of the assessment. Instead, it is appropriate that the ESAsEuropean Supervisory Authority consider the criticality and importance of the functions of the financial entitiesas defined in Article 2, points (a) to (t) supported by ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; as part of the qualitative second step of the assessment.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod