Beta

Source: OJ L 333, 27.12.2022, p. 80–152

EN

Recital 93 The eIDAS regulation still apply for trust service providers

The cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; obligations laid down in this Directive should be considered to be complementary to the requirements imposed on trust service providers means a trust service provider as defined in Article 3, point (19), of Regulation (EU) No 910/2014; under Regulation (EU) No 910/2014. Trust service providers means a trust service provider as defined in Article 3, point (19), of Regulation (EU) No 910/2014; should be required to take all appropriate and proportionate measures to manage the risks means the potential for loss or disruption caused by an incident and is to be expressed as a combination of the magnitude of such loss or disruption and the likelihood of occurrence of the incident; posed to their services, including in relation to customers and relying third parties, and to report incidents means an incident as defined in Article 6, point (6), of Directive (EU) 2022/2555; under this Directive. Such cybersecurity means cybersecurity as defined in Article 2, point (1), of Regulation (EU) 2019/881; and reporting obligations should also concern the physical protection of the services provided. The requirements for qualified trust service providers means a qualified trust service provider as defined in Article 3, point (20), of Regulation (EU) No 910/2014; laid down in Article 24 of Regulation (EU) No 910/2014 continue to apply.

Table of contents

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Contact us:

dora@springflod.se

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod