Source: OJ L 333, 27.12.2022, p. 153–163
ENRecital 8 Amendments to the UCITS and AIFM directives
Directives 2009/138/EC and (EU) 2016/2341 partially capture ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; within their general provisions on governance and risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; management, leaving certain requirements to be specified through delegated acts with or without specific references to ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment;. Similarly, only very general rules apply to managers of alternative investment funds means a manager of alternative investment funds as defined in Article 4(1), point (b), of Directive 2011/61/EU; subject to Directive 2011/61/EU and management companies means a management company as defined in Article 2(1), point (b), of Directive 2009/65/EC; subject to Directive 2009/65/EC. Those Directives should therefore be aligned with the requirements laid down in Regulation (EU) 2022/2554 with regard to the management of ICT systems and tools.