Beta

Source: OJ L, 2024/1774, 25.6.2024

EN

Recital 20 Incident evidence retention

To facilitate ICT-related incidents means a single event or a series of linked events unplanned by the financial entity that compromises the security of the network and information systems, and have an adverse impact on the availability, authenticity, integrity or confidentiality of data, or on the services provided by the financial entity; detection, financial entitiesas defined in Article 2, points (a) to (t) should retain evidence of those incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555;. To ensure, on the one hand, that such evidence is retained sufficiently long and to avoid, on the other hand, an excessive regulatory burden, financial entitiesas defined in Article 2, points (a) to (t) should determine the retention period considering, among other things, the criticality of the data and retention requirements stemming from Union law.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod