Source: OJ L, 2024/1774, 25.6.2024
EN
RTS on ICT risk management framework
Commission Delegated Regulation (EU) 2024/1774
of 13 March 2024
supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council
with regard to regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework
Table of contents
Preamble
1 – 30Recitals- Title IGeneral principle
- Title IIFurther harmonisation of ICT risk management tools, methods, processes, and policies in accordance with Article 15 of Regulation (EU) 2022/2554
- Chapter IICT security policies, procedures, protocols, and tools
- Section 1
- Section 2
- Section 3ICT asset management
- Section 4Encryption and cryptography
- Section 5ICT operations security
- Section 6Network security
- Section 7ICT project and change management
- Section 8
- Chapter IIHuman resources policy and access control
- Chapter IIIICT-related incident detection and response
- Chapter IVICT business continuity management
- Chapter VReport on the ICT risk management framework review
- Title IIISimplified ICT risk management framework for financial entities referred to in Article 16(1) of Regulation (EU) 2022/2554
- Chapter ISimplified ICT risk management framework
- Chapter IIFurther elements of systems, protocols, and tools to minimise the impact of ICT risk
- Chapter IIIICT business continuity management
- Chapter IVReport on the review of the simplified ICT risk management framework
- Title IVFinal provisions