Source: OJ L, 2024/2956, 2.12.2024
EN- Digital operational resilience in the financial sector
ICT third-party service providers
- ITS on register of information
Annex III Type of ICT services
When referring to a type of ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; in the templates of the register of information, only the identifier (from S01 to S19) of the relevant type of ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services; shall be reported.
Identifier
Type of ICT services means digital and data services provided through ICT systems to one or more internal or external users on an ongoing basis, including hardware as a service and hardware services which includes the provision of technical support via software or firmware updates by the hardware provider, excluding traditional analogue telephone services;
Description
S01
ICT project management
Provision of services related to Project Management Officer (PMO).
S02
ICT Development
Provision of services related to: business analysis, software means the part of an electronic information system which consists of computer code; design and development, testing.
S03
ICT help desk and first level support
Provision of services related to: helpdesk support and first level support on ICT incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555;
S04
ICT security management services
Provision of services related to: ICT security (protection, detection, response and recovering), including security incident handling means any actions and procedures aiming to prevent, detect, analyse, and contain or to respond to and recover from an incident; and forensics.
S05
Provision of data
Subscription to the services of data providers. (digital data service)
S06
Data analysis
Provision of services related to the support for data analysis. (digital data service)
S07
ICT, facilities and hosting services (excluding Cloud services)
Provision of ICT infrastructure, facilities and hosting services, including the provision of utilities (energy, heat management etc.), telecom access and physical security (excluding cloud services), payment-processing activities, or operating payment infrastructures
S08
Computation
Provision of digital processing capabilities (including data computation), excluding the computation services performed in the context of a cloud environment.
S09
Non-Cloud Data storage
Provision of data storage platform (excluding cloud services).
S10
Telecom carrier
Operations for telecommunication systems and flow management. Traditional analogue telephone services are explicitly excluded pursuant to Article 3, point (21), of Regulation (EU) 2022/2554
S11
Network infrastructure
Provision of network infrastructure
S12
Hardware means a physical electronic information system, or parts thereof capable of processing, storing or transmitting digital data; and physical devices
Provision of workstations, phones, servers, data storage devices, appliances, etc. in a form of a service
S13
Software means the part of an electronic information system which consists of computer code; licencing (excluding SaaS)
Provision of software means the part of an electronic information system which consists of computer code; run on premises.
S14
ICT operation management (including maintenance)
Provision of services related to: infrastructure (systems and hardware means a physical electronic information system, or parts thereof capable of processing, storing or transmitting digital data; except network) configuration, maintenance, installing, capacity management, business continuity management, etc.
Including Managed Service Providers means an entity that provides services related to the installation, management, operation or maintenance of ICT products, networks, infrastructure, applications or any other network and information systems, via assistance or active administration carried out either on customers’ premises or remotely; (MSP)
S15
ICT Consulting
Provision of intellectual / ICT expertise services.
S16
ICT Risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management
Verification of compliance with ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management requirements in accordance with Article 6(10) of Regulation (EU) 2022/2554
S17
Cloud services: IaaS
Infrastructure-as-a-Service
S18
Cloud services: PaaS
Platform-as-a-Service
S19
Cloud services: SaaS
Software-as-a-Service
Springlex and this text is meant purely as a documentation tool and has no legal effect. No liability is assumed for its content. The authentic version of this act is the one published in the Official Journal of the European Union.