Beta

Source: OJ L, 2024/1772, 25.6.2024

EN

Recital 2 Principle of proportionality

In order to ensure proportionality, the classification criteria and the materiality thresholds should reflect the size and overall risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; profile, and the nature, scale and complexity of the services of all financial entitiesas defined in Article 2, points (a) to (t). Moreover, the criteria and materiality thresholds should be designed in such a way that they apply consistently to all financial entitiesas defined in Article 2, points (a) to (t), irrespective of their size and risk means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; profile, and do not pose unproportional reporting burden to smaller financial entitiesas defined in Article 2, points (a) to (t). However, in order to address situations where a significant number of clients are affected by an incident means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; which as such does not exceed the applicable threshold, an absolute threshold mainly targeted at larger financial entitiesas defined in Article 2, points (a) to (t) should be set out.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod