Source: OJ L, 2025/301, 20.2.2025
ENRTS on incident reporting
Commission Delegated Regulation (EU) 2025/301
of 23 October 2024
supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council
with regard to regulatory technical standards specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats
Table of contents
Preamble 1 – 9Recitals
- Articles
- Article 1General information to be provided in initial notifications and intermediate and final reports on major ICT-related incidents
- Article 2Specific information to be provided in initial notifications
- Article 3Specific information to be provided in intermediate reports
- Article 4Article Specific information to be provided in final reports
- Article 5Time limits for the initial notification, and for the intermediate and final reports
- Article 6Content of the voluntary notification of significant cyber threats
- Article 7Entry into force