Source: OJ L, 2024/1774, 25.6.2024
ENRecital 22 Holistic ICT business contiuity view
When developing an ICT business continuity policy, financial entitiesas defined in Article 2, points (a) to (t) referred to in Title II of this Regulation should take into account the essential components means software or hardware intended for integration into an electronic information system; of ICT risk means any reasonably identifiable circumstance in relation to the use of network and information systems which, if materialised, may compromise the security of the network and information systems, of any technology dependent tool or process, of operations and processes, or of the provision of services by producing adverse effects in the digital or physical environment; management, including ICT-related incident means a single event or a series of linked events unplanned by the financial entity that compromises the security of the network and information systems, and have an adverse impact on the availability, authenticity, integrity or confidentiality of data, or on the services provided by the financial entity; management and communication strategies, the ICT change management process, and risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; associated with ICT third-party service providers means an undertaking providing ICT services;.