Beta

Source: OJ L, 2024/1774, 25.6.2024

EN

Recital 13 Responsible vulnerability disclosure

To ensure timely and transparent communication of potential security threats that could impact the financial entity and its stakeholders, financial entitiesas defined in Article 2, points (a) to (t) should establish procedures for the responsible disclosure of ICT vulnerabilities means a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited; to clients, counterparts, and the public. When establishing those procedures, financial entitiesas defined in Article 2, points (a) to (t) should consider factors, including the severity of the vulnerability means a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited;, the potential impact of such vulnerability means a weakness, susceptibility or flaw of an asset, system, process or control that can be exploited; on stakeholders, and the readiness of a fix or mitigation measures.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod