Beta

Source: OJ L 333, 27.12.2022, p. 1–79

EN

Recital 47 Flexibility in ICT risk management models

Inspired by relevant international, national and industry best practices, guidelines, recommendations and approaches to the management of cyber risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident;, this Regulation promotes a set of principles that facilitate the overall structure of ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management. Consequently, as long as the main capabilities which financial entitiesas defined in Article 2, points (a) to (t) put in place address the various functions in the ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management (identification, protection and prevention, detection, response and recovery, learning and evolving and communication) set out in this Regulation, financial entitiesas defined in Article 2, points (a) to (t) should remain free to use ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management models that are differently framed or categorised.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod